Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/lHVCM6JfKBbOpZkmDjmlOB2wI-4.roa
File: lHVCM6JfKBbOpZkmDjmlOB2wI-4.roa (raw, json)
Hash identifier: TF/Zf9GrMss5a6JCb9ApznzwKB8vCAV5rNKveoVDFWE=
Subject key identifier: 94:75:42:33:A2:5F:28:16:CE:A5:99:26:0E:39:A5:38:1D:B0:23:EE
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 01942748391A1182261F954108DAF69C39C6
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/lHVCM6JfKBbOpZkmDjmlOB2wI-4.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208801
IP address blocks: 217.168.246.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:39:1a:11:82:26:1f:95:41:08:da:f6:9c:39:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94754233a25f2816cea599260e39a5381db023ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:81:b6:d3:2c:08:94:4c:9f:28:c2:8b:f4:e4:
35:b6:44:71:01:48:e0:0b:0c:6d:34:b4:db:02:b3:
0a:f3:c0:13:ce:75:e8:ec:04:96:37:4c:86:ae:3b:
18:c4:5a:2b:7e:70:61:08:3e:38:68:9f:8d:d5:f9:
4c:d8:75:a7:0f:61:01:13:f2:f1:52:c1:ca:27:b0:
ca:4b:02:d9:f8:e1:d3:43:98:c8:a0:fc:a8:e5:15:
5c:84:17:c8:dc:7c:ad:c5:f6:33:c9:cc:14:ec:aa:
91:29:79:dd:59:44:74:8b:7c:74:7b:1d:e1:2c:3e:
2d:f6:6a:86:fe:5d:90:63:d7:76:fc:73:ec:db:66:
bd:cb:8b:74:f0:49:76:6e:97:23:de:36:e1:f4:19:
95:6b:52:5e:e3:eb:82:65:d7:38:2d:ae:4f:7f:a9:
06:f0:fe:ae:68:ad:0a:b1:20:ea:6d:d9:15:60:10:
f1:97:be:b6:6c:83:ac:02:56:6f:61:45:8d:78:89:
bf:2d:d4:e8:cf:ae:0a:65:38:5c:b0:7a:6d:43:6e:
15:35:2a:a1:ad:b9:21:ee:42:5e:1a:bb:44:d3:25:
38:41:dc:e0:95:d4:92:e5:8a:da:38:02:75:8f:e6:
45:e7:9b:75:be:51:3d:99:a9:c5:1a:d4:d8:6d:17:
e3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:75:42:33:A2:5F:28:16:CE:A5:99:26:0E:39:A5:38:1D:B0:23:EE
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/lHVCM6JfKBbOpZkmDjmlOB2wI-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.168.246.0/24
Signature Algorithm: sha256WithRSAEncryption
82:64:8d:37:b2:31:b1:a0:34:a3:ef:0f:33:c6:78:c9:02:85:
18:4a:90:09:bf:4a:f1:b4:4f:04:c8:21:3d:5b:a0:4a:41:da:
a3:09:fb:63:c1:1e:66:79:e7:0d:92:79:41:1e:5d:e2:fa:e3:
c7:e5:d0:81:6f:f0:3e:de:62:87:59:bd:5c:de:b2:4d:77:28:
4c:9b:2b:36:34:d7:1c:9b:4a:c7:47:af:78:e1:37:32:cf:fc:
f6:2d:7c:c8:b9:3b:41:af:1a:71:4b:ed:66:a3:37:2c:bc:a7:
77:43:b5:2a:9a:db:a6:32:ad:94:36:a0:d2:06:b2:74:1b:23:
28:ff:ec:95:a4:da:9c:3e:d5:c4:7c:ea:98:52:56:47:d7:21:
a2:5f:52:b2:a1:1a:96:96:92:82:63:5c:c2:c3:24:95:c6:ba:
be:75:8d:43:a6:d6:12:2f:96:c3:58:1a:12:e5:55:01:29:f7:
a9:bd:01:34:5b:fd:59:0e:58:8e:1b:b6:58:ca:ee:59:87:d8:
5e:d2:48:98:92:d7:9a:b7:22:1d:de:26:20:2d:7d:88:01:c7:
3f:40:d6:4b:f8:ee:dc:b9:15:aa:31:08:c7:8f:c2:be:bc:8d:
04:14:1e:48:b5:a5:9f:b2:c0:15:bf:8d:54:b5:8e:eb:ec:54:
53:4a:15:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSDkaEYImH5VBCNr2nDnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMGMzY2YzZGM1M2NhNTQ5YzAzZTRmNWY0NmQ5MWNlOTBi
OGUwNzAwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDc1NDIzM2EyNWYyODE2Y2VhNTk5MjYwZTM5YTUzODFkYjAyM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oG20ywIlEyfKMKL9OQ1tkRxAUjg
CwxtNLTbArMK88ATznXo7ASWN0yGrjsYxForfnBhCD44aJ+N1flM2HWnD2EBE/Lx
UsHKJ7DKSwLZ+OHTQ5jIoPyo5RVchBfI3HytxfYzycwU7KqRKXndWUR0i3x0ex3h
LD4t9mqG/l2QY9d2/HPs22a9y4t08El2bpcj3jbh9BmVa1Je4+uCZdc4La5Pf6kG
8P6uaK0KsSDqbdkVYBDxl762bIOsAlZvYUWNeIm/LdToz64KZThcsHptQ24VNSqh
rbkh7kJeGrtE0yU4QdzgldSS5YraOAJ1j+ZF55t1vlE9manFGtTYbRfj1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJR1QjOiXygWzqWZJg45pTgdsCPuMB8GA1UdIwQY
MBaAFLEMPPPcU8pUnAPk9fRtkc6QuOBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMt
MzZmODJiZDM3OWJkLzEvbEhWQ002SmZLQmJPcFprbURqbWxPQjJ3SS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMtMzZmODJiZDM3OWJk
LzEvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2aj2MA0G
CSqGSIb3DQEBCwUAA4IBAQCCZI03sjGxoDSj7w8zxnjJAoUYSpAJv0rxtE8EyCE9
W6BKQdqjCftjwR5meecNknlBHl3i+uPH5dCBb/A+3mKHWb1c3rJNdyhMmys2NNcc
m0rHR6944Tcyz/z2LXzIuTtBrxpxS+1mozcsvKd3Q7UqmtumMq2UNqDSBrJ0GyMo
/+yVpNqcPtXEfOqYUlZH1yGiX1KyoRqWlpKCY1zCwySVxrq+dY1DptYSL5bDWBoS
5VUBKfepvQE0W/1ZDliOG7ZYyu5Zh9he0kiYkteatyId3iYgLX2IAcc/QNZL+O7c
uRWqMQjHj8K+vI0EFB5ItaWfssAVv41UtY7r7FRTShUB
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:23 2025 by rpki-client