Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/NkGxXdHN93HveXk30PdMGcvVmuE.roa
File: NkGxXdHN93HveXk30PdMGcvVmuE.roa (raw, json)
Hash identifier: wX1f62O8d22fDw+aShwzDFG6mMenXCJ7X6QxtTdznk8=
Subject key identifier: 36:41:B1:5D:D1:CD:F7:71:EF:79:79:37:D0:F7:4C:19:CB:D5:9A:E1
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 085D6AB9
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/NkGxXdHN93HveXk30PdMGcvVmuE.roa
Signing time: Sat 01 Jan 2022 10:54:25 +0000
ROA not before: Sat 01 Jan 2022 10:54:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34685
IP address blocks: 80.78.80.0/20 maxlen: 24
2a01:7f0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140339897 (0x85d6ab9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 1 10:54:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3641b15dd1cdf771ef797937d0f74c19cbd59ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8c:33:6c:14:50:72:6a:3e:29:2a:a8:80:29:
62:ef:4c:62:92:8a:61:2a:ca:c2:e2:78:a0:22:17:
58:88:82:74:39:3e:25:38:ed:e5:48:ca:58:94:ec:
af:1a:25:72:0c:65:22:ce:41:71:23:56:ee:63:ed:
2b:6d:0d:c8:9d:5f:57:e7:d0:b2:b7:9f:a8:ff:91:
64:ec:80:56:87:a4:2e:a5:34:cb:d4:08:29:5e:2d:
16:31:10:c9:20:25:b2:1f:91:fc:ef:68:6d:16:c8:
8d:0e:ea:f3:fe:f2:87:03:2a:06:7d:43:78:c2:23:
24:2e:06:12:31:25:17:56:09:6e:5c:7f:42:b7:8f:
0a:be:9f:a1:6a:a2:2c:d7:52:70:cf:e7:b0:25:54:
ef:a1:e7:db:b1:e7:d1:4b:fa:9d:ba:72:c8:2f:d8:
8a:1d:3e:66:0e:0d:eb:b5:04:7e:a4:db:90:b7:06:
fb:94:71:d6:55:27:8b:b3:02:85:80:12:e8:46:33:
4d:2d:87:9d:83:9e:07:46:81:2c:03:35:dc:75:c5:
27:b8:e8:18:3b:b3:e7:cf:9b:23:4e:b1:fa:22:21:
1f:5c:e2:7a:e9:52:cc:c4:9f:8d:dd:6e:05:71:59:
05:90:86:fb:2c:cb:51:8e:f8:0e:b9:71:1f:aa:8b:
8b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:41:B1:5D:D1:CD:F7:71:EF:79:79:37:D0:F7:4C:19:CB:D5:9A:E1
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/NkGxXdHN93HveXk30PdMGcvVmuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.80.0/20
IPv6:
2a01:7f0::/32
Signature Algorithm: sha256WithRSAEncryption
83:65:db:28:a4:7c:20:87:2d:e5:a4:4b:e8:b2:b3:52:83:33:
b0:0d:a6:65:e7:e6:69:68:39:38:e1:5d:d6:2d:3f:4c:87:ae:
c7:b8:a7:9d:0c:b6:1e:67:7a:94:3a:55:3e:f5:65:24:81:55:
d2:09:03:a5:c4:62:b6:99:41:08:c3:b2:88:95:03:99:68:49:
d0:6f:04:b6:bb:66:c3:bd:e9:e5:1c:49:cf:64:29:06:40:f2:
a3:7b:9e:d2:b4:33:8a:95:7c:93:32:58:a1:66:da:f3:7d:ec:
44:ed:e9:e1:a5:9d:df:b9:e0:4f:10:8a:d3:f3:2f:8a:14:10:
6c:d2:ac:af:85:39:29:9e:5b:af:f3:e7:52:73:11:1d:f1:cb:
63:bf:a2:bf:63:26:1b:f4:50:27:27:98:4f:0f:54:34:c2:45:
cc:6a:a8:bd:d9:a1:b4:8e:ff:1c:09:e5:4d:0a:53:f8:1a:04:
97:06:b2:c7:32:27:d0:be:ad:30:c4:3f:d2:d8:f8:b8:48:23:
c5:e8:c2:71:e0:3d:04:c8:aa:9a:8e:63:30:24:ca:af:cf:c4:
f9:70:03:03:c2:16:d1:25:79:00:8c:ae:79:0f:17:a4:3d:72:
22:28:31:85:99:a4:40:5e:d8:e8:8e:04:c1:c4:b2:0d:35:c4:
dc:36:9f:44
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECF1quTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDVmZjljYzg5YzY2YThhM2E1ZDczNGEwZDY1YzYxZmRjODUxOGJlMB4XDTIyMDEw
MTEwNTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY0MWIxNWRkMWNk
Zjc3MWVmNzk3OTM3ZDBmNzRjMTljYmQ1OWFlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSMM2wUUHJqPikqqIApYu9MYpKKYSrKwuJ4oCIXWIiCdDk+
JTjt5UjKWJTsrxolcgxlIs5BcSNW7mPtK20NyJ1fV+fQsrefqP+RZOyAVoekLqU0
y9QIKV4tFjEQySAlsh+R/O9obRbIjQ7q8/7yhwMqBn1DeMIjJC4GEjElF1YJblx/
QrePCr6foWqiLNdScM/nsCVU76Hn27Hn0Uv6nbpyyC/Yih0+Zg4N67UEfqTbkLcG
+5Rx1lUni7MChYAS6EYzTS2HnYOeB0aBLAM13HXFJ7joGDuz58+bI06x+iIhH1zi
eulSzMSfjd1uBXFZBZCG+yzLUY74DrlxH6qLiy0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ2QbFd0c33ce95eTfQ90wZy9Wa4TAfBgNVHSMEGDAWgBQAX/nMicZqijpd
c0oNZcYf3IUYvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FGXzV6SW5HYW9vNlhYTktEV1hHSDl5RkdMNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZDUzYzc4LTBkNWItNDIzNy05OTk5LTBlMmQ2OTdiMjdlMy8x
L05rR3hYZEhOOTNIdmVYazMwUGRNR2N2Vm11RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZDUzYzc4LTBkNWItNDIzNy05OTk5LTBlMmQ2OTdiMjdlMy8xL0FGXzV6SW5HYW9v
NlhYTktEV1hHSDl5RkdMNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBFBOUDANBAIAAjAHAwUAKgEH8DAN
BgkqhkiG9w0BAQsFAAOCAQEAg2XbKKR8IIct5aRL6LKzUoMzsA2mZefmaWg5OOFd
1i0/TIeux7innQy2Hmd6lDpVPvVlJIFV0gkDpcRitplBCMOyiJUDmWhJ0G8Etrtm
w73p5RxJz2QpBkDyo3ue0rQzipV8kzJYoWba833sRO3p4aWd37ngTxCK0/MvihQQ
bNKsr4U5KZ5br/PnUnMRHfHLY7+iv2MmG/RQJyeYTw9UNMJFzGqovdmhtI7/HAnl
TQpT+BoElwayxzIn0L6tMMQ/0tj4uEgjxejCceA9BMiqmo5jMCTKr8/E+XADA8IW
0SV5AIyueQ8XpD1yIigxhZmkQF7Y6I4EwcSyDTXE3DafRA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:38 2025 by rpki-client