Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/AzibjhA_EyB1Q_8FlCmzEVbPIDU.roa
File: AzibjhA_EyB1Q_8FlCmzEVbPIDU.roa (raw, json)
Hash identifier: vdqCYKaJ/9xC8gabVZBHyiBnlaDYrkmamnRS4tUbufg=
Subject key identifier: 03:38:9B:8E:10:3F:13:20:75:43:FF:05:94:29:B3:11:56:CF:20:35
Certificate issuer: /CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Certificate serial: 01302AEF
Authority key identifier: BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/AzibjhA_EyB1Q_8FlCmzEVbPIDU.roa
Signing time: Sat 02 Apr 2022 10:19:34 +0000
ROA not before: Sat 02 Apr 2022 10:19:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 193.42.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19933935 (0x1302aef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Validity
Not Before: Apr 2 10:19:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03389b8e103f13207543ff059429b31156cf2035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3a:47:59:7b:be:1c:a0:fc:79:55:68:d8:d2:
c8:32:98:d0:29:88:b7:d1:4f:e9:c2:e2:bf:d5:73:
9c:68:a5:8a:e3:46:2f:0e:b3:d6:ff:64:7c:25:0b:
78:f7:30:4f:7b:22:fd:c6:8b:e3:7f:48:bb:ae:c6:
f6:aa:55:54:26:40:29:95:ed:5c:73:7e:db:7c:12:
df:35:ae:df:05:b9:7e:8a:d9:2d:aa:a4:db:25:d2:
92:3a:fe:71:5f:f3:8e:19:e2:c0:58:57:b4:7b:f5:
93:f4:6b:97:27:ef:c9:df:a8:70:66:f2:67:b8:a5:
ea:e3:72:47:1c:95:90:b3:da:1e:cd:14:05:16:36:
b2:d9:a8:d2:9d:84:10:37:c0:d9:c4:89:2d:a4:e2:
15:7b:0a:40:86:90:55:e4:29:a3:b9:2f:75:2f:67:
64:d4:2a:33:12:27:96:25:19:99:6