Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/QuhvVAT91v_32nNtpUqUYqTgQIU.roa
File: QuhvVAT91v_32nNtpUqUYqTgQIU.roa (raw, json)
Hash identifier: RcclcvoMLEWVl7WcpxIJR6gyjaCC+Ym2SZJkWNHzytM=
Subject key identifier: 42:E8:6F:54:04:FD:D6:FF:F7:DA:73:6D:A5:4A:94:62:A4:E0:40:85
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0194258F894ADA3E41834BCD18A20F400F08
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/QuhvVAT91v_32nNtpUqUYqTgQIU.roa
Signing time: Thu 02 Jan 2025 05:49:11 +0000
ROA not before: Thu 02 Jan 2025 05:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39134
IP address blocks: 193.32.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:89:4a:da:3e:41:83:4b:cd:18:a2:0f:40:0f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 05:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42e86f5404fdd6fff7da736da54a9462a4e04085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:86:d8:2e:83:a7:97:1e:88:1a:23:63:78:24:
52:92:09:06:c5:bf:72:a2:1c:42:e0:09:9d:53:33:
1b:03:f4:1a:ce:a8:30:8f:cd:23:39:c3:e9:93:59:
03:80:44:2a:5f:37:ac:77:1c:55:8e:5d:29:aa:e7:
d5:1f:29:90:35:d1:8c:84:2b:ff:5b:3d:d4:26:10:
52:10:b3:70:e1:19:d7:e3:b3:65:dd:8f:bc:9a:8e:
bb:32:d3:e6:40:0c:dd:53:ec:22:c0:bb:af:a1:30:
9b:61:90:a6:4f:0c:43:07:94:62:9b:15:56:f5:23:
ad:90:72:d6:b1:82:4c:71:73:0c:15:ac:19:30:b6:
5b:db:20:4c:0f:95:25:b9:73:33:9f:6c:56:dc:8a:
7a:c0:01:d0:8d:0f:c2:7f:1d:18:4c:54:3b:31:a9:
91:18:65:3e:15:a8:4b:f8:a3:26:f6:e2:41:07:92:
5d:ee:91:cd:3a:53:84:df:83:8d:30:e5:cf:de:d8:
a8:56:c6:b7:97:7c:5b:ae:20:f0:33:63:4e:bd:8c:
15:3f:49:62:e8:75:7c:e3:f6:04:b9:bb:0b:1e:8c:
37:e2:63:dd:03:30:15:66:db:1c:64:cc:33:ab:63:
6c:da:ff:a8:8e:43:71:46:18:66:68:d9:31:cd:32:
3c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E8:6F:54:04:FD:D6:FF:F7:DA:73:6D:A5:4A:94:62:A4:E0:40:85
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/QuhvVAT91v_32nNtpUqUYqTgQIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.191.0/24
Signature Algorithm: sha256WithRSAEncryption
23:33:29:57:9f:f6:ec:e5:d8:26:b3:cd:ed:ce:5c:1d:94:38:
bd:12:0d:54:12:35:6f:5d:12:17:af:3f:44:a3:f3:17:5d:5b:
90:ca:96:74:52:31:ff:f5:70:15:d1:9d:23:da:36:c9:34:37:
d4:89:bf:33:b6:d9:57:8c:20:04:48:8c:01:bb:73:85:19:f8:
7b:db:a8:a8:8d:d2:0a:db:3e:44:37:db:22:bc:dd:06:69:9d:
83:82:20:97:67:f9:df:13:f9:b0:d4:8c:10:90:9a:47:7b:8e:
b1:94:e4:89:37:68:52:b8:20:9c:b5:44:5e:b4:1a:2c:a6:a7:
d6:25:a8:31:27:d8:41:1d:e8:5f:78:e1:75:ff:54:8c:1e:a7:
7b:9e:04:0b:85:3f:89:33:af:a0:1e:67:57:38:68:45:6b:97:
c3:54:c3:92:49:94:ef:e0:80:3a:ba:ae:40:97:e3:33:33:c4:
85:16:ac:f6:1c:cb:36:70:b8:30:3a:dd:f1:ba:8c:e4:5f:cf:
fe:19:46:e3:47:6e:54:f5:70:3e:65:4b:a1:64:48:e8:99:6f:
85:e9:92:b8:57:93:b9:53:29:1d:6e:4c:80:ec:6e:e7:b9:0c:
88:32:2c:bd:78:ea:77:cc:38:84:cd:b1:37:04:5c:d1:13:f9:
7c:15:9a:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4lK2j5Bg0vNGKIPQA8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwMTAyMDU0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmU4NmY1NDA0ZmRkNmZmZjdkYTczNmRhNTRhOTQ2MmE0ZTA0MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIbYLoOnlx6IGiNjeCRSkgkGxb9y
ohxC4AmdUzMbA/Qazqgwj80jOcPpk1kDgEQqXzesdxxVjl0pqufVHymQNdGMhCv/
Wz3UJhBSELNw4RnX47Nl3Y+8mo67MtPmQAzdU+wiwLuvoTCbYZCmTwxDB5RimxVW
9SOtkHLWsYJMcXMMFawZMLZb2yBMD5UluXMzn2xW3Ip6wAHQjQ/Cfx0YTFQ7MamR
GGU+FahL+KMm9uJBB5Jd7pHNOlOE34ONMOXP3tioVsa3l3xbriDwM2NOvYwVP0li
6HV84/YEubsLHow34mPdAzAVZtscZMwzq2Ns2v+ojkNxRhhmaNkxzTI8xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELob1QE/db/99pzbaVKlGKk4ECFMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvUXVodlZBVDkxdl8zMm5OdHBVcVVZcVRnUUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSC/MA0G
CSqGSIb3DQEBCwUAA4IBAQAjMylXn/bs5dgms83tzlwdlDi9Eg1UEjVvXRIXrz9E
o/MXXVuQypZ0UjH/9XAV0Z0j2jbJNDfUib8zttlXjCAESIwBu3OFGfh726iojdIK
2z5EN9sivN0GaZ2DgiCXZ/nfE/mw1IwQkJpHe46xlOSJN2hSuCCctURetBospqfW
JagxJ9hBHehfeOF1/1SMHqd7ngQLhT+JM6+gHmdXOGhFa5fDVMOSSZTv4IA6uq5A
l+MzM8SFFqz2HMs2cLgwOt3xuozkX8/+GUbjR25U9XA+ZUuhZEjomW+F6ZK4V5O5
UykdbkyA7G7nuQyIMiy9eOp3zDiEzbE3BFzRE/l8FZr+
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:51 2025 by rpki-client