Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ju4enHcchwvUYD9kFQ8c-GASy_I.roa
File: ju4enHcchwvUYD9kFQ8c-GASy_I.roa (raw, json)
Hash identifier: fHWEPKvAR5NMN1FoB8QVERflsAlz9Sbldt9uM7XTCFc=
Subject key identifier: 8E:EE:1E:9C:77:1C:87:0B:D4:60:3F:64:15:0F:1C:F8:60:12:CB:F2
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 019423D71F2D732CDC780BF5B97D23B55071
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ju4enHcchwvUYD9kFQ8c-GASy_I.roa
Signing time: Wed 01 Jan 2025 21:48:08 +0000
ROA not before: Wed 01 Jan 2025 21:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51431
IP address blocks: 77.237.66.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1f:2d:73:2c:dc:78:0b:f5:b9:7d:23:b5:50:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8eee1e9c771c870bd4603f64150f1cf86012cbf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:62:4f:79:dd:c3:8e:ac:4a:7a:f6:d0:d4:ac:
7e:ff:cb:44:aa:e0:ea:2c:99:aa:df:e6:5f:3f:66:
39:49:d3:35:85:52:bb:c6:2f:10:58:83:92:8b:b4:
75:3f:0a:e8:74:41:93:88:de:44:48:44:34:66:c8:
04:d9:51:2a:d3:b3:dd:f0:51:cf:c0:69:77:6f:50:
85:cd:27:07:7e:c8:49:d0:61:2e:39:9f:7a:ae:63:
44:b9:ca:e7:a5:a1:6e:ec:6b:b4:52:1e:ce:74:af:
a1:fe:1b:9b:78:b6:af:42:78:52:2e:de:2e:d1:7c:
f0:ab:a0:4b:ed:83:d9:31:51:1d:ed:30:a9:4a:1f:
5d:6c:a8:9f:1d:68:06:dd:56:0f:32:a7:b3:92:75:
fd:49:fa:18:91:6d:db:c5:a0:d9:92:47:af:d0:ef:
e5:2a:98:31:b2:b0:d4:9a:13:0c:1f:39:aa:3f:78:
ad:a6:c3:88:46:95:a9:7b:8c:a1:1b:f6:35:d8:bc:
0c:a0:ce:62:a9:1f:e0:ef:ad:07:c9:d0:dc:f7:fe:
a1:3b:41:9d:83:f1:f9:e6:cb:3d:d8:5f:fe:86:e2:
80:33:9f:86:d7:1e:59:2b:67:a7:c2:73:a7:b2:d6:
d3:81:82:f7:7c:31:18:af:dd:67:4e:ed:3b:2b:68:
be:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:EE:1E:9C:77:1C:87:0B:D4:60:3F:64:15:0F:1C:F8:60:12:CB:F2
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ju4enHcchwvUYD9kFQ8c-GASy_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.66.0/23
Signature Algorithm: sha256WithRSAEncryption
38:ba:83:bf:14:3a:69:c0:4b:10:74:c2:ae:0c:a5:ad:d3:17:
d9:cc:ba:a0:29:dd:a6:0b:59:67:10:de:f0:66:a6:94:14:d1:
fe:31:90:2d:71:54:ef:84:d7:ef:95:4d:4c:86:e1:83:b2:6b:
16:1e:71:f9:fa:29:97:1d:af:fd:4e:b1:67:40:30:d5:56:e3:
d2:4b:96:ca:1e:a3:84:ae:3a:39:49:a9:70:43:a1:8a:8a:fd:
50:94:7c:4a:a6:39:27:73:fa:e1:b9:78:44:15:2c:d2:4b:91:
34:91:54:ee:f2:43:e4:07:e3:a0:05:00:87:cf:a7:83:6e:d8:
26:1d:a3:bf:e3:bf:65:99:be:5b:ac:57:9b:71:8d:17:d8:17:
f1:a4:bd:8d:0e:ce:49:c2:bf:e8:27:ee:6a:57:29:c1:ae:5e:
91:37:b9:dc:20:b0:54:ec:9f:5a:7a:44:81:77:b5:56:9a:67:
8d:ee:03:06:85:f3:4a:1d:b4:7d:de:35:c4:dd:83:eb:85:5c:
08:39:41:84:cc:a3:63:75:d3:62:8c:38:f4:72:d1:5d:2f:5e:
43:8a:6b:3e:36:e8:bb:41:73:e5:41:a4:b7:8b:28:eb:14:38:
6a:9e:48:e7:01:ae:b0:95:b7:83:4e:f3:d2:f6:d1:25:ec:86:
f5:d8:dd:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1x8tcyzceAv1uX0jtVBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjUwMTAxMjE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWVlMWU5Yzc3MWM4NzBiZDQ2MDNmNjQxNTBmMWNmODYwMTJjYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWJPed3DjqxKevbQ1Kx+/8tEquDq
LJmq3+ZfP2Y5SdM1hVK7xi8QWIOSi7R1PwrodEGTiN5ESEQ0ZsgE2VEq07Pd8FHP
wGl3b1CFzScHfshJ0GEuOZ96rmNEucrnpaFu7Gu0Uh7OdK+h/hubeLavQnhSLt4u
0Xzwq6BL7YPZMVEd7TCpSh9dbKifHWgG3VYPMqezknX9SfoYkW3bxaDZkkev0O/l
KpgxsrDUmhMMHzmqP3itpsOIRpWpe4yhG/Y12LwMoM5iqR/g760HydDc9/6hO0Gd
g/H55ss92F/+huKAM5+G1x5ZK2enwnOnstbTgYL3fDEYr91nTu07K2i+qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7uHpx3HIcL1GA/ZBUPHPhgEsvyMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvanU0ZW5IY2Nod3ZVWUQ5a0ZROGMtR0FTeV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTe1CMA0G
CSqGSIb3DQEBCwUAA4IBAQA4uoO/FDppwEsQdMKuDKWt0xfZzLqgKd2mC1lnEN7w
ZqaUFNH+MZAtcVTvhNfvlU1MhuGDsmsWHnH5+imXHa/9TrFnQDDVVuPSS5bKHqOE
rjo5SalwQ6GKiv1QlHxKpjknc/rhuXhEFSzSS5E0kVTu8kPkB+OgBQCHz6eDbtgm
HaO/479lmb5brFebcY0X2BfxpL2NDs5Jwr/oJ+5qVynBrl6RN7ncILBU7J9aekSB
d7VWmmeN7gMGhfNKHbR93jXE3YPrhVwIOUGEzKNjddNijDj0ctFdL15Dims+Nui7
QXPlQaS3iyjrFDhqnkjnAa6wlbeDTvPS9tEl7Ib12N0G
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:03:45 2025 by rpki-client