Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/e197fc-7bf1-4ec5-ab4e-5cabe6d54c93/1/qbVFsIjOSSXofokCZLVDXqfpIhE.roa
File: qbVFsIjOSSXofokCZLVDXqfpIhE.roa (raw, json)
Hash identifier: xREzuVxZkDVn+nhbbcWXFYp/v1Wqrd9Pqt5VhaTf8o0=
Subject key identifier: A9:B5:45:B0:88:CE:49:25:E8:7E:89:02:64:B5:43:5E:A7:E9:22:11
Certificate issuer: /CN=f25b336456b47dfc0f39dc91a6b882a4aabbeab3
Certificate serial: 01869D8861C565925C0EAC381411E032484D
Authority key identifier: F2:5B:33:64:56:B4:7D:FC:0F:39:DC:91:A6:B8:82:A4:AA:BB:EA:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8lszZFa0ffwPOdyRpriCpKq76rM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/e197fc-7bf1-4ec5-ab4e-5cabe6d54c93/1/qbVFsIjOSSXofokCZLVDXqfpIhE.roa
Signing time: Wed 01 Mar 2023 14:16:46 +0000
ROA not before: Wed 01 Mar 2023 14:16:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 194.76.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:88:61:c5:65:92:5c:0e:ac:38:14:11:e0:32:48:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f25b336456b47dfc0f39dc91a6b882a4aabbeab3
Validity
Not Before: Mar 1 14:16:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9b545b088ce4925e87e890264b5435ea7e92211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5b:d2:c3:2d:57:9b:3d:9a:3c:ce:3c:94:30:
f4:54:ef:63:c6:e8:71:98:97:9b:3b:a8:d0:38:08:
95:f4:0c:95:59:80:5e:7b:b4:d1:2e:94:8e:fd:ec:
4d:b9:86:c0:73:a3:9b:3b:1e:c5:34:9c:3e:04:33:
84:20:3b:d8:52:f0:c9:67:42:87:e8:13:1e:6a:97:
a9:40:06:65:87:c6:ee:8d:1f:9a:25:3e:f3:e4:d3:
98:d0:77:21:20:98:95:e2:82:45:50:f4:7b:3c:32:
e3:8e:9b:b0:d6:d9:0c:df:15:5d:ae:c5:0b:65:ad:
77:b6:07:de:45:ef:7a:02:ab:ef:98:31:ff:78:89:
9c:8d:14:ab:fe:ec:0f:c6:31:22:95:3a:46:d0:8c:
6a:a9:ec:73:aa:c0:a2:50:f6:e5:74:6c:cb:7e:a5:
57:54:76:63:5b:aa:7a:f1:a0:21:c7:67:52:4c:1e:
ad:3a:c8:96:f1:22:e4:eb:32:ce:72:f1:92:15:d3:
c5:34:97:db:5e:e6:50:ed:30:03:52:16:55:8e:54:
f0:6d:9b:bd:72:06:9c:63:5d:47:2f:60:8f:d8:e5:
a5:11:17:97:76:81:7a:41:42:44:f0:47:ad:8c:5b:
77:c0:a5:ea:26:18:0a:d9:ef:c8:75:83:f7:4c:ed:
6b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B5:45:B0:88:CE:49:25:E8:7E:89:02:64:B5:43:5E:A7:E9:22:11
X509v3 Authority Key Identifier:
keyid:F2:5B:33:64:56:B4:7D:FC:0F:39:DC:91:A6:B8:82:A4:AA:BB:EA:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8lszZFa0ffwPOdyRpriCpKq76rM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e197fc-7bf1-4ec5-ab4e-5cabe6d54c93/1/qbVFsIjOSSXofokCZLVDXqfpIhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e197fc-7bf1-4ec5-ab4e-5cabe6d54c93/1/8lszZFa0ffwPOdyRpriCpKq76rM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.217.0/24
