Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/cwQH876OV_JiQmOWb2cIro-0Gbs.roa
File: cwQH876OV_JiQmOWb2cIro-0Gbs.roa (raw, json)
Hash identifier: M0SA8Z+O8U6w8xnbyGfMkFXyyFcos8UcO9JVD1fcMSU=
Subject key identifier: 73:04:07:F3:BE:8E:57:F2:62:42:63:96:6F:67:08:AE:8F:B4:19:BB
Certificate issuer: /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial: 0194D7D68204B45D208405B4B055459E2BEC
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/cwQH876OV_JiQmOWb2cIro-0Gbs.roa
Signing time: Wed 05 Feb 2025 20:39:06 +0000
ROA not before: Wed 05 Feb 2025 20:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209369
IP address blocks: 77.78.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:d6:82:04:b4:5d:20:84:05:b4:b0:55:45:9e:2b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Validity
Not Before: Feb 5 20:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=730407f3be8e57f2624263966f6708ae8fb419bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d6:7c:e7:10:e3:6c:5a:fa:63:56:4b:20:5e:
01:5d:1e:e7:52:40:a4:6c:5c:a6:46:b3:39:38:c8:
40:2b:b8:2a:41:dc:c6:4b:97:25:95:f4:fb:01:6b:
79:d8:7d:fd:bd:28:43:a6:5e:43:c1:ef:5b:08:9b:
14:62:82:f3:ec:ef:8a:90:84:a6:0e:2b:2d:e8:ef:
88:ca:11:53:44:17:c2:c0:5f:59:e4:8b:4e:49:47:
8f:4b:f8:a4:46:e4:95:d0:9e:cd:53:71:14:3a:77:
25:45:bc:24:38:92:5c:1a:b2:75:78:d1:78:7b:27:
62:02:f7:e8:a3:f2:f9:89:af:36:d5:d8:80:29:47:
31:12:49:1f:b8:70:01:e6:81:58:03:8a:79:7b:a7:
38:44:34:5c:e7:ee:84:48:e8:ac:48:24:9d:55:fd:
f6:ff:d9:ac:f1:b3:c6:18:c5:cd:d4:86:db:70:cb:
34:e7:9a:7f:a6:1b:91:8d:f1:c4:a8:08:c8:42:1a:
0f:f9:de:8b:95:f7:d5:1e:47:9e:20:48:0a:80:33:
85:24:3c:46:be:74:cd:7f:7c:cc:0b:34:f3:24:73:
4a:42:a4:63:af:61:e4:72:5d:5a:bc:dd:78:29:f4:
5a:67:f8:13:b5:5e:ff:65:ac:44:ab:da:8f:45:52:
5d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:04:07:F3:BE:8E:57:F2:62:42:63:96:6F:67:08:AE:8F:B4:19:BB
X509v3 Authority Key Identifier:
keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/cwQH876OV_JiQmOWb2cIro-0Gbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.90.0/24
Signature Algorithm: sha256WithRSAEncryption
37:c3:36:c3:2a:35:41:26:45:ee:f4:be:87:6d:02:47:1a:f5:
15:03:af:8a:b5:c4:59:e7:08:6f:39:b3:5b:ed:60:27:5b:ba:
bb:cb:5e:af:0d:cc:a6:47:ff:fa:d0:cd:60:cf:26:1c:44:1a:
0f:7b:65:72:d2:07:58:2d:0a:d6:56:37:32:ef:44:96:fb:9b:
ad:6c:2d:47:80:4a:f1:b8:52:c4:77:8f:65:35:2b:e9:1d:f6:
4f:9a:d3:8e:d8:2e:13:4d:68:ac:16:0b:3b:dd:ef:85:29:d0:
b3:b4:ac:eb:ed:a0:cc:00:15:f6:97:8f:3d:e9:c5:54:92:12:
cd:bf:44:5f:f2:92:09:a8:83:13:53:3f:e5:7c:a1:e8:25:39:
a0:dc:a2:3f:7b:94:71:13:d6:0a:f4:92:b9:3d:dd:a5:5c:b0:
99:c8:0a:ba:e6:05:63:63:3f:57:c4:3e:c2:9d:da:d4:9d:72:
c6:8c:df:8d:c5:39:58:23:a4:1c:ec:8b:e1:67:87:66:4c:b4:
55:f3:78:50:4e:77:fd:da:3e:84:39:80:82:42:45:4b:bd:c2:
06:0d:3d:06:d9:a1:f4:d8:81:28:c2:23:ea:73:9b:c2:1d:d2:
5b:46:61:0e:60:db:03:b7:e0:ee:c5:38:3a:75:4d:f9:a2:2a:
af:fd:c2:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTX1oIEtF0ghAW0sFVFnivsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNl
YjhmZmQwHhcNMjUwMjA1MjAzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzA0MDdmM2JlOGU1N2YyNjI0MjYzOTY2ZjY3MDhhZThmYjQxOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9Z85xDjbFr6Y1ZLIF4BXR7nUkCk
bFymRrM5OMhAK7gqQdzGS5cllfT7AWt52H39vShDpl5Dwe9bCJsUYoLz7O+KkISm
Dist6O+IyhFTRBfCwF9Z5ItOSUePS/ikRuSV0J7NU3EUOnclRbwkOJJcGrJ1eNF4
eydiAvfoo/L5ia821diAKUcxEkkfuHAB5oFYA4p5e6c4RDRc5+6ESOisSCSdVf32
/9ms8bPGGMXN1IbbcMs055p/phuRjfHEqAjIQhoP+d6LlffVHkeeIEgKgDOFJDxG
vnTNf3zMCzTzJHNKQqRjr2Hkcl1avN14KfRaZ/gTtV7/ZaxEq9qPRVJdzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMEB/O+jlfyYkJjlm9nCK6PtBm7MB8GA1UdIwQY
MBaAFIGBI4W4LdoP1IJqu3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEt
ZGEyZWM4Y2ZiODg4LzEvY3dRSDg3Nk9WX0ppUW1PV2IyY0lyby0wR2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4
LzEvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATU5aMA0G
CSqGSIb3DQEBCwUAA4IBAQA3wzbDKjVBJkXu9L6HbQJHGvUVA6+KtcRZ5whvObNb
7WAnW7q7y16vDcymR//60M1gzyYcRBoPe2Vy0gdYLQrWVjcy70SW+5utbC1HgErx
uFLEd49lNSvpHfZPmtOO2C4TTWisFgs73e+FKdCztKzr7aDMABX2l4896cVUkhLN
v0Rf8pIJqIMTUz/lfKHoJTmg3KI/e5RxE9YK9JK5Pd2lXLCZyAq65gVjYz9XxD7C
ndrUnXLGjN+NxTlYI6Qc7IvhZ4dmTLRV83hQTnf92j6EOYCCQkVLvcIGDT0G2aH0
2IEowiPqc5vCHdJbRmEOYNsDt+DuxTg6dU35oiqv/cI6
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:59:14 2025 by rpki-client