Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/ZQ-7x67f256jU92Wco_P-9fukIw.roa
File: ZQ-7x67f256jU92Wco_P-9fukIw.roa (raw, json)
Hash identifier: ZzDEtA3baCEQDsbgNaJEvMwre7o6fiayNy8m9fz7LNg=
Subject key identifier: 65:0F:BB:C7:AE:DF:DB:9E:A3:53:DD:96:72:8F:CF:FB:D7:EE:90:8C
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 0255920C
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/ZQ-7x67f256jU92Wco_P-9fukIw.roa
Signing time: Sat 01 Jan 2022 14:08:29 +0000
ROA not before: Sat 01 Jan 2022 14:08:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207974
IP address blocks: 193.38.225.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39162380 (0x255920c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: Jan 1 14:08:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=650fbbc7aedfdb9ea353dd96728fcffbd7ee908c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c3:f7:df:39:28:dc:89:48:47:42:0c:73:00:
f4:53:f4:b9:3c:5e:a3:82:d5:9a:28:99:d5:d9:cf:
68:0c:31:91:11:ef:a0:93:0a:c5:d2:94:b0:d1:fa:
22:94:f9:71:54:c9:71:27:79:41:6e:78:79:85:8b:
77:12:79:20:6b:aa:7c:70:c4:34:d4:20:f4:a9:f3:
ba:91:b4:ca:f0:48:91:0f:19:7d:fb:da:20:01:e1:
21:1d:3d:d5:f4:e4:b0:44:f6:1b:ee:b6:6f:84:cc:
fb:80:50:1a:96:40:84:ea:e4:51:df:8e:72:e4:33:
c3:02:16:a6:d9:3b:04:6e:a9:a7:25:c8:69:f1:9e:
59:09:c3:13:02:01:09:42:15:1a:9f:a0:68:e2:0c:
55:a4:14:07:94:e1:28:e3:29:91:a3:73:8e:e0:93:
4f:f4:27:ba:9f:c4:67:72:15:c1:52:66:ed:33:32:
57:92:16:aa:89:5a:f6:2b:21:ba:b0:d2:b8:8e:48:
74:a3:93:83:8d:1b:bf:83:e5:09:65:2c:0a:e8:67:
bb:4c:b8:3f:27:53:a0:89:2f:4a:f0:64:f7:7e:c8:
7a:25:b7:39:74:cf:b0:0e:0d:c8:ac:fc:d9:c4:eb:
36:d8:b2:48:1a:95:e1:da:3a:a3:f4:2b:31:75:dd:
bc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0F:BB:C7:AE:DF:DB:9E:A3:53:DD:96:72:8F:CF:FB:D7:EE:90:8C
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/ZQ-7x67f256jU92Wco_P-9fukIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.225.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:31:5d:76:47:94:ae:f1:c6:61:30:68:30:9c:a6:e7:86:7b:
d2:76:8d:72:9c:f1:0a:a8:36:ed:17:cc:be:65:0c:b8:c3:0b:
ef:0d:08:bd:8e:a9:d4:26:d0:a0:4b:80:51:01:6a:9a:d9:d0:
f7:c1:b3:e1:28:0b:4f:64:9e:f4:4a:5c:16:b1:26:45:fe:86:
ad:29:21:50:eb:c4:47:26:aa:79:01:28:14:cb:f3:05:fa:78:
b5:da:53:a5:6a:0b:77:99:aa:34:2c:77:0a:2a:30:56:3d:c2:
66:e8:f3:4d:a7:d7:2f:67:88:ab:92:a4:d0:32:75:ba:58:0f:
d1:99:99:9a:6d:1c:bd:81:ce:22:08:d4:c8:6a:ce:52:5a:a4:
98:66:e6:a5:c8:47:f1:0a:60:f4:aa:44:e2:4e:51:94:50:72:
c4:3c:21:32:bb:fc:8f:ce:31:84:36:e3:10:e3:a8:11:59:a8:
2b:9e:de:40:d4:20:0a:03:4f:99:da:a3:b9:88:00:cc:1c:cf:
90:21:85:67:b5:3c:f1:30:c4:d1:c6:af:91:23:ce:fb:22:78:
dc:a3:68:a3:0b:f1:d2:a3:91:83:06:94:2b:80:c6:95:45:31:
ae:fa:07:9d:8c:10:81:16:7d:97:38:e1:c3:d2:a8:84:bc:60:
3b:de:63:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAlWSDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MmM3OGVlZWY3YWNiNDUxZmMzNzU3NWZlYjkxMTRkZmNjYzFjZGZiMB4XDTIyMDEw
MTE0MDgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjUwZmJiYzdhZWRm
ZGI5ZWEzNTNkZDk2NzI4ZmNmZmJkN2VlOTA4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnD9985KNyJSEdCDHMA9FP0uTxeo4LVmiiZ1dnPaAwxkRHv
oJMKxdKUsNH6IpT5cVTJcSd5QW54eYWLdxJ5IGuqfHDENNQg9KnzupG0yvBIkQ8Z
ffvaIAHhIR091fTksET2G+62b4TM+4BQGpZAhOrkUd+OcuQzwwIWptk7BG6ppyXI
afGeWQnDEwIBCUIVGp+gaOIMVaQUB5ThKOMpkaNzjuCTT/Qnup/EZ3IVwVJm7TMy
V5IWqola9ishurDSuI5IdKOTg40bv4PlCWUsCuhnu0y4PydToIkvSvBk937IeiW3
OXTPsA4NyKz82cTrNtiySBqV4do6o/QrMXXdvJ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRlD7vHrt/bnqNT3ZZyj8/71+6QjDAfBgNVHSMEGDAWgBQyx47u96y0Ufw3
V1/rkRTfzMHN+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01zZU83dmVzdEZIOE4xZGY2NUVVMzh6Qnpmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvMjI1YmNiLTZkM2QtNGMwZS04MjRmLTJmMWM4ZTQwOGI2NC8x
L1pRLTd4NjdmMjU2alU5Mldjb19QLTlmdWtJdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
MjI1YmNiLTZkM2QtNGMwZS04MjRmLTJmMWM4ZTQwOGI2NC8xL01zZU83dmVzdEZI
OE4xZGY2NUVVMzh6Qnpmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEm4TANBgkqhkiG9w0BAQsFAAOC
AQEAjDFddkeUrvHGYTBoMJym54Z70naNcpzxCqg27RfMvmUMuMML7w0IvY6p1CbQ
oEuAUQFqmtnQ98Gz4SgLT2Se9EpcFrEmRf6GrSkhUOvERyaqeQEoFMvzBfp4tdpT
pWoLd5mqNCx3CiowVj3CZujzTafXL2eIq5Kk0DJ1ulgP0ZmZmm0cvYHOIgjUyGrO
UlqkmGbmpchH8Qpg9KpE4k5RlFByxDwhMrv8j84xhDbjEOOoEVmoK57eQNQgCgNP
mdqjuYgAzBzPkCGFZ7U88TDE0cavkSPO+yJ43KNoowvx0qORgwaUK4DGlUUxrvoH
nYwQgRZ9lzjhw9KohLxgO95jrw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:49:10 2025 by rpki-client