Signature Algorithm: sha256WithRSAEncryption
25:f3:fe:7c:44:9e:6d:cb:02:12:da:05:45:5f:1f:e0:93:29:
10:44:ea:2d:84:03:77:2a:44:56:e8:1c:10:db:eb:e6:44:b4:
ae:f0:34:38:78:29:9e:84:17:b8:40:45:76:45:13:1f:74:69:
ab:fc:c7:f8:2f:74:89:e6:f9:94:8a:19:6d:65:21:82:70:1f:
aa:78:23:dc:1e:0f:20:87:da:75:7f:f5:b7:de:02:e2:48:ab:
89:1a:c0:14:cb:21:32:4a:11:f3:71:5c:aa:e8:93:72:74:32:
08:fd:61:29:2a:80:a0:61:3c:d1:0d:ce:58:9f:38:5a:04:02:
7d:a0:4d:ee:79:a4:6c:eb:09:f6:b8:5f:73:df:13:17:26:b2:
f1:b7:2b:76:7c:f6:fb:99:74:a0:34:9d:b2:0c:15:45:7b:0e:
76:f2:0b:a2:d9:bd:6a:7f:8e:6e:2a:db:a0:52:e7:67:05:05:
52:a3:d3:95:9f:6b:a1:ac:ec:23:db:21:34:66:4f:de:ff:86:
9c:e7:78:61:e2:e2:1a:2e:0f:3a:38:aa:15:54:a9:e9:8d:6b:
1b:5c:db:d6:17:c1:e2:66:9f:cc:62:69:e4:84:03:1d:1a:de:
bb:9e:0b:67:5f:82:80:77:f2:01:79:ad:d6:90:73:fc:07:5b:
6f:b0:fa:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYadiGHFZZJcDqw4FBHgMkhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNWIzMzY0NTZiNDdkZmMwZjM5ZGM5MWE2Yjg4MmE0YWFi
YmVhYjMwHhcNMjMwMzAxMTQxNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWI1NDViMDg4Y2U0OTI1ZTg3ZTg5MDI2NGI1NDM1ZWE3ZTkyMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlvSwy1Xmz2aPM48lDD0VO9jxuhx
mJebO6jQOAiV9AyVWYBee7TRLpSO/exNuYbAc6ObOx7FNJw+BDOEIDvYUvDJZ0KH
6BMeapepQAZlh8bujR+aJT7z5NOY0HchIJiV4oJFUPR7PDLjjpuw1tkM3xVdrsUL
Za13tgfeRe96AqvvmDH/eImcjRSr/uwPxjEilTpG0IxqqexzqsCiUPbldGzLfqVX
VHZjW6p68aAhx2dSTB6tOsiW8SLk6zLOcvGSFdPFNJfbXuZQ7TADUhZVjlTwbZu9
cgacY11HL2CP2OWlEReXdoF6QUJE8EetjFt3wKXqJhgK2e/IdYP3TO1r0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKm1RbCIzkkl6H6JAmS1Q16n6SIRMB8GA1UdIwQY
MBaAFPJbM2RWtH38Dznckaa4gqSqu+qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGxzelpGYTBmZndQT2R5UnByaUNwS3E3NnJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9lMTk3ZmMtN2JmMS00ZWM1LWFiNGUt
NWNhYmU2ZDU0YzkzLzEvcWJWRnNJak9TU1hvZm9rQ1pMVkRYcWZwSWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9lMTk3ZmMtN2JmMS00ZWM1LWFiNGUtNWNhYmU2ZDU0Yzkz
LzEvOGxzelpGYTBmZndQT2R5UnByaUNwS3E3NnJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkzZMA0G
CSqGSIb3DQEBCwUAA4IBAQAl8/58RJ5tywIS2gVFXx/gkykQROothAN3KkRW6BwQ
2+vmRLSu8DQ4eCmehBe4QEV2RRMfdGmr/Mf4L3SJ5vmUihltZSGCcB+qeCPcHg8g
h9p1f/W33gLiSKuJGsAUyyEyShHzcVyq6JNydDII/WEpKoCgYTzRDc5YnzhaBAJ9
oE3ueaRs6wn2uF9z3xMXJrLxtyt2fPb7mXSgNJ2yDBVFew528gui2b1qf45uKtug
UudnBQVSo9OVn2uhrOwj2yE0Zk/e/4ac53hh4uIaLg86OKoVVKnpjWsbXNvWF8Hi
Zp/MYmnkhAMdGt67ngtnX4KAd/IBea3WkHP8B1tvsPoE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:45 2025 by rpki-client