Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/pmKEroBpm7BtoAMhJxLl8IbfEag.roa
File: pmKEroBpm7BtoAMhJxLl8IbfEag.roa (raw, json)
Hash identifier: I/5tLkeNzoCYy6cjlTC7NDsQyMtH1g1gVvTt+fDI4+8=
Subject key identifier: A6:62:84:AE:80:69:9B:B0:6D:A0:03:21:27:12:E5:F0:86:DF:11:A8
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 04615A0E
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/pmKEroBpm7BtoAMhJxLl8IbfEag.roa
Signing time: Sat 01 Jan 2022 02:01:24 +0000
ROA not before: Sat 01 Jan 2022 02:01:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211970
IP address blocks: 188.72.56.0/24 maxlen: 24
188.72.3.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73488910 (0x4615a0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 1 02:01:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a66284ae80699bb06da003212712e5f086df11a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:88:1e:7c:f4:cd:8f:39:89:0a:40:c0:a9:cf:
b4:c1:aa:73:23:49:91:a8:7e:30:b3:8b:08:d2:51:
00:3d:f5:31:06:42:98:8f:77:4f:9b:da:a3:6f:3e:
70:f5:52:97:d8:27:09:a7:2a:22:c5:ce:ac:8e:3c:
36:6b:f2:d2:bc:9f:c7:49:3e:51:03:2c:15:86:f4:
91:02:c3:ee:e2:df:9d:6a:91:61:b0:dd:60:1a:10:
ec:45:39:e2:1e:dc:6e:61:51:fe:35:5c:58:c3:92:
e6:64:23:a4:d9:3d:a9:f5:18:33:71:b5:f5:ff:66:
4c:4e:a6:ec:13:fe:72:1c:14:be:dd:a6:4b:69:c1:
7e:df:ab:d4:fb:19:55:50:17:34:c0:ce:5b:04:65:
cf:33:6a:20:9f:ec:32:5e:0d:ce:b1:cc:cf:da:6f:
49:43:97:6b:b6:b3:36:56:fd:78:9e:8a:a0:dc:36:
4f:9a:07:b6:f9:c1:82:29:d4:54:92:cf:76:86:b2:
d0:59:41:a4:a3:79:5e:a4:05:59:7d:92:08:b0:d0:
82:a2:20:b8:ac:15:ea:de:d5:f3:ed:20:71:19:99:
33:b8:9b:55:3d:d4:8e:54:66:e2:2f:e3:3c:64:bd:
c0:6f:07:9b:c6:33:8b:a3:8f:6f:39:32:30:a6:3f:
61:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:62:84:AE:80:69:9B:B0:6D:A0:03:21:27:12:E5:F0:86:DF:11:A8
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/pmKEroBpm7BtoAMhJxLl8IbfEag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.3.0/24
188.72.56.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:48:7d:c1:c4:70:21:d5:c8:78:00:22:b1:cb:ac:6f:4d:30:
e5:2b:3b:cb:2e:d8:33:3c:ae:8e:1a:1e:c5:49:b6:1a:47:f4:
ef:76:a8:4b:3e:d0:a6:a2:b1:ba:b3:18:4b:ce:6e:0a:55:48:
cf:ae:c4:a6:92:8d:25:45:47:92:80:54:94:c5:59:2c:d0:8a:
c8:47:f8:9e:ef:81:3b:78:44:8c:8f:c5:b1:d2:75:ab:e8:17:
25:47:27:79:5b:af:79:9c:7c:7a:09:be:0a:b6:e3:e3:08:86:
bf:53:aa:7f:d0:3a:06:8d:2a:4b:6d:54:3a:de:b6:f0:e3:a9:
0c:af:2b:41:e5:5f:b3:cd:16:41:5e:94:c0:82:1f:d6:d1:ad:
8f:3a:61:f1:48:39:56:1e:3b:b5:d1:e4:64:1d:a7:12:8d:2e:
da:ad:65:e0:db:7e:d9:e1:fa:4a:34:d4:a7:75:af:5b:e7:d9:
78:da:3a:30:19:58:e0:7a:4f:b0:8f:c2:9c:c1:60:7f:b1:29:
eb:be:fc:c3:9f:1d:50:ee:cc:0b:56:62:27:7c:eb:cf:0d:25:
3b:ed:97:25:9f:e2:ad:6d:f3:dc:cb:56:42:c2:09:b2:22:8c:
dd:49:c1:7c:3b:03:69:76:9a:b8:ce:5a:6c:23:af:3f:ef:4c:
01:61:47:14
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBGFaDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2IwZGVjMTNkZjIwNWE2NmVjNTIyNzkyNWI4ZjU2YmRiMDlmNDk5MB4XDTIyMDEw
MTAyMDEyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY2Mjg0YWU4MDY5
OWJiMDZkYTAwMzIxMjcxMmU1ZjA4NmRmMTFhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANaIHnz0zY85iQpAwKnPtMGqcyNJkah+MLOLCNJRAD31MQZC
mI93T5vao28+cPVSl9gnCacqIsXOrI48Nmvy0ryfx0k+UQMsFYb0kQLD7uLfnWqR
YbDdYBoQ7EU54h7cbmFR/jVcWMOS5mQjpNk9qfUYM3G19f9mTE6m7BP+chwUvt2m
S2nBft+r1PsZVVAXNMDOWwRlzzNqIJ/sMl4NzrHMz9pvSUOXa7azNlb9eJ6KoNw2
T5oHtvnBginUVJLPdoay0FlBpKN5XqQFWX2SCLDQgqIguKwV6t7V8+0gcRmZM7ib
VT3UjlRm4i/jPGS9wG8Hm8Yzi6OPbzkyMKY/YT0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSmYoSugGmbsG2gAyEnEuXwht8RqDAfBgNVHSMEGDAWgBRssN7BPfIFpm7F
InkluPVr2wn0mTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JMRGV3VDN5QmFadXhTSjVKYmoxYTlzSjlKay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvY2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8x
L3BtS0Vyb0JwbTdCdG9BTWhKeExsOEliZkVhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
Y2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8xL2JMRGV3VDN5QmFa
dXhTSjVKYmoxYTlzSjlKay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALxIAwMEALxIODANBgkqhkiG9w0B
AQsFAAOCAQEAO0h9wcRwIdXIeAAiscusb00w5Ss7yy7YMzyujhoexUm2Gkf073ao
Sz7QpqKxurMYS85uClVIz67EppKNJUVHkoBUlMVZLNCKyEf4nu+BO3hEjI/FsdJ1
q+gXJUcneVuveZx8egm+Crbj4wiGv1Oqf9A6Bo0qS21UOt628OOpDK8rQeVfs80W
QV6UwIIf1tGtjzph8Ug5Vh47tdHkZB2nEo0u2q1l4Nt+2eH6SjTUp3WvW+fZeNo6
MBlY4HpPsI/CnMFgf7Ep6778w58dUO7MC1ZiJ3zrzw0lO+2XJZ/irW3z3MtWQsIJ
siKM3UnBfDsDaXaauM5abCOvP+9MAWFHFA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:24:33 2025 by rpki-client