Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/yB-xiE86GsAhrB64aORZhkn0dW8.roa
File: yB-xiE86GsAhrB64aORZhkn0dW8.roa (raw, json)
Hash identifier: VkwPMpPYRcToec5DD5LUU7uSuLhByrqWTcAw5+09JZg=
Subject key identifier: C8:1F:B1:88:4F:3A:1A:C0:21:AC:1E:B8:68:E4:59:86:49:F4:75:6F
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 37E1CA10
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/yB-xiE86GsAhrB64aORZhkn0dW8.roa
Signing time: Wed 09 Mar 2022 09:05:39 +0000
ROA not before: Wed 09 Mar 2022 09:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49538
IP address blocks: 213.192.236.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937544208 (0x37e1ca10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Mar 9 09:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c81fb1884f3a1ac021ac1eb868e4598649f4756f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:bd:b6:14:db:57:ef:e8:6a:09:6c:20:c1:91:
42:64:72:b5:af:ec:1d:57:de:c8:08:d3:cc:95:8e:
4c:ea:48:b9:a1:3a:88:73:f7:24:18:b5:5e:8c:10:
3e:91:f9:ec:10:79:d1:c3:ff:51:09:24:e9:98:6f:
6f:81:a0:45:7e:00:d1:08:56:7c:13:5a:21:ab:5e:
ba:ca:a1:9a:bb:8f:6a:32:d3:b6:64:5b:10:a6:42:
c9:7c:15:be:53:3c:f2:54:59:25:b3:4b:66:2e:dc:
81:a0:2e:75:c5:4d:23:2b:ca:ac:12:b7:1b:7b:67:
cf:59:ad:47:5e:f4:cb:e5:a3:e0:5a:b5:00:36:8d:
8d:15:a9:da:c5:fe:63:e9:96:a8:48:e9:15:11:74:
f0:ac:22:e6:5e:68:e0:e8:b0:b9:eb:04:91:de:03:
ce:b0:bd:1e:ac:cc:d8:4d:f5:3d:7e:92:1a:17:c9:
f2:08:92:4b:b1:c1:94:39:97:06:6e:77:c6:76:9e:
f6:8b:22:a5:68:cb:c1:2a:29:87:a9:2f:3e:ff:4e:
0b:79:56:1d:eb:f3:d2:4d:be:00:76:c4:47:a8:1a:
3a:ac:5a:9e:e3:76:e4:c9:a4:97:9a:72:77:6b:bf:
85:68:04:78:cc:40:1b:20:ab:10:e0:d1:14:8e:32:
58:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:1F:B1:88:4F:3A:1A:C0:21:AC:1E:B8:68:E4:59:86:49:F4:75:6F
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/yB-xiE86GsAhrB64aORZhkn0dW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.236.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:a4:3d:03:d2:0a:4d:6d:c8:f7:d7:9f:9e:7b:c0:a0:c4:76:
1b:d6:56:12:eb:33:3b:2d:93:71:f7:19:34:f5:8b:d0:49:df:
2e:5c:fd:89:09:b6:87:d3:91:d8:2f:83:f9:1e:a7:73:46:9b:
08:ad:50:17:8b:46:e1:54:a9:35:dd:e0:c0:d2:98:0e:4f:4c:
f3:c9:a1:da:e5:5c:f2:d0:08:e9:48:60:b0:a9:87:78:7e:dd:
46:07:00:bc:97:92:6b:9b:9d:2d:cf:bb:bb:af:23:14:24:80:
a8:64:37:e0:43:04:e8:da:58:11:4e:79:fe:11:02:53:59:15:
54:8b:5d:6f:59:8d:ad:d3:02:65:07:f6:4e:ce:56:01:7e:37:
b0:17:a4:b3:06:2b:03:de:23:66:d4:56:9e:ae:49:d4:b0:00:
d0:6d:40:ab:43:59:00:b5:52:ec:62:12:5c:20:0a:11:eb:7b:
58:f6:19:bb:30:63:79:69:42:d0:61:24:e2:f1:33:e8:d2:46:
88:4c:b3:98:b0:88:ab:82:c3:3e:ea:bc:a4:de:c8:b3:24:ed:
a4:99:84:cc:7c:04:aa:7d:64:2f:5d:9a:d2:c3:8a:7d:c5:42:
70:1d:92:9b:16:13:69:3f:54:8b:24:9b:9c:54:45:0e:99:29:
f9:be:63:8d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN+HKEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDMw
OTA5MDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzgxZmIxODg0ZjNh
MWFjMDIxYWMxZWI4NjhlNDU5ODY0OWY0NzU2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANu9thTbV+/oaglsIMGRQmRyta/sHVfeyAjTzJWOTOpIuaE6
iHP3JBi1XowQPpH57BB50cP/UQkk6Zhvb4GgRX4A0QhWfBNaIateusqhmruPajLT
tmRbEKZCyXwVvlM88lRZJbNLZi7cgaAudcVNIyvKrBK3G3tnz1mtR170y+Wj4Fq1
ADaNjRWp2sX+Y+mWqEjpFRF08Kwi5l5o4OiwuesEkd4DzrC9HqzM2E31PX6SGhfJ
8giSS7HBlDmXBm53xnae9osipWjLwSoph6kvPv9OC3lWHevz0k2+AHbER6gaOqxa
nuN25Mmkl5pyd2u/hWgEeMxAGyCrEODRFI4yWO8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTIH7GITzoawCGsHrho5FmGSfR1bzAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L3lCLXhpRTg2R3NBaHJCNjRhT1JaaGtuMGRXOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdXA7DANBgkqhkiG9w0BAQsFAAOC
AQEAmqQ9A9IKTW3I99efnnvAoMR2G9ZWEuszOy2TcfcZNPWL0EnfLlz9iQm2h9OR
2C+D+R6nc0abCK1QF4tG4VSpNd3gwNKYDk9M88mh2uVc8tAI6UhgsKmHeH7dRgcA
vJeSa5udLc+7u68jFCSAqGQ34EME6NpYEU55/hECU1kVVItdb1mNrdMCZQf2Ts5W
AX43sBekswYrA94jZtRWnq5J1LAA0G1Aq0NZALVS7GISXCAKEet7WPYZuzBjeWlC
0GEk4vEz6NJGiEyzmLCIq4LDPuq8pN7IsyTtpJmEzHwEqn1kL12a0sOKfcVCcB2S
mxYTaT9UiySbnFRFDpkp+b5jjQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:36 2025 by rpki-client