Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/fbl6RA61ozWvg2IlSy2yjdw0XSw.roa
File: fbl6RA61ozWvg2IlSy2yjdw0XSw.roa (raw, json)
Hash identifier: H71PtFAQUIWhNqQ+UeRuyUjRSobVHgdue2AJyJafzbk=
Subject key identifier: 7D:B9:7A:44:0E:B5:A3:35:AF:83:62:25:4B:2D:B2:8D:DC:34:5D:2C
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 0187463908EB181A1E03CD5BA39541440BC7
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/fbl6RA61ozWvg2IlSy2yjdw0XSw.roa
Signing time: Mon 03 Apr 2023 08:25:55 +0000
ROA not before: Mon 03 Apr 2023 08:25:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 176.114.94.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:39:08:eb:18:1a:1e:03:cd:5b:a3:95:41:44:0b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Apr 3 08:25:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7db97a440eb5a335af8362254b2db28ddc345d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2f:ef:97:ab:5f:20:d9:a3:a9:e8:df:37:86:
a4:b0:4b:61:0d:58:b2:47:f6:26:98:ff:e7:53:87:
a5:55:b7:42:fc:70:04:05:2e:f1:cc:08:8d:6f:5f:
cf:59:db:96:d2:34:2a:24:28:56:a4:43:32:7f:b1:
45:4c:62:69:c6:f0:46:b5:e0:15:7b:13:47:0d:63:
db:53:12:2e:d1:d2:6c:95:7c:ba:59:92:b3:d5:fb:
79:cb:cd:68:44:dc:d2:e4:82:4d:8b:4a:f4:77:35:
73:ea:ea:83:e5:ff:af:1c:45:17:ac:c7:1d:21:a5:
6e:be:8d:89:aa:81:1a:ac:3a:aa:03:c8:59:c6:13:
82:e8:0c:3a:6c:96:56:1d:eb:1a:52:31:c9:73:e4:
51:ce:87:09:55:46:96:51:e2:d2:79:bf:ca:85:24:
5c:97:b5:b7:e0:ea:04:3e:a8:ce:73:2c:f1:cb:73:
31:bd:13:fd:13:d4:d5:88:0c:dd:e3:f7:ec:99:dc:
42:a2:f6:d8:1d:3f:25:80:f7:6c:50:6d:01:1c:b8:
5b:79:ee:59:17:16:93:a1:cb:8e:67:04:cc:ff:41:
b9:a6:3d:b4:b0:74:21:66:6f:53:5a:1e:96:08:7c:
df:37:d8:bb:a9:27:8c:e9:77:e0:9d:25:23:3a:22:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B9:7A:44:0E:B5:A3:35:AF:83:62:25:4B:2D:B2:8D:DC:34:5D:2C
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/fbl6RA61ozWvg2IlSy2yjdw0XSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.114.94.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:cf:1a:49:7e:0b:43:f8:47:ab:23:1a:b4:72:13:c7:84:66:
48:de:a0:cd:f1:2d:fd:40:77:d9:7c:71:59:d0:10:67:65:b9:
0d:33:f0:de:d8:b7:0b:21:fb:2b:dd:bc:07:3b:04:7d:53:fe:
f4:31:4c:ff:3c:73:5c:f3:72:68:37:94:ae:5b:b3:52:f7:32:
1a:21:96:8f:fc:80:84:9f:86:4f:d2:fb:42:b5:e2:d3:51:0d:
30:8e:1a:10:e1:da:b7:34:f5:32:31:2e:dd:f9:83:e9:2a:28:
5f:80:cb:ed:ff:a4:af:54:bf:0f:a4:cc:cf:9e:d3:0e:46:1b:
9f:5f:cd:2a:d2:23:5d:2c:9f:89:d0:7d:33:7f:f7:1a:d2:5e:
e4:de:55:9a:d2:97:96:63:9a:58:5c:de:86:b6:fa:ba:0f:51:
87:85:c8:8c:98:d9:4f:99:83:83:08:eb:9b:6f:2e:58:c3:82:
f7:c8:b7:b1:69:eb:e2:6a:86:72:3b:dd:ca:8d:03:54:38:1c:
eb:89:89:38:d0:b5:60:69:40:db:fe:d7:d8:38:4e:30:84:a1:
5d:cb:28:87:a7:ef:a8:71:ba:5d:49:1a:b9:82:aa:97:28:8f:
ec:ba:19:02:fd:8a:47:1c:c2:a8:5e:9d:7f:5f:18:bd:cd:ab:
11:08:47:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdGOQjrGBoeA81bo5VBRAvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjMwNDAzMDgyNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGI5N2E0NDBlYjVhMzM1YWY4MzYyMjU0YjJkYjI4ZGRjMzQ1ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS/vl6tfINmjqejfN4aksEthDViy
R/YmmP/nU4elVbdC/HAEBS7xzAiNb1/PWduW0jQqJChWpEMyf7FFTGJpxvBGteAV
exNHDWPbUxIu0dJslXy6WZKz1ft5y81oRNzS5IJNi0r0dzVz6uqD5f+vHEUXrMcd
IaVuvo2JqoEarDqqA8hZxhOC6Aw6bJZWHesaUjHJc+RRzocJVUaWUeLSeb/KhSRc
l7W34OoEPqjOcyzxy3MxvRP9E9TViAzd4/fsmdxCovbYHT8lgPdsUG0BHLhbee5Z
FxaTocuOZwTM/0G5pj20sHQhZm9TWh6WCHzfN9i7qSeM6XfgnSUjOiIRYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH25ekQOtaM1r4NiJUstso3cNF0sMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvZmJsNlJBNjFveld2ZzJJbFN5MnlqZHcwWFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHJeMA0G
CSqGSIb3DQEBCwUAA4IBAQBqzxpJfgtD+EerIxq0chPHhGZI3qDN8S39QHfZfHFZ
0BBnZbkNM/De2LcLIfsr3bwHOwR9U/70MUz/PHNc83JoN5SuW7NS9zIaIZaP/ICE
n4ZP0vtCteLTUQ0wjhoQ4dq3NPUyMS7d+YPpKihfgMvt/6SvVL8PpMzPntMORhuf
X80q0iNdLJ+J0H0zf/ca0l7k3lWa0peWY5pYXN6Gtvq6D1GHhciMmNlPmYODCOub
by5Yw4L3yLexaeviaoZyO93KjQNUOBzriYk40LVgaUDb/tfYOE4whKFdyyiHp++o
cbpdSRq5gqqXKI/suhkC/YpHHMKoXp1/Xxi9zasRCEem
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:04:16 2025 by rpki-client