Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/4uj1lTWu_4OBeyW6jmN56bfkX4I.roa
File: 4uj1lTWu_4OBeyW6jmN56bfkX4I.roa (raw, json)
Hash identifier: 2w544FJggr1Jj4OXn3vv+vnSnd/d3MDj9dZ8yIv03m4=
Subject key identifier: E2:E8:F5:95:35:AE:FF:83:81:7B:25:BA:8E:63:79:E9:B7:E4:5F:82
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0196429A9E78E38C637FB30A20890E157EFE
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/4uj1lTWu_4OBeyW6jmN56bfkX4I.roa
Signing time: Thu 17 Apr 2025 07:15:51 +0000
ROA not before: Thu 17 Apr 2025 07:15:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51395
IP address blocks: 94.131.3.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:42:9a:9e:78:e3:8c:63:7f:b3:0a:20:89:0e:15:7e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Apr 17 07:15:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2e8f59535aeff83817b25ba8e6379e9b7e45f82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1d:e8:ef:2e:07:e9:e4:d5:0b:bb:a2:c6:d9:
79:b4:0b:ff:00:4a:ba:42:f5:66:d5:c2:b6:da:8b:
3f:9f:b9:db:35:db:f4:e2:48:28:60:7c:db:1c:7a:
b2:7f:59:b6:ac:12:e3:ab:65:09:95:52:af:95:93:
1e:03:e6:c3:d7:4f:52:72:13:4b:16:43:22:26:0c:
33:f5:46:1f:80:02:3a:37:14:28:48:ac:0e:d6:85:
ad:f7:ad:10:58:8b:91:da:88:e2:19:7e:86:16:e4:
dd:c9:fa:07:a5:35:c1:db:0f:6b:82:35:dc:56:80:
14:c0:af:71:78:22:74:22:be:78:c4:09:6c:db:f0:
bb:67:b4:47:54:2e:42:c4:ec:3b:0b:f6:c8:02:df:
43:a8:36:52:ab:18:f2:3e:b8:16:84:33:8d:80:e8:
15:c9:10:b2:5f:7b:eb:95:7f:86:a6:19:a2:48:c7:
f1:77:c5:42:7c:03:30:4c:b0:df:e2:ac:72:8c:e6:
61:d0:f5:a9:af:a9:1b:e4:f6:2b:2e:fd:93:45:17:
40:23:9e:85:19:43:1a:f9:ca:f7:eb:7f:c4:8d:4a:
65:c0:ff:a4:76:cb:ff:92:ac:80:8e:71:bb:ff:94:
0b:ce:9a:a5:25:01:4e:7c:8b:22:8f:51:fc:06:88:
64:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E8:F5:95:35:AE:FF:83:81:7B:25:BA:8E:63:79:E9:B7:E4:5F:82
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/4uj1lTWu_4OBeyW6jmN56bfkX4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3d:cd:a3:2f:9b:99:ee:55:75:a5:42:e7:b5:63:6e:bb:b9:
2c:a2:97:73:9a:08:85:28:98:b8:06:41:82:a1:c3:c6:d7:d5:
61:31:10:d6:dc:04:cf:2b:62:19:99:65:81:ba:b0:56:60:c7:
2c:91:d9:71:1a:db:9d:69:80:6a:07:c6:65:c2:85:e8:8e:c9:
a2:8e:16:2d:f8:65:41:d0:b5:de:ca:ff:cd:96:30:44:7a:aa:
56:10:84:43:77:f3:18:b3:cc:cb:03:ed:46:fb:41:47:15:aa:
38:ea:3c:68:f0:27:50:49:9b:1f:72:7a:f1:d5:4a:3d:aa:89:
a9:d8:b4:fa:30:e0:b5:eb:09:61:62:79:16:1c:f4:1c:e7:d4:
19:84:50:95:c3:31:be:6d:00:e2:2f:97:b9:1c:ac:dc:62:24:
bc:e4:b1:7c:05:9d:1a:8d:7d:24:15:0d:45:37:ee:9f:4a:c7:
cb:05:a5:2d:54:2b:2a:b7:7b:5b:97:c2:88:e9:da:c1:64:a8:
d3:0f:78:ff:8d:e9:b2:d2:0e:55:fa:33:d4:19:4b:f9:80:8e:
04:e4:80:93:b8:15:ed:d3:28:c6:a2:9f:be:f9:22:af:a6:e5:
94:72:8e:ab:ac:98:dd:bf:c4:9e:cc:3b:10:89:d4:53:88:e2:
e7:89:1e:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZCmp5444xjf7MKIIkOFX7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwNDE3MDcxNTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU4ZjU5NTM1YWVmZjgzODE3YjI1YmE4ZTYzNzllOWI3ZTQ1ZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx3o7y4H6eTVC7uixtl5tAv/AEq6
QvVm1cK22os/n7nbNdv04kgoYHzbHHqyf1m2rBLjq2UJlVKvlZMeA+bD109SchNL
FkMiJgwz9UYfgAI6NxQoSKwO1oWt960QWIuR2ojiGX6GFuTdyfoHpTXB2w9rgjXc
VoAUwK9xeCJ0Ir54xAls2/C7Z7RHVC5CxOw7C/bIAt9DqDZSqxjyPrgWhDONgOgV
yRCyX3vrlX+GphmiSMfxd8VCfAMwTLDf4qxyjOZh0PWpr6kb5PYrLv2TRRdAI56F
GUMa+cr363/EjUplwP+kdsv/kqyAjnG7/5QLzpqlJQFOfIsij1H8BohkLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLo9ZU1rv+DgXsluo5jeem35F+CMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvNHVqMWxUV3VfNE9CZXlXNmptTjU2YmZrWDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXoMDMA0G
CSqGSIb3DQEBCwUAA4IBAQANPc2jL5uZ7lV1pULntWNuu7ksopdzmgiFKJi4BkGC
ocPG19VhMRDW3ATPK2IZmWWBurBWYMcskdlxGtudaYBqB8ZlwoXojsmijhYt+GVB
0LXeyv/NljBEeqpWEIRDd/MYs8zLA+1G+0FHFao46jxo8CdQSZsfcnrx1Uo9qomp
2LT6MOC16wlhYnkWHPQc59QZhFCVwzG+bQDiL5e5HKzcYiS85LF8BZ0ajX0kFQ1F
N+6fSsfLBaUtVCsqt3tbl8KI6drBZKjTD3j/jemy0g5V+jPUGUv5gI4E5ICTuBXt
0yjGop+++SKvpuWUco6rrJjdv8SezDsQidRTiOLniR58
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:38:23 2025 by rpki-client