Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/CvfmZwRnokKy9ldZi7taoaISXNE.roa
File: CvfmZwRnokKy9ldZi7taoaISXNE.roa (raw, json)
Hash identifier: vC18tKGLOBnHgm/NvfbmlkqkIPOwQ52hZLQqWQy0QcE=
Subject key identifier: 0A:F7:E6:67:04:67:A2:42:B2:F6:57:59:8B:BB:5A:A1:A2:12:5C:D1
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 37464B8D
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/CvfmZwRnokKy9ldZi7taoaISXNE.roa
Signing time: Sat 01 Jan 2022 05:59:22 +0000
ROA not before: Sat 01 Jan 2022 05:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202097
IP address blocks: 213.192.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927353741 (0x37464b8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0af7e6670467a242b2f657598bbb5aa1a2125cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ff:28:e4:c1:7e:fa:60:d8:17:ea:9d:3e:e1:
cb:43:eb:be:54:e0:49:ac:95:46:e1:da:23:b4:7d:
f7:05:d5:f7:26:0e:26:f4:83:ae:94:c0:22:01:b2:
11:09:4c:cc:ca:f7:51:ab:55:77:a3:ef:db:cb:7d:
47:87:09:3a:54:5b:06:7c:8b:a8:fa:9e:c2:ae:1f:
d3:1d:e5:da:0a:23:d5:2a:b8:a2:cf:bc:90:a5:38:
44:36:eb:cd:8c:4a:91:fa:7a:0d:ee:90:cd:2d:6e:
5a:9c:f3:0c:18:7c:30:37:5d:41:c4:1a:10:47:cb:
a6:67:74:d3:5b:4c:ae:99:5c:38:28:e5:9e:37:98:
f1:84:6c:a3:d6:01:9b:6a:bd:f4:d7:d2:41:41:d9:
c1:0f:15:73:9a:7c:31:91:93:3c:ab:e0:b2:d7:33:
e8:d4:91:d8:5c:b1:f0:62:81:43:9e:42:b5:4e:09:
e0:27:20:ca:3a:f7:d7:2f:92:6d:a3:07:87:c6:1c:
0e:2f:42:f3:42:58:00:92:16:34:cb:16:9a:55:ff:
9b:df:fc:74:73:47:fa:f9:5c:12:74:5e:2d:ce:2e:
34:29:55:87:ac:c7:6c:9b:3a:55:a6:81:ca:c2:0d:
ac:30:a5:1d:91:79:64:a8:6a:43:96:4b:a5:a1:0d:
44:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F7:E6:67:04:67:A2:42:B2:F6:57:59:8B:BB:5A:A1:A2:12:5C:D1
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/CvfmZwRnokKy9ldZi7taoaISXNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.243.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:73:df:94:8a:7c:a0:21:46:b3:2e:b8:a2:a4:2c:ae:ba:f7:
78:38:6a:1c:b6:ef:dc:6a:59:61:22:ee:00:92:d1:cf:04:ad:
a2:35:34:2b:f5:63:5a:e8:f9:31:10:68:9a:f7:89:3a:d3:a3:
cf:1f:8a:cf:b7:4a:d1:bb:58:d5:ff:a3:d5:39:fb:fe:b4:91:
bc:ef:18:02:c0:a2:25:c2:17:3c:b4:fd:51:91:76:81:be:43:
ed:57:fb:8c:d2:9f:e7:a2:dc:14:d0:54:b6:a4:a2:84:59:68:
87:a4:3f:75:34:04:c5:ed:29:61:5d:f7:2c:44:e3:78:9b:ba:
04:58:43:d6:c3:98:da:87:f9:56:56:65:ba:90:62:7e:b6:0b:
43:76:a0:7a:ae:5c:51:46:9b:2a:32:6c:d1:e8:e9:a3:98:61:
0a:09:b1:32:5f:5f:f3:29:27:bd:6d:b1:87:87:ef:75:d6:4e:
70:6a:b9:0c:37:36:de:ca:94:eb:49:f9:01:ff:0a:15:09:e3:
c2:c3:0b:f3:f4:3c:cb:fd:d3:d9:86:3a:04:84:3a:9a:db:02:
47:e1:02:66:00:d9:60:a0:68:06:75:69:b5:ec:d4:cf:2d:51:
9c:9b:b6:7f:9c:84:98:30:db:2f:35:23:a0:7b:a7:8a:22:f5:
48:4a:73:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN0ZLjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFmN2U2NjcwNDY3
YTI0MmIyZjY1NzU5OGJiYjVhYTFhMjEyNWNkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKD/KOTBfvpg2BfqnT7hy0PrvlTgSayVRuHaI7R99wXV9yYO
JvSDrpTAIgGyEQlMzMr3UatVd6Pv28t9R4cJOlRbBnyLqPqewq4f0x3l2goj1Sq4
os+8kKU4RDbrzYxKkfp6De6QzS1uWpzzDBh8MDddQcQaEEfLpmd001tMrplcOCjl
njeY8YRso9YBm2q99NfSQUHZwQ8Vc5p8MZGTPKvgstcz6NSR2Fyx8GKBQ55CtU4J
4Ccgyjr31y+SbaMHh8YcDi9C80JYAJIWNMsWmlX/m9/8dHNH+vlcEnReLc4uNClV
h6zHbJs6VaaBysINrDClHZF5ZKhqQ5ZLpaENRH0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQK9+ZnBGeiQrL2V1mLu1qhohJc0TAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L0N2Zm1ad1Jub2tLeTlsZFppN3Rhb2FJU1hORS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXA8zANBgkqhkiG9w0BAQsFAAOC
AQEArHPflIp8oCFGsy64oqQsrrr3eDhqHLbv3GpZYSLuAJLRzwStojU0K/VjWuj5
MRBomveJOtOjzx+Kz7dK0btY1f+j1Tn7/rSRvO8YAsCiJcIXPLT9UZF2gb5D7Vf7
jNKf56LcFNBUtqSihFloh6Q/dTQExe0pYV33LETjeJu6BFhD1sOY2of5VlZlupBi
frYLQ3ageq5cUUabKjJs0ejpo5hhCgmxMl9f8yknvW2xh4fvddZOcGq5DDc23sqU
60n5Af8KFQnjwsML8/Q8y/3T2YY6BIQ6mtsCR+ECZgDZYKBoBnVptezUzy1RnJu2
f5yEmDDbLzUjoHuniiL1SEpzdA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:07 2025 by rpki-client