Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/fH8LOg0NG1twqfLDuX_BwkHzi1k.roa
File: fH8LOg0NG1twqfLDuX_BwkHzi1k.roa (raw, json)
Hash identifier: XFHbE6oyZfr5i19WNfJ88B6cZbJGQrjyOQSOiW/ZnPI=
Subject key identifier: 7C:7F:0B:3A:0D:0D:1B:5B:70:A9:F2:C3:B9:7F:C1:C2:41:F3:8B:59
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 3748754C
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/fH8LOg0NG1twqfLDuX_BwkHzi1k.roa
Signing time: Sat 01 Jan 2022 05:59:24 +0000
ROA not before: Sat 01 Jan 2022 05:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208027
IP address blocks: 213.192.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927495500 (0x3748754c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c7f0b3a0d0d1b5b70a9f2c3b97fc1c241f38b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:29:3c:99:8e:b7:f2:c8:71:25:ef:0b:5b:b0:
aa:3d:13:2c:65:9d:a3:88:e7:16:6e:66:4a:58:2c:
1b:85:ff:48:7c:3a:0c:cf:75:ae:43:21:68:cf:ea:
ca:38:fd:ce:de:f5:4c:73:d1:ea:c3:11:dd:25:cd:
51:00:9f:c5:a0:98:fc:65:a0:47:b8:9c:e0:31:f4:
42:f8:07:b5:04:91:cf:2d:2c:12:c2:5f:1a:a0:be:
2d:8d:cd:ce:2c:7c:62:d0:dd:67:f9:0b:a4:9a:ce:
8f:1c:4a:87:df:ca:62:05:0d:da:3f:56:cd:92:49:
58:d4:1e:00:38:65:0a:e3:53:52:16:24:18:c0:7b:
89:a2:9c:8f:af:b1:56:33:98:da:e9:b7:99:ea:f7:
16:f6:75:5a:fa:c3:d7:8d:a6:ad:ee:22:32:46:6c:
d5:0d:c6:e8:04:39:64:bc:e3:be:25:32:2a:b3:bc:
7c:13:43:0b:d8:8b:34:fc:05:c2:e2:af:a3:85:ee:
5c:ff:41:ff:b7:0b:c7:8e:3a:39:1a:cb:8d:48:68:
19:3f:32:1b:15:90:a2:29:eb:c2:3d:81:d7:f7:fd:
86:d9:49:23:4a:da:59:83:ae:b1:b6:75:a5:84:3a:
a9:b4:ae:7a:f0:01:c0:91:3c:4d:1b:f6:e1:b6:67:
40:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7F:0B:3A:0D:0D:1B:5B:70:A9:F2:C3:B9:7F:C1:C2:41:F3:8B:59
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/fH8LOg0NG1twqfLDuX_BwkHzi1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
87:ab:59:2f:19:07:f5:a9:09:cb:47:61:c2:36:e2:2d:3a:2c:
be:3d:1f:9d:3f:51:65:c0:d5:83:0f:74:19:cd:b1:d8:03:53:
b5:01:3f:38:f6:82:89:75:75:ac:94:c2:8b:64:87:18:b2:58:
26:dd:b0:8b:d9:a8:a0:11:db:26:e0:08:00:e9:c6:c9:2e:5e:
f5:32:19:cb:da:f9:95:34:27:40:db:e9:28:90:b5:50:9c:63:
17:85:db:69:d8:60:6a:41:8d:4b:ed:df:cb:c0:1e:26:2f:e0:
76:1f:f0:ea:b4:be:43:7f:f0:f1:b5:03:4f:52:d4:32:c9:c5:
15:d8:9a:df:86:2a:56:9c:de:74:6d:ac:ce:0a:13:b8:f8:f8:
0a:36:c6:8a:2f:f0:d6:ec:97:20:64:ea:b1:4a:04:66:d0:76:
d6:86:ae:67:e9:2f:cd:69:f6:b0:82:e4:03:10:35:a6:5d:83:
0d:e4:52:c7:72:a1:2c:74:a2:25:e7:f9:3d:23:41:60:94:f3:
79:67:13:34:15:77:0a:e4:32:8a:1b:09:7f:f0:5d:1a:dc:5c:
b8:ca:7f:81:8b:fd:8a:c9:f3:f5:cc:c6:64:3a:59:16:18:35:
d2:3e:c9:7b:34:d8:2a:25:1f:33:28:43:6f:60:12:e7:a1:97:
a4:b3:a1:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN0h1TDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M3ZjBiM2EwZDBk
MWI1YjcwYTlmMmMzYjk3ZmMxYzI0MWYzOGI1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkpPJmOt/LIcSXvC1uwqj0TLGWdo4jnFm5mSlgsG4X/SHw6
DM91rkMhaM/qyjj9zt71THPR6sMR3SXNUQCfxaCY/GWgR7ic4DH0QvgHtQSRzy0s
EsJfGqC+LY3Nzix8YtDdZ/kLpJrOjxxKh9/KYgUN2j9WzZJJWNQeADhlCuNTUhYk
GMB7iaKcj6+xVjOY2um3mer3FvZ1WvrD142mre4iMkZs1Q3G6AQ5ZLzjviUyKrO8
fBNDC9iLNPwFwuKvo4XuXP9B/7cLx446ORrLjUhoGT8yGxWQoinrwj2B1/f9htlJ
I0raWYOusbZ1pYQ6qbSuevABwJE8TRv24bZnQBMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR8fws6DQ0bW3Cp8sO5f8HCQfOLWTAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L2ZIOExPZzBORzF0d3FmTER1WF9Cd2tIemkxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXA1jANBgkqhkiG9w0BAQsFAAOC
AQEAh6tZLxkH9akJy0dhwjbiLTosvj0fnT9RZcDVgw90Gc2x2ANTtQE/OPaCiXV1
rJTCi2SHGLJYJt2wi9mooBHbJuAIAOnGyS5e9TIZy9r5lTQnQNvpKJC1UJxjF4Xb
adhgakGNS+3fy8AeJi/gdh/w6rS+Q3/w8bUDT1LUMsnFFdia34YqVpzedG2szgoT
uPj4CjbGii/w1uyXIGTqsUoEZtB21oauZ+kvzWn2sILkAxA1pl2DDeRSx3KhLHSi
Jef5PSNBYJTzeWcTNBV3CuQyihsJf/BdGtxcuMp/gYv9isnz9czGZDpZFhg10j7J
ezTYKiUfMyhDb2AS56GXpLOhaA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:23 2025 by rpki-client