Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/VeJXRDAYx61ZaV_mZ-PPhooperE.roa
File: VeJXRDAYx61ZaV_mZ-PPhooperE.roa (raw, json)
Hash identifier: g5746WnOL0cbOdrCMKIV5lTA1Cqldv89e4p7RGkO3mw=
Subject key identifier: 55:E2:57:44:30:18:C7:AD:59:69:5F:E6:67:E3:CF:86:8A:29:7A:B1
Certificate issuer: /CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Certificate serial: 01965D27D4034D66CFD3178173A15B6E60DC
Authority key identifier: B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/VeJXRDAYx61ZaV_mZ-PPhooperE.roa
Signing time: Tue 22 Apr 2025 11:00:13 +0000
ROA not before: Tue 22 Apr 2025 11:00:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47952
IP address blocks: 81.200.140.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:27:d4:03:4d:66:cf:d3:17:81:73:a1:5b:6e:60:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Validity
Not Before: Apr 22 11:00:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55e257443018c7ad59695fe667e3cf868a297ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d5:9a:52:b6:61:03:5f:8f:75:0d:b9:4f:56:
4c:6a:71:9f:9b:49:e3:bd:08:a1:27:e5:00:76:90:
c3:df:ae:f8:4c:df:bb:0d:25:83:b3:5a:33:f9:ce:
8d:ad:77:00:c8:db:ce:b8:85:db:53:fd:b0:6e:22:
df:10:0b:42:b0:e1:c5:7f:f8:a4:20:1b:1d:21:c2:
ce:60:c0:45:35:0d:67:64:20:c8:84:a8:92:61:87:
e1:0e:c6:29:1d:db:46:11:c0:dc:4c:8a:8a:7d:f1:
60:4c:f0:fb:07:c8:e3:70:54:ac:a8:fa:99:98:51:
33:d5:a0:38:3f:ea:dd:73:a0:15:64:07:5f:6e:3d:
eb:eb:b1:45:d1:20:45:4e:62:78:45:89:8d:a8:7b:
fb:dd:a5:b8:61:04:84:fc:ac:24:aa:34:59:a5:3e:
03:ef:36:28:8d:23:8e:85:80:00:07:e7:61:80:17:
c6:5e:49:6c:1a:39:78:71:61:b6:96:99:c9:1a:42:
0c:e7:47:fa:b8:05:cd:90:37:ce:e8:f1:2f:47:0b:
aa:d6:35:a1:c6:bf:af:3d:f0:e2:09:45:eb:91:4d:
f9:17:da:33:55:19:0d:0f:b5:3e:d2:f0:df:c1:f6:
7c:69:81:7a:ca:4f:52:8d:a8:ba:24:a4:d3:1a:f5:
28:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E2:57:44:30:18:C7:AD:59:69:5F:E6:67:E3:CF:86:8A:29:7A:B1
X509v3 Authority Key Identifier:
keyid:B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/VeJXRDAYx61ZaV_mZ-PPhooperE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.140.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:1e:44:89:f4:94:36:ba:cf:b0:cb:bb:11:89:c3:bd:68:01:
9d:92:4b:33:7e:6d:23:7b:bd:51:e9:bd:9f:b3:88:89:81:46:
de:0e:d7:13:2c:58:83:b2:fb:7a:8c:24:1e:6f:8d:7f:51:23:
a1:61:1f:bb:cc:f6:df:ff:eb:51:7a:05:30:69:83:c1:db:4b:
8a:17:d4:1c:56:1c:14:89:88:c3:b5:f5:6f:2d:76:a3:be:1d:
9e:a5:85:f5:0f:36:dc:82:e5:57:a1:0c:f9:39:57:f5:09:76:
4e:f8:2a:9f:54:6d:98:b3:f3:ad:e1:9a:7d:9d:f8:b8:46:f6:
c7:83:02:03:93:05:00:77:03:4a:a1:5e:bc:b3:1e:9e:b0:15:
8d:6c:c8:d9:75:83:7a:27:9d:54:02:d1:a9:1f:85:77:9a:55:
fc:5f:b5:4e:20:e3:18:88:b3:88:cc:70:e2:49:ee:f8:33:16:
72:61:97:de:a1:bb:8e:a3:2e:fb:fa:0e:11:f9:7d:96:d5:08:
d9:c9:dc:36:ad:1d:23:ff:e7:9b:6f:c4:2e:5a:f0:ca:15:99:
52:33:2f:26:90:96:52:32:8a:4f:52:3c:03:c5:89:33:34:2b:
d5:bb:49:c6:23:c1:2d:29:fd:10:27:02:c8:4d:5c:95:0a:32:
2f:62:f8:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZdJ9QDTWbP0xeBc6FbbmDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTBmNzk4NDFjMDIxMGQ5NWI0ZWY1NmZmNjg0NDFjMmFh
OWZjMGYwHhcNMjUwNDIyMTEwMDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWUyNTc0NDMwMThjN2FkNTk2OTVmZTY2N2UzY2Y4NjhhMjk3YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttWaUrZhA1+PdQ25T1ZManGfm0nj
vQihJ+UAdpDD3674TN+7DSWDs1oz+c6NrXcAyNvOuIXbU/2wbiLfEAtCsOHFf/ik
IBsdIcLOYMBFNQ1nZCDIhKiSYYfhDsYpHdtGEcDcTIqKffFgTPD7B8jjcFSsqPqZ
mFEz1aA4P+rdc6AVZAdfbj3r67FF0SBFTmJ4RYmNqHv73aW4YQSE/KwkqjRZpT4D
7zYojSOOhYAAB+dhgBfGXklsGjl4cWG2lpnJGkIM50f6uAXNkDfO6PEvRwuq1jWh
xr+vPfDiCUXrkU35F9ozVRkND7U+0vDfwfZ8aYF6yk9Sjai6JKTTGvUoIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFXiV0QwGMetWWlf5mfjz4aKKXqxMB8GA1UdIwQY
MBaAFLjg95hBwCENlbTvVv9oRBwqqfwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2Mt
NmVhM2NiZmQzYTg0LzEvVmVKWFJEQVl4NjFaYVZfbVotUFBob29wZXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2MtNmVhM2NiZmQzYTg0
LzEvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUciMMA0G
CSqGSIb3DQEBCwUAA4IBAQA7HkSJ9JQ2us+wy7sRicO9aAGdkkszfm0je71R6b2f
s4iJgUbeDtcTLFiDsvt6jCQeb41/USOhYR+7zPbf/+tRegUwaYPB20uKF9QcVhwU
iYjDtfVvLXajvh2epYX1DzbcguVXoQz5OVf1CXZO+CqfVG2Ys/Ot4Zp9nfi4RvbH
gwIDkwUAdwNKoV68sx6esBWNbMjZdYN6J51UAtGpH4V3mlX8X7VOIOMYiLOIzHDi
Se74MxZyYZfeobuOoy77+g4R+X2W1QjZydw2rR0j/+ebb8QuWvDKFZlSMy8mkJZS
MopPUjwDxYkzNCvVu0nGI8EtKf0QJwLITVyVCjIvYvie
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:22:57 2025 by rpki-client