Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/R6-Pq88sZCyat2jbmSXus5KIJ9c.roa
File: R6-Pq88sZCyat2jbmSXus5KIJ9c.roa (raw, json)
Hash identifier: Oen7A3uUROlhP0puAqAerDdGuDSDZ+3A/5XxXj/Yp90=
Subject key identifier: 47:AF:8F:AB:CF:2C:64:2C:9A:B7:68:DB:99:25:EE:B3:92:88:27:D7
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 373DFB69
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/R6-Pq88sZCyat2jbmSXus5KIJ9c.roa
Signing time: Sat 01 Jan 2022 05:59:16 +0000
ROA not before: Sat 01 Jan 2022 05:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8827
IP address blocks: 212.80.184.0/24 maxlen: 24
213.9.158.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 926808937 (0x373dfb69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47af8fabcf2c642c9ab768db9925eeb3928827d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:83:56:8a:db:a5:b7:95:67:5d:ef:b9:28:00:
0e:23:f4:19:be:aa:a0:3f:57:39:07:6c:3f:9c:6b:
14:f1:20:ec:a0:f2:50:96:85:4f:cc:53:ac:52:09:
a7:14:47:c4:b9:fc:16:64:f8:7b:ed:53:ea:4b:fe:
0e:40:26:b4:96:28:89:88:7c:84:29:00:44:52:83:
a2:5a:d2:a2:9d:04:2b:9e:5c:f4:8c:e5:81:7b:4c:
7c:0f:6a:c3:8b:33:1d:e4:94:2d:17:f1:1a:b2:ce:
50:67:e8:a7:c1:42:88:91:72:07:36:cc:65:78:3f:
50:d6:3c:aa:11:ad:a2:07:34:23:f9:e0:c4:8d:3b:
53:0d:8b:a4:24:69:6d:fc:5d:4b:91:67:82:44:b5:
85:c0:b7:b2:e0:8b:5a:e2:a4:77:2b:9b:66:47:1d:
f8:41:04:6a:8d:a8:61:64:8b:3b:64:0c:1a:0d:0c:
e4:c6:97:54:22:a8:88:bc:41:ea:da:ce:4f:44:13:
b1:78:74:ab:6d:5a:6f:62:0a:28:65:58:ca:af:7c:
71:f4:ab:16:03:33:be:1c:4e:be:97:60:df:68:d4:
33:09:5b:fb:4d:47:3f:87:b5:c1:69:10:20:e6:8d:
d2:5e:82:62:0f:fa:0c:b6:a8:8d:3a:14:67:63:5c:
ae:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AF:8F:AB:CF:2C:64:2C:9A:B7:68:DB:99:25:EE:B3:92:88:27:D7
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/R6-Pq88sZCyat2jbmSXus5KIJ9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.80.184.0/24
213.9.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:88:b7:49:04:f2:4c:cc:46:de:1c:bc:e3:de:74:b0:b6:b2:
69:0c:bb:f6:1f:91:ae:fa:08:42:9c:ae:53:cc:f2:75:57:a3:
f5:70:f0:85:5e:16:1e:eb:7b:44:60:e1:e4:d3:2f:64:ba:7c:
1f:55:98:f4:e4:ba:5f:c4:0f:9c:44:3c:b7:50:da:90:cd:e3:
d4:4c:32:34:8c:3a:92:ad:fa:80:cf:07:80:25:49:f0:36:db:
42:5d:18:90:86:46:f9:fd:11:c7:e6:f1:d1:5f:4c:89:c1:ff:
34:98:a0:1b:1d:29:50:17:a0:32:e4:be:be:d9:95:18:ef:56:
f7:bd:48:04:2a:84:25:ed:d4:c6:6c:c1:43:0e:64:5f:f5:81:
54:e8:5a:7b:52:28:c3:b6:bf:1a:7d:ed:7b:ab:7d:f1:73:0d:
52:ff:da:c3:d1:a9:0e:17:63:5e:49:73:c2:3c:04:a8:cb:d0:
01:5c:cf:9c:bc:9d:77:82:c4:e5:2c:16:4b:0f:c6:31:3c:cc:
2d:90:ac:37:9a:ee:29:37:90:14:20:11:f3:46:79:b0:80:73:
2e:7a:66:0e:b9:b7:7d:75:ac:b7:8c:a3:65:8b:69:5d:b9:ae:
46:bc:1e:cb:ea:f3:be:26:8a:47:2f:4d:7a:87:25:61:cd:c2:
6e:73:e1:24
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENz37aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdhZjhmYWJjZjJj
NjQyYzlhYjc2OGRiOTkyNWVlYjM5Mjg4MjdkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI6DVorbpbeVZ13vuSgADiP0Gb6qoD9XOQdsP5xrFPEg7KDy
UJaFT8xTrFIJpxRHxLn8FmT4e+1T6kv+DkAmtJYoiYh8hCkARFKDolrSop0EK55c
9IzlgXtMfA9qw4szHeSULRfxGrLOUGfop8FCiJFyBzbMZXg/UNY8qhGtogc0I/ng
xI07Uw2LpCRpbfxdS5FngkS1hcC3suCLWuKkdyubZkcd+EEEao2oYWSLO2QMGg0M
5MaXVCKoiLxB6trOT0QTsXh0q21ab2IKKGVYyq98cfSrFgMzvhxOvpdg32jUMwlb
+01HP4e1wWkQIOaN0l6CYg/6DLaojToUZ2NcrtMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRHr4+rzyxkLJq3aNuZJe6zkogn1zAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L1I2LVBxODhzWkN5YXQyamJtU1h1czVLSUo5Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANRQuAMEANUJnjANBgkqhkiG9w0B
AQsFAAOCAQEApYi3SQTyTMxG3hy84950sLayaQy79h+RrvoIQpyuU8zydVej9XDw
hV4WHut7RGDh5NMvZLp8H1WY9OS6X8QPnEQ8t1DakM3j1EwyNIw6kq36gM8HgCVJ
8DbbQl0YkIZG+f0Rx+bx0V9MicH/NJigGx0pUBegMuS+vtmVGO9W971IBCqEJe3U
xmzBQw5kX/WBVOhae1Iow7a/Gn3te6t98XMNUv/aw9GpDhdjXklzwjwEqMvQAVzP
nLydd4LE5SwWSw/GMTzMLZCsN5ruKTeQFCAR80Z5sIBzLnpmDrm3fXWst4yjZYtp
XbmuRrwey+rzviaKRy9NeoclYc3CbnPhJA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:51 2025 by rpki-client