Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/_7k78ZqtOGzud6V1_AcDQc-E6ZY.roa
File: _7k78ZqtOGzud6V1_AcDQc-E6ZY.roa (raw, json)
Hash identifier: 9MKxUjh0ccOJnVntTw7akQtlg0SKoaGrRChjgz/k8ZE=
Subject key identifier: FF:B9:3B:F1:9A:AD:38:6C:EE:77:A5:75:FC:07:03:41:CF:84:E9:96
Certificate issuer: /CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Certificate serial: 0183F948A86230A8AFCEE3E13F5F1C470A10
Authority key identifier: AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/_7k78ZqtOGzud6V1_AcDQc-E6ZY.roa
Signing time: Fri 21 Oct 2022 06:43:51 +0000
ROA not before: Fri 21 Oct 2022 06:43:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8400
IP address blocks: 93.92.248.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:48:a8:62:30:a8:af:ce:e3:e1:3f:5f:1c:47:0a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Validity
Not Before: Oct 21 06:43:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffb93bf19aad386cee77a575fc070341cf84e996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:32:f5:1e:8f:96:13:91:27:31:9b:a5:78:84:
7b:10:3f:98:a3:13:42:39:12:5c:6a:db:33:20:00:
b4:d0:d5:65:65:47:ca:94:79:6d:f6:02:36:65:4f:
82:68:bd:38:1d:f9:72:f3:80:ab:5d:59:40:98:7b:
cd:33:ef:e0:fa:03:04:8f:10:f6:2a:82:9c:11:57:
38:b6:9a:1b:22:79:78:7c:f2:f4:8c:71:1f:0b:63:
1a:45:b1:fc:12:d5:2d:77:34:7d:2d:2c:4c:2d:24:
ae:87:70:53:22:53:ed:d2:7a:ad:9e:59:50:ed:3a:
c6:a7:83:18:af:a6:44:2c:fc:c7:27:5f:42:94:36:
3b:29:ac:32:6a:d0:a1:d6:6d:b8:49:dd:09:84:ad:
19:69:36:2f:96:e0:9a:9d:25:13:2a:b4:e5:15:a3:
27:ca:d7:6e:64:59:69:45:ba:a9:79:e1:ab:d9:d9:
bb:8a:6b:66:2b:68:64:cb:7b:3a:cc:35:18:75:66:
2a:59:13:c6:0b:be:df:d7:09:b8:4e:6b:4f:36:a8:
8b:fd:da:75:b9:47:a4:2e:0e:a6:50:e5:b5:79:06:
1f:f9:35:27:29:10:69:8e:f9:a3:43:40:09:dd:7f:
39:4e:bc:54:0e:71:cd:1e:c7:8c:2b:13:2b:fb:7e:
c3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B9:3B:F1:9A:AD:38:6C:EE:77:A5:75:FC:07:03:41:CF:84:E9:96
X509v3 Authority Key Identifier:
keyid:AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/_7k78ZqtOGzud6V1_AcDQc-E6ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.92.248.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:99:1a:c6:f2:2e:93:29:4c:8e:7b:e3:f9:ab:de:35:e2:de:
3d:6d:b6:6c:37:55:bd:1c:bc:ee:ba:78:0a:a1:1d:48:0b:8c:
a7:09:b6:cd:b3:53:04:92:75:b2:39:52:40:a0:20:c6:1c:db:
09:31:18:a8:4a:94:aa:05:fa:e6:36:ca:25:26:90:3e:36:a5:
2e:8d:c4:cc:a0:71:da:4c:60:a5:c3:52:1d:2c:c2:7d:c4:fb:
c5:c4:4d:4a:0e:71:12:de:4d:0e:1e:58:ad:52:69:65:0f:0b:
cf:92:20:7c:f7:2a:61:a3:ac:45:07:49:ff:c8:f9:fc:71:cf:
0e:d2:ca:70:99:a4:58:be:47:2c:de:e0:0c:94:c4:fd:e7:ec:
a7:74:7f:df:90:15:44:73:d9:9a:6b:f0:82:dd:a3:01:36:34:
de:39:a9:eb:db:e8:aa:68:3a:d8:51:4b:49:d4:a1:62:6b:37:
d1:10:80:5d:65:4b:d3:28:4e:92:19:dd:de:6f:b7:04:85:56:
34:82:52:8f:cb:cd:d2:89:e5:fb:9d:fc:37:1c:b9:dc:ec:8e:
99:54:19:a6:32:df:cb:7b:27:a5:a9:12:0a:85:1a:09:a6:89:
cd:a3:6a:7d:51:01:dd:b2:9c:0a:79:4d:5e:bc:7d:6d:3c:fa:
27:70:f0:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP5SKhiMKivzuPhP18cRwoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDkyMDc5OTRiYTljN2Q5MWVhN2U0NzlmZWZkMWI4MDk5
ZjYyY2UwHhcNMjIxMDIxMDY0MzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmI5M2JmMTlhYWQzODZjZWU3N2E1NzVmYzA3MDM0MWNmODRlOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzL1Ho+WE5EnMZuleIR7ED+YoxNC
ORJcatszIAC00NVlZUfKlHlt9gI2ZU+CaL04Hfly84CrXVlAmHvNM+/g+gMEjxD2
KoKcEVc4tpobInl4fPL0jHEfC2MaRbH8EtUtdzR9LSxMLSSuh3BTIlPt0nqtnllQ
7TrGp4MYr6ZELPzHJ19ClDY7KawyatCh1m24Sd0JhK0ZaTYvluCanSUTKrTlFaMn
ytduZFlpRbqpeeGr2dm7imtmK2hky3s6zDUYdWYqWRPGC77f1wm4TmtPNqiL/dp1
uUekLg6mUOW1eQYf+TUnKRBpjvmjQ0AJ3X85TrxUDnHNHseMKxMr+37DOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP+5O/GarThs7neldfwHA0HPhOmWMB8GA1UdIwQY
MBaAFK3ZIHmUupx9kep+R5/v0bgJn2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAt
ZTUyMTI1NzRmOWVjLzEvXzdrNzhacXRPR3p1ZDZWMV9BY0RRYy1FNlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAtZTUyMTI1NzRmOWVj
LzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXVz4MA0G
CSqGSIb3DQEBCwUAA4IBAQAemRrG8i6TKUyOe+P5q9414t49bbZsN1W9HLzuungK
oR1IC4ynCbbNs1MEknWyOVJAoCDGHNsJMRioSpSqBfrmNsolJpA+NqUujcTMoHHa
TGClw1IdLMJ9xPvFxE1KDnES3k0OHlitUmllDwvPkiB89ypho6xFB0n/yPn8cc8O
0spwmaRYvkcs3uAMlMT95+yndH/fkBVEc9maa/CC3aMBNjTeOanr2+iqaDrYUUtJ
1KFiazfREIBdZUvTKE6SGd3eb7cEhVY0glKPy83SieX7nfw3HLnc7I6ZVBmmMt/L
eyelqRIKhRoJponNo2p9UQHdspwKeU1evH1tPPoncPD7
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:47:07 2025 by rpki-client