Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_g00jLFrI_SmhFBfkWaL12hm1Dc.roa
File: _g00jLFrI_SmhFBfkWaL12hm1Dc.roa (raw, json)
Hash identifier: BzsofzdslX5R34atI+Yr797yBUkWCiTMRGXeH4ZTuEI=
Subject key identifier: FE:0D:34:8C:B1:6B:23:F4:A6:84:50:5F:91:66:8B:D7:68:66:D4:37
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0186542280B62D8B2CF82DD0E036C84010A5
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_g00jLFrI_SmhFBfkWaL12hm1Dc.roa
Signing time: Wed 15 Feb 2023 08:13:12 +0000
ROA not before: Wed 15 Feb 2023 08:13:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207326
IP address blocks: 95.82.32.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:22:80:b6:2d:8b:2c:f8:2d:d0:e0:36:c8:40:10:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Feb 15 08:13:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe0d348cb16b23f4a684505f91668bd76866d437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2b:1b:da:5c:0d:16:94:10:5b:dc:4f:cb:a0:
f6:67:53:b0:c1:f9:bb:1b:b2:1b:77:54:8e:49:5c:
8b:e9:3c:30:b4:30:02:c1:43:40:59:8c:0b:cf:99:
4b:10:80:f2:f0:57:4a:a3:7d:8b:0d:3f:40:6d:c6:
6c:de:15:52:5e:91:b1:42:00:c1:6d:f9:cd:2d:ac:
fe:50:00:0b:c6:56:56:fc:70:b2:22:05:fa:b9:f3:
ba:fa:1f:a6:29:ea:14:63:ec:01:e3:4d:7c:32:d9:
4f:71:be:bb:e5:c0:e1:5a:f2:c1:c2:87:f7:07:99:
af:c6:2a:89:0e:48:f4:b5:42:1a:82:31:37:85:d9:
1e:a8:38:79:25:ae:c9:fd:d1:35:ed:bb:13:65:01:
5f:6a:27:04:2b:33:c2:38:de:94:61:1b:8e:fe:72:
ba:f3:ee:4b:21:b5:a4:6a:f3:cc:a8:ad:80:6f:b7:
28:e8:09:16:05:8b:78:1d:dc:87:b6:17:a3:e7:5d:
74:f4:39:ba:81:1b:d1:70:e0:1f:2e:84:fa:1f:b4:
7c:7c:89:f2:e7:ca:f1:10:1f:34:1b:bd:d0:d6:b4:
20:43:2d:b3:d2:50:8d:ba:a7:ae:4f:69:75:21:7c:
00:98:5d:02:70:5d:c4:8a:01:a2:83:34:61:f8:c9:
d3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:0D:34:8C:B1:6B:23:F4:A6:84:50:5F:91:66:8B:D7:68:66:D4:37
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_g00jLFrI_SmhFBfkWaL12hm1Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.32.0/21
Signature Algorithm: sha256WithRSAEncryption
21:16:8d:e6:e5:e4:bc:db:69:28:f3:ad:ee:1c:e8:de:34:7f:
37:50:5f:57:2e:f9:39:8c:97:f3:b8:4d:e0:4c:1d:b0:d1:17:
0f:1b:67:54:c1:41:5e:af:7f:2c:61:ae:d4:a1:60:c2:46:08:
c6:1e:b1:80:df:65:ec:82:9a:16:60:c1:8d:d0:b6:11:aa:0b:
82:e8:67:bc:a7:e2:73:71:2b:d7:00:03:4f:ba:ec:b0:ab:ce:
a7:2d:d4:a2:99:96:83:23:93:f7:24:24:31:94:21:62:2d:78:
1e:00:39:88:f0:74:fb:4c:d7:6f:f0:cc:20:c6:0c:e4:8d:e4:
ba:b9:31:bd:67:af:7c:76:0a:ee:09:a2:09:d9:ee:55:1b:89:
fe:b7:4b:29:1a:e9:11:80:5b:eb:32:a3:1f:b7:47:90:a2:f2:
5c:5a:b7:1c:4d:6d:d5:8c:50:9f:ad:97:0b:96:2e:b5:54:57:
b3:95:e3:35:5b:13:13:7b:b5:22:61:f6:a1:30:6a:fd:86:85:
8c:cc:4c:3d:2f:c1:c8:3f:a7:27:8b:bc:7e:c8:39:17:18:2f:
a3:da:68:42:d9:f8:e6:8b:27:57:fd:82:02:7f:a2:34:d4:26:
3f:d9:1d:16:e3:4e:1c:b7:bd:61:14:87:01:dc:ea:94:c2:0c:
7b:86:7b:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZUIoC2LYss+C3Q4DbIQBClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwMjE1MDgxMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTBkMzQ4Y2IxNmIyM2Y0YTY4NDUwNWY5MTY2OGJkNzY4NjZkNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSsb2lwNFpQQW9xPy6D2Z1Owwfm7
G7Ibd1SOSVyL6TwwtDACwUNAWYwLz5lLEIDy8FdKo32LDT9AbcZs3hVSXpGxQgDB
bfnNLaz+UAALxlZW/HCyIgX6ufO6+h+mKeoUY+wB4018MtlPcb675cDhWvLBwof3
B5mvxiqJDkj0tUIagjE3hdkeqDh5Ja7J/dE17bsTZQFfaicEKzPCON6UYRuO/nK6
8+5LIbWkavPMqK2Ab7co6AkWBYt4HdyHthej51109Dm6gRvRcOAfLoT6H7R8fIny
58rxEB80G73Q1rQgQy2z0lCNuqeuT2l1IXwAmF0CcF3EigGigzRh+MnTuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4NNIyxayP0poRQX5Fmi9doZtQ3MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvX2cwMGpMRnJJX1NtaEZCZmtXYUwxMmhtMURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDX1IgMA0G
CSqGSIb3DQEBCwUAA4IBAQAhFo3m5eS822ko863uHOjeNH83UF9XLvk5jJfzuE3g
TB2w0RcPG2dUwUFer38sYa7UoWDCRgjGHrGA32XsgpoWYMGN0LYRqguC6Ge8p+Jz
cSvXAANPuuywq86nLdSimZaDI5P3JCQxlCFiLXgeADmI8HT7TNdv8MwgxgzkjeS6
uTG9Z698dgruCaIJ2e5VG4n+t0spGukRgFvrMqMft0eQovJcWrccTW3VjFCfrZcL
li61VFezleM1WxMTe7UiYfahMGr9hoWMzEw9L8HIP6cni7x+yDkXGC+j2mhC2fjm
iydX/YICf6I01CY/2R0W404ct71hFIcB3OqUwgx7hntw
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:19:17 2025 by rpki-client