Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/H60NlZBf2FVZn8MVN0SPJGVdLmY.roa
File: H60NlZBf2FVZn8MVN0SPJGVdLmY.roa (raw, json)
Hash identifier: GBlPsqoJvWBFwLNRDO8VGBVisJnDkaNtZITa8GU6J1Q=
Subject key identifier: 1F:AD:0D:95:90:5F:D8:55:59:9F:C3:15:37:44:8F:24:65:5D:2E:66
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 37433A2C
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/H60NlZBf2FVZn8MVN0SPJGVdLmY.roa
Signing time: Sat 01 Jan 2022 05:59:20 +0000
ROA not before: Sat 01 Jan 2022 05:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44662
IP address blocks: 213.192.202.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927152684 (0x37433a2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fad0d95905fd855599fc31537448f24655d2e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4b:60:b9:6c:30:8e:49:c1:f2:9e:c5:e1:a2:
f5:71:fc:bf:3e:c3:2b:9f:f0:34:5c:3c:5b:e4:ec:
ee:a2:5a:fb:b1:6f:77:37:be:fd:1f:0f:aa:21:a4:
27:84:f6:6d:4c:2e:6b:97:87:02:36:00:76:7e:09:
12:dc:12:51:bf:6d:2f:34:44:fb:54:3d:e8:61:6a:
c4:0e:cd:ee:58:6c:ad:ff:8d:2b:54:e5:37:39:6e:
9f:8d:23:29:8c:8c:0f:e7:be:7f:81:3b:00:25:c8:
25:35:b0:06:1d:81:de:43:45:ed:ef:cd:07:d7:db:
71:2b:0b:91:0a:85:6f:ce:f6:e2:82:19:88:ec:a7:
e3:3f:78:56:61:11:2a:f6:20:c6:45:fb:17:e0:f4:
72:0b:3f:9e:d9:d2:00:f9:17:d7:20:7c:11:03:77:
c3:b7:5a:c2:36:b3:dc:86:db:83:a5:8c:ca:de:99:
1d:48:47:95:fd:44:44:ba:ae:9d:45:3e:77:c1:46:
ba:c1:e5:17:f1:49:10:c8:ae:1a:7f:58:3f:40:55:
42:57:53:6d:3d:93:4d:89:17:e1:38:81:6f:71:3f:
1d:f8:be:51:42:42:9f:c5:43:a3:f7:bf:74:e5:f6:
00:a5:10:1e:cd:b1:53:39:08:5c:32:cc:a2:d4:1d:
26:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AD:0D:95:90:5F:D8:55:59:9F:C3:15:37:44:8F:24:65:5D:2E:66
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/H60NlZBf2FVZn8MVN0SPJGVdLmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.202.0/24
Signature Algorithm: sha256WithRSAEncryption
45:65:5c:a0:28:00:de:ab:6c:de:fe:4e:79:4f:92:6f:2c:3f:
66:f2:39:0c:43:19:e1:58:65:65:13:5c:3b:03:47:09:a8:d0:
b1:c5:f8:e6:2c:13:e9:61:0d:f6:dd:4a:56:84:f5:0d:2f:b5:
e6:36:d6:79:c4:bc:67:bd:d2:4d:ca:fd:f8:65:06:03:04:84:
7b:b8:c2:42:5c:d6:4e:a3:3b:a2:9d:e1:20:fb:4f:6b:ab:22:
1c:64:17:2b:15:e6:82:01:2b:5d:fc:75:b1:78:ec:b9:32:c8:
40:35:7d:aa:1b:95:70:7c:7b:70:b1:a2:56:2b:a9:37:26:28:
ba:17:e8:ea:8e:a3:5a:84:5f:00:25:fb:fa:f5:da:35:12:3f:
e8:93:8e:89:2a:89:69:f4:ff:37:6e:ad:f6:7b:c7:1b:5f:52:
28:0f:af:51:ba:fd:2e:d9:af:8c:9c:0a:24:16:8b:d1:47:4e:
b6:71:7f:83:09:f3:a6:06:48:27:da:d3:cc:36:e6:b0:1e:f8:
b4:77:7d:30:83:41:b4:41:63:2b:f2:7c:25:9b:cd:5f:e9:eb:
e0:30:e7:26:cc:9b:01:a5:23:da:03:68:21:b5:54:27:9b:d0:
8c:a8:88:98:4c:a9:35:c8:49:99:a4:50:09:2b:62:37:e7:db:
a2:a3:8f:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN0M6LDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZhZDBkOTU5MDVm
ZDg1NTU5OWZjMzE1Mzc0NDhmMjQ2NTVkMmU2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxLYLlsMI5JwfKexeGi9XH8vz7DK5/wNFw8W+Ts7qJa+7Fv
dze+/R8PqiGkJ4T2bUwua5eHAjYAdn4JEtwSUb9tLzRE+1Q96GFqxA7N7lhsrf+N
K1TlNzlun40jKYyMD+e+f4E7ACXIJTWwBh2B3kNF7e/NB9fbcSsLkQqFb8724oIZ
iOyn4z94VmERKvYgxkX7F+D0cgs/ntnSAPkX1yB8EQN3w7dawjaz3Ibbg6WMyt6Z
HUhHlf1ERLqunUU+d8FGusHlF/FJEMiuGn9YP0BVQldTbT2TTYkX4TiBb3E/Hfi+
UUJCn8VDo/e/dOX2AKUQHs2xUzkIXDLMotQdJrMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQfrQ2VkF/YVVmfwxU3RI8kZV0uZjAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L0g2ME5sWkJmMkZWWm44TVZOMFNQSkdWZExtWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXAyjANBgkqhkiG9w0BAQsFAAOC
AQEARWVcoCgA3qts3v5OeU+Sbyw/ZvI5DEMZ4VhlZRNcOwNHCajQscX45iwT6WEN
9t1KVoT1DS+15jbWecS8Z73STcr9+GUGAwSEe7jCQlzWTqM7op3hIPtPa6siHGQX
KxXmggErXfx1sXjsuTLIQDV9qhuVcHx7cLGiViupNyYouhfo6o6jWoRfACX7+vXa
NRI/6JOOiSqJafT/N26t9nvHG19SKA+vUbr9LtmvjJwKJBaL0UdOtnF/gwnzpgZI
J9rTzDbmsB74tHd9MINBtEFjK/J8JZvNX+nr4DDnJsybAaUj2gNoIbVUJ5vQjKiI
mEypNchJmaRQCStiN+fboqOPoA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:36 2025 by rpki-client