Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/QOYu8pvwQ-qfUJNVkx20zw9nJxM.roa
File: QOYu8pvwQ-qfUJNVkx20zw9nJxM.roa (raw, json)
Hash identifier: yTEjwZv9dXn5wFx+vn4w7BdLWDrWuSDfpjb8loF5QtQ=
Subject key identifier: 40:E6:2E:F2:9B:F0:43:EA:9F:50:93:55:93:1D:B4:CF:0F:67:27:13
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018572FA5C2D6736529F91DFAA325AC74852
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/QOYu8pvwQ-qfUJNVkx20zw9nJxM.roa
Signing time: Mon 02 Jan 2023 14:54:48 +0000
ROA not before: Mon 02 Jan 2023 14:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44989
IP address blocks: 212.163.144.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5c:2d:67:36:52:9f:91:df:aa:32:5a:c7:48:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 14:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e62ef29bf043ea9f509355931db4cf0f672713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:19:6e:3a:87:b6:8b:fd:4b:d1:53:4d:83:07:
28:8d:ef:49:3c:dc:7b:aa:ee:df:a2:60:2f:e9:40:
42:b2:46:58:1e:91:f7:5e:38:86:5b:a3:ee:56:7d:
27:69:5a:a2:30:26:98:08:73:22:07:b2:a5:e1:87:
e6:c4:3c:e2:5e:31:2c:04:f3:42:99:69:8a:06:05:
61:70:aa:dd:d7:95:55:ca:27:98:67:90:01:c7:17:
a9:b5:fc:c9:88:7d:4c:c7:7d:1f:ff:e7:35:fe:92:
d9:2c:a8:d9:24:12:1c:2a:36:22:d5:f6:8d:10:3a:
19:3b:4b:25:c3:20:8f:99:3f:14:f4:00:f8:94:ef:
89:7f:f1:7a:bf:32:8a:95:aa:4c:1e:f4:ae:ca:de:
69:2b:a1:99:54:a7:24:0a:1b:13:79:b8:0c:4c:e9:
43:fe:36:db:a2:a0:b9:05:7e:3d:91:c3:a7:40:85:
32:3e:9f:c4:a3:74:6a:2d:f2:45:58:33:53:4d:c4:
9a:60:92:e5:25:ea:c8:e1:8a:4f:47:fc:8d:fd:64:
0b:68:d0:b2:72:73:69:32:fb:2d:1c:93:9e:78:d4:
b8:3e:61:e0:33:c4:00:ed:9c:32:7d:a2:1f:f7:c4:
c4:37:1e:06:70:17:b3:6b:63:12:bb:f4:84:21:6f:
c5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E6:2E:F2:9B:F0:43:EA:9F:50:93:55:93:1D:B4:CF:0F:67:27:13
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/QOYu8pvwQ-qfUJNVkx20zw9nJxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.163.144.0/24
Signature Algorithm: sha256WithRSAEncryption
e5:d4:33:ce:65:27:0d:e3:a9:36:79:b0:77:23:dc:9c:11:e1:
4e:c9:2a:88:df:1f:65:c6:9f:3d:1b:aa:19:f1:97:a7:5a:4b:
2d:c5:6b:54:1a:e5:26:96:2c:2c:b0:ec:90:e1:ff:e2:07:a2:
5a:1b:19:db:8a:02:d7:27:f1:db:e7:e2:9d:b5:71:f0:ab:f0:
d1:be:6a:64:b5:b5:a3:85:86:3a:af:d6:46:b0:28:36:11:de:
6a:85:70:17:0b:c8:52:da:f2:5a:3b:63:23:e7:77:1f:82:69:
aa:92:cd:71:15:26:b7:88:1b:04:88:d1:b9:3f:03:61:c9:95:
f5:4c:bb:5c:ee:93:d5:92:5a:22:b6:22:b9:61:b3:be:34:c4:
e8:fb:99:ec:28:8e:78:ac:30:ae:33:0b:74:ef:88:cc:3b:a3:
d3:f2:f6:5e:21:cd:81:ab:28:ec:8f:6c:19:f2:a9:bc:95:8d:
94:a2:d6:78:ec:ee:e4:e3:12:0b:87:98:10:90:e3:8e:78:d8:
36:f9:d6:92:a9:7d:05:f5:64:00:9b:b3:ad:cb:1a:15:6b:2a:
7f:97:2e:fe:02:57:8f:bd:47:ac:22:e3:5e:94:ed:e5:0e:82:
54:55:2d:a8:f6:a4:12:15:3f:79:41:6a:c6:57:14:dd:38:7a:
b8:b0:e2:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+lwtZzZSn5HfqjJax0hSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMTAyMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU2MmVmMjliZjA0M2VhOWY1MDkzNTU5MzFkYjRjZjBmNjcyNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBluOoe2i/1L0VNNgwcoje9JPNx7
qu7fomAv6UBCskZYHpH3XjiGW6PuVn0naVqiMCaYCHMiB7Kl4YfmxDziXjEsBPNC
mWmKBgVhcKrd15VVyieYZ5ABxxeptfzJiH1Mx30f/+c1/pLZLKjZJBIcKjYi1faN
EDoZO0slwyCPmT8U9AD4lO+Jf/F6vzKKlapMHvSuyt5pK6GZVKckChsTebgMTOlD
/jbboqC5BX49kcOnQIUyPp/Eo3RqLfJFWDNTTcSaYJLlJerI4YpPR/yN/WQLaNCy
cnNpMvstHJOeeNS4PmHgM8QA7ZwyfaIf98TENx4GcBeza2MSu/SEIW/FewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDmLvKb8EPqn1CTVZMdtM8PZycTMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvUU9ZdThwdndRLXFmVUpOVmt4MjB6dzluSnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1KOQMA0G
CSqGSIb3DQEBCwUAA4IBAQDl1DPOZScN46k2ebB3I9ycEeFOySqI3x9lxp89G6oZ
8ZenWkstxWtUGuUmliwssOyQ4f/iB6JaGxnbigLXJ/Hb5+KdtXHwq/DRvmpktbWj
hYY6r9ZGsCg2Ed5qhXAXC8hS2vJaO2Mj53cfgmmqks1xFSa3iBsEiNG5PwNhyZX1
TLtc7pPVkloitiK5YbO+NMTo+5nsKI54rDCuMwt074jMO6PT8vZeIc2Bqyjsj2wZ
8qm8lY2UotZ47O7k4xILh5gQkOOOeNg2+daSqX0F9WQAm7OtyxoVayp/ly7+AleP
vUesIuNelO3lDoJUVS2o9qQSFT95QWrGVxTdOHq4sOKg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:51 2025 by rpki-client