Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/ii7K-1125gc7yHfDECuerJaGs4U.roa
File: ii7K-1125gc7yHfDECuerJaGs4U.roa (raw, json)
Hash identifier: A4nNfUMc6D0yr2ej4gwPHXytYVDEBkcClZ0y4freyNw=
Subject key identifier: 8A:2E:CA:FB:5D:76:E6:07:3B:C8:77:C3:10:2B:9E:AC:96:86:B3:85
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 37422557
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/ii7K-1125gc7yHfDECuerJaGs4U.roa
Signing time: Sat 01 Jan 2022 05:59:20 +0000
ROA not before: Sat 01 Jan 2022 05:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41994
IP address blocks: 212.163.10.0/24 maxlen: 25
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927081815 (0x37422557)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a2ecafb5d76e6073bc877c3102b9eac9686b385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fc:32:b4:bd:bc:a9:9d:a4:68:1c:ea:8e:77:
45:7a:ee:9b:29:f8:ec:91:87:c2:90:b9:bb:da:48:
da:1b:b2:af:97:9f:cf:a1:05:f1:fe:06:aa:9b:1e:
8a:ef:fe:ba:c1:12:10:1f:25:02:7e:ce:50:f6:67:
89:09:4c:ee:24:0d:43:3f:b8:b9:48:91:02:9e:00:
7d:b3:76:de:ff:05:9f:b3:71:1e:cf:d6:3a:13:e1:
1b:ab:d7:fd:10:8e:79:0f:d9:ae:0c:b3:03:1b:d9:
cb:71:fa:31:34:9d:c5:4a:f8:14:11:64:24:45:15:
26:93:9e:5d:e8:70:bf:c9:9e:98:65:73:36:8c:46:
cf:4d:a2:e3:bf:2e:d5:f6:f6:bd:20:7e:c0:44:6d:
84:79:99:95:73:ed:bb:0a:90:76:c9:23:72:5b:dd:
15:40:96:99:2a:12:67:f1:71:1f:48:b7:aa:c8:cc:
b7:a6:9c:c4:6e:c2:f9:6d:d6:18:47:19:02:58:f9:
c3:06:ef:d0:82:be:eb:ff:f6:87:9e:e2:98:f6:b9:
ab:3a:3d:4d:a1:f1:02:41:d6:07:9f:4c:14:fb:6a:
d5:b4:8f:bc:f1:a7:ea:db:8b:a8:50:80:9c:28:47:
7e:0d:ae:58:c0:85:04:ad:c6:30:81:98:29:77:4b:
53:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2E:CA:FB:5D:76:E6:07:3B:C8:77:C3:10:2B:9E:AC:96:86:B3:85
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/ii7K-1125gc7yHfDECuerJaGs4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.163.10.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:37:93:50:60:a1:db:bf:fb:4e:38:59:a8:12:c6:28:86:58:
6b:ab:51:a3:27:ca:71:b3:24:83:e7:3a:da:72:e7:12:2b:8a:
f2:d2:b7:da:15:d1:35:7a:07:f2:9b:1a:dd:46:51:bf:d1:02:
d5:9f:cf:12:37:45:65:0c:bc:b1:41:ad:2a:0d:5e:b8:f2:b8:
e8:f6:47:e7:e4:3c:c5:dd:dc:48:b5:6d:1e:2b:de:c5:02:26:
47:9f:61:d3:a3:f4:30:25:65:45:94:ec:83:17:6c:ff:a7:b9:
64:b9:d7:a1:86:de:ff:68:13:a8:25:90:30:69:38:0f:41:ab:
25:f8:a1:0c:8a:28:f2:57:ee:db:dc:d7:ea:42:09:15:93:dc:
84:a1:7b:b7:ff:aa:54:63:7b:64:d0:d0:da:be:33:ee:e7:c8:
87:75:63:97:f6:41:9d:5e:8e:2e:6e:6e:74:02:a6:bd:02:bd:
11:26:ac:35:d7:1d:0d:53:04:a0:7d:7a:05:03:e6:02:75:19:
cf:df:92:0c:6c:d7:67:83:e8:23:17:a6:48:6e:3a:6e:0b:bc:
bf:11:94:ea:1b:01:b7:8e:d9:53:a1:5f:cc:47:64:d9:03:e3:
6f:c0:c8:31:12:29:d3:2c:5d:99:eb:27:ca:44:dd:4c:c7:a2:
07:a8:65:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN0IlVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGEyZWNhZmI1ZDc2
ZTYwNzNiYzg3N2MzMTAyYjllYWM5Njg2YjM4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJr8MrS9vKmdpGgc6o53RXrumyn47JGHwpC5u9pI2huyr5ef
z6EF8f4Gqpseiu/+usESEB8lAn7OUPZniQlM7iQNQz+4uUiRAp4AfbN23v8Fn7Nx
Hs/WOhPhG6vX/RCOeQ/ZrgyzAxvZy3H6MTSdxUr4FBFkJEUVJpOeXehwv8memGVz
NoxGz02i478u1fb2vSB+wERthHmZlXPtuwqQdskjclvdFUCWmSoSZ/FxH0i3qsjM
t6acxG7C+W3WGEcZAlj5wwbv0IK+6//2h57imPa5qzo9TaHxAkHWB59MFPtq1bSP
vPGn6tuLqFCAnChHfg2uWMCFBK3GMIGYKXdLU78CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKLsr7XXbmBzvId8MQK56sloazhTAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L2lpN0stMTEyNWdjN3lIZkRFQ3VlckphR3M0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANSjCjANBgkqhkiG9w0BAQsFAAOC
AQEAxDeTUGCh27/7TjhZqBLGKIZYa6tRoyfKcbMkg+c62nLnEiuK8tK32hXRNXoH
8psa3UZRv9EC1Z/PEjdFZQy8sUGtKg1euPK46PZH5+Q8xd3cSLVtHivexQImR59h
06P0MCVlRZTsgxds/6e5ZLnXoYbe/2gTqCWQMGk4D0GrJfihDIoo8lfu29zX6kIJ
FZPchKF7t/+qVGN7ZNDQ2r4z7ufIh3Vjl/ZBnV6OLm5udAKmvQK9ESasNdcdDVME
oH16BQPmAnUZz9+SDGzXZ4PoIxemSG46bgu8vxGU6hsBt47ZU6FfzEdk2QPjb8DI
MRIp0yxdmesnykTdTMeiB6hlyA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:44 2025 by rpki-client