Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/TobJ_egxvTYNF7YaCmiNupg5Sz8.roa
File: TobJ_egxvTYNF7YaCmiNupg5Sz8.roa (raw, json)
Hash identifier: 9t4LQz1tK5p2iASmNSMUDaxSKLOoA7XOV5PWWnwGU5k=
Subject key identifier: 4E:86:C9:FD:E8:31:BD:36:0D:17:B6:1A:0A:68:8D:BA:98:39:4B:3F
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 3744DACB
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/TobJ_egxvTYNF7YaCmiNupg5Sz8.roa
Signing time: Sat 01 Jan 2022 05:59:21 +0000
ROA not before: Sat 01 Jan 2022 05:59:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49635
IP address blocks: 213.192.233.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927259339 (0x3744dacb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e86c9fde831bd360d17b61a0a688dba98394b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c7:12:9f:57:6f:0d:37:80:42:db:26:db:42:
11:31:cd:bd:25:15:7c:ab:84:5c:95:e0:61:2e:3a:
00:32:6e:9b:53:ba:b6:56:d4:45:6a:d4:02:4f:2d:
e4:d0:b7:26:a7:55:37:1d:eb:61:7c:aa:5e:0b:21:
69:3e:f8:f5:8a:90:14:c9:d9:f3:e6:62:b0:7f:e4:
1d:52:e1:97:eb:6b:0d:16:c3:64:a0:3d:d9:dd:9e:
e9:80:7e:10:10:af:ab:40:74:7d:25:65:15:ae:15:
d6:d4:fd:cd:67:93:cd:0a:ac:c4:0e:91:fe:4f:07:
7f:48:83:34:cd:c1:ce:33:46:a3:d4:ef:dc:18:25:
3d:18:1f:1b:31:4c:5a:92:96:88:59:1d:f8:e2:a1:
6d:22:c2:07:73:ab:b4:2a:07:9e:73:7a:30:db:af:
a4:c3:d2:29:cf:cb:b6:4c:ed:78:36:ee:ed:d7:54:
ec:43:ae:2d:2a:99:05:12:95:16:74:20:e1:17:54:
14:69:0d:0c:80:c4:d7:c8:5f:22:89:33:60:eb:2c:
29:7c:63:ad:d6:db:82:59:dc:3b:81:61:9e:f2:44:
f2:01:51:f2:ba:54:05:87:fc:94:de:55:80:8e:53:
43:1d:95:fa:26:c1:d5:d7:8e:cd:15:ed:57:b2:f5:
00:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:86:C9:FD:E8:31:BD:36:0D:17:B6:1A:0A:68:8D:BA:98:39:4B:3F
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/TobJ_egxvTYNF7YaCmiNupg5Sz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.233.0/24
Signature Algorithm: sha256WithRSAEncryption
87:85:e7:2b:ee:f3:f6:e6:e9:35:23:85:2d:b8:0f:ec:f1:82:
04:f7:66:fa:11:f7:71:87:96:58:cc:9a:19:3b:2b:dc:ae:4c:
2f:e3:b5:db:f9:b1:3a:92:6e:b9:a5:cf:ae:d0:28:0a:0b:3b:
72:89:e2:fc:f4:30:c3:ad:a7:89:16:7a:61:df:05:7e:a2:61:
92:8d:47:59:16:60:90:c2:1a:5e:56:b1:5d:3b:f1:b6:8e:62:
86:35:e2:ae:5d:71:56:b2:05:c7:cd:a2:4b:6f:ad:21:f8:89:
81:54:19:cb:9b:36:94:bc:9f:8c:d1:72:70:5d:63:7c:65:0f:
06:de:b6:b8:c8:99:71:a6:1c:58:f8:d5:a0:1a:70:ea:c6:d6:
68:37:15:fa:3e:d5:b0:33:58:03:d4:8a:d8:a0:7c:fd:04:96:
1c:02:79:12:4a:84:4b:cf:84:50:14:bc:f9:df:23:89:8e:1f:
23:5f:6a:06:91:bb:26:63:90:c3:24:08:0c:8a:05:be:0a:6b:
95:a4:7f:c6:5b:ce:85:9d:2c:f6:1d:45:79:48:c6:a7:ac:3d:
5b:5a:56:cc:3d:65:72:a4:c4:c9:86:e0:39:d1:a4:44:1e:fa:
77:96:d5:49:48:a0:b5:aa:a7:dc:5a:95:38:97:f9:f3:8d:bc:
d6:89:de:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN0TayzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU4NmM5ZmRlODMx
YmQzNjBkMTdiNjFhMGE2ODhkYmE5ODM5NGIzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvHEp9Xbw03gELbJttCETHNvSUVfKuEXJXgYS46ADJum1O6
tlbURWrUAk8t5NC3JqdVNx3rYXyqXgshaT749YqQFMnZ8+ZisH/kHVLhl+trDRbD
ZKA92d2e6YB+EBCvq0B0fSVlFa4V1tT9zWeTzQqsxA6R/k8Hf0iDNM3BzjNGo9Tv
3BglPRgfGzFMWpKWiFkd+OKhbSLCB3OrtCoHnnN6MNuvpMPSKc/LtkzteDbu7ddU
7EOuLSqZBRKVFnQg4RdUFGkNDIDE18hfIokzYOssKXxjrdbbglncO4FhnvJE8gFR
8rpUBYf8lN5VgI5TQx2V+ibB1deOzRXtV7L1AC8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBROhsn96DG9Ng0XthoKaI26mDlLPzAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L1RvYkpfZWd4dlRZTkY3WWFDbWlOdXBnNVN6OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXA6TANBgkqhkiG9w0BAQsFAAOC
AQEAh4XnK+7z9ubpNSOFLbgP7PGCBPdm+hH3cYeWWMyaGTsr3K5ML+O12/mxOpJu
uaXPrtAoCgs7coni/PQww62niRZ6Yd8FfqJhko1HWRZgkMIaXlaxXTvxto5ihjXi
rl1xVrIFx82iS2+tIfiJgVQZy5s2lLyfjNFycF1jfGUPBt62uMiZcaYcWPjVoBpw
6sbWaDcV+j7VsDNYA9SK2KB8/QSWHAJ5EkqES8+EUBS8+d8jiY4fI19qBpG7JmOQ
wyQIDIoFvgprlaR/xlvOhZ0s9h1FeUjGp6w9W1pWzD1lcqTEyYbgOdGkRB76d5bV
SUigtaqn3FqVOJf584281onewg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:42 2025 by rpki-client