Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ve9LjZxbYz5WwL78ayRdQO89hJM.roa
File: ve9LjZxbYz5WwL78ayRdQO89hJM.roa (raw, json)
Hash identifier: YhiavcwcY7LE6RIl2mScMvWVdzHFQwUaK+SqiFvUMIo=
Subject key identifier: BD:EF:4B:8D:9C:5B:63:3E:56:C0:BE:FC:6B:24:5D:40:EF:3D:84:93
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 019423D71E15902F12A21869342750C7ED34
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ve9LjZxbYz5WwL78ayRdQO89hJM.roa
Signing time: Wed 01 Jan 2025 21:48:08 +0000
ROA not before: Wed 01 Jan 2025 21:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43395
IP address blocks: 92.242.198.0/23 maxlen: 23
92.242.220.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1e:15:90:2f:12:a2:18:69:34:27:50:c7:ed:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdef4b8d9c5b633e56c0befc6b245d40ef3d8493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a1:12:bd:33:be:1b:bf:9c:3f:5a:6e:81:6d:
50:58:55:f6:03:46:59:1f:2e:b0:40:42:da:b2:5c:
92:27:f2:0f:03:e3:75:fb:27:84:58:37:7f:f3:8b:
97:0b:db:54:52:eb:2c:59:41:3c:e4:95:94:5f:e4:
f5:9c:1e:6b:da:39:56:cc:22:bf:f9:51:27:b0:37:
1a:12:1e:8f:dd:79:0a:08:ca:84:ad:c2:97:6d:9b:
85:03:95:05:1b:56:ee:95:4f:ed:63:ad:40:21:c4:
9e:ff:b0:39:07:1f:f2:0b:46:63:ae:ae:13:dc:a5:
e2:98:fe:fd:84:ed:2c:1c:b1:01:ec:e2:4f:b3:5b:
f0:9f:da:35:5f:d1:f3:5c:d6:a3:40:d7:23:e3:8d:
2e:c4:d4:f6:35:b4:fb:f0:0d:00:df:0a:96:e6:ab:
cd:be:8d:c9:7a:54:49:2b:4f:7e:be:93:65:4c:c4:
ae:3f:71:3c:3b:c0:6f:4a:af:47:3c:60:80:71:64:
a5:0a:f4:80:32:32:47:66:19:3e:dc:9f:70:9a:c6:
46:22:46:50:30:38:67:18:36:f0:89:2a:29:46:55:
34:85:e6:cc:f0:7c:5f:c1:9c:a6:4e:f1:3b:ca:d5:
14:55:92:14:fe:53:eb:43:88:3c:48:b3:b7:36:bf:
b3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EF:4B:8D:9C:5B:63:3E:56:C0:BE:FC:6B:24:5D:40:EF:3D:84:93
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ve9LjZxbYz5WwL78ayRdQO89hJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.198.0/23
92.242.220.0/23
Signature Algorithm: sha256WithRSAEncryption
58:b9:26:1a:da:ff:b0:0c:44:7b:9d:0b:37:25:d2:19:96:13:
e7:ef:1d:97:73:28:c8:e2:8f:9c:7e:e3:c1:9a:03:1c:90:57:
b7:90:61:7c:36:c7:54:2d:eb:2e:80:bb:df:88:aa:ab:5a:85:
13:51:46:a1:e4:1a:26:cc:3a:48:f7:59:58:dc:6c:b7:35:a5:
55:b7:c1:cd:8e:93:66:f0:03:73:7d:e1:3a:03:5d:bb:cd:e3:
31:4d:3b:52:2a:40:bf:2d:e0:43:3a:dc:e7:85:e9:50:c4:66:
42:47:27:f8:11:da:ac:d4:99:df:8e:07:3c:e3:b5:ad:2c:65:
aa:04:68:4a:8b:ec:07:3a:b5:c1:1c:46:6a:9a:d7:5b:6f:6c:
01:c5:f3:5a:a6:6e:9a:e8:45:74:31:64:62:7f:1c:e6:22:90:
63:aa:5f:2f:7c:b4:b0:f3:75:26:7a:66:52:00:68:84:71:65:
97:13:b3:5d:5f:2e:1f:14:ca:68:21:76:e6:d7:89:97:96:cd:
3a:ae:8c:7d:25:6f:44:8c:ae:e5:86:eb:d2:75:52:f3:af:f2:
c7:fa:06:2e:f2:be:72:43:30:07:5b:cb:12:f9:0e:41:27:c0:
2d:b3:06:69:23:6f:7f:a9:7f:e2:c0:cf:b8:ec:71:6b:e4:7a:
c5:81:54:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1x4VkC8SohhpNCdQx+00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjUwMTAxMjE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGVmNGI4ZDljNWI2MzNlNTZjMGJlZmM2YjI0NWQ0MGVmM2Q4NDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6ESvTO+G7+cP1pugW1QWFX2A0ZZ
Hy6wQELaslySJ/IPA+N1+yeEWDd/84uXC9tUUussWUE85JWUX+T1nB5r2jlWzCK/
+VEnsDcaEh6P3XkKCMqErcKXbZuFA5UFG1bulU/tY61AIcSe/7A5Bx/yC0Zjrq4T
3KXimP79hO0sHLEB7OJPs1vwn9o1X9HzXNajQNcj440uxNT2NbT78A0A3wqW5qvN
vo3JelRJK09+vpNlTMSuP3E8O8BvSq9HPGCAcWSlCvSAMjJHZhk+3J9wmsZGIkZQ
MDhnGDbwiSopRlU0hebM8HxfwZymTvE7ytUUVZIU/lPrQ4g8SLO3Nr+zEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3vS42cW2M+VsC+/GskXUDvPYSTMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvdmU5TGpaeGJZejVXd0w3OGF5UmRRTzg5aEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXPLGAwQB
XPLcMA0GCSqGSIb3DQEBCwUAA4IBAQBYuSYa2v+wDER7nQs3JdIZlhPn7x2XcyjI
4o+cfuPBmgMckFe3kGF8NsdULesugLvfiKqrWoUTUUah5BomzDpI91lY3Gy3NaVV
t8HNjpNm8ANzfeE6A127zeMxTTtSKkC/LeBDOtznhelQxGZCRyf4Edqs1Jnfjgc8
47WtLGWqBGhKi+wHOrXBHEZqmtdbb2wBxfNapm6a6EV0MWRifxzmIpBjql8vfLSw
83UmemZSAGiEcWWXE7NdXy4fFMpoIXbm14mXls06rox9JW9EjK7lhuvSdVLzr/LH
+gYu8r5yQzAHW8sS+Q5BJ8AtswZpI29/qX/iwM+47HFr5HrFgVQI
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:16:32 2025 by rpki-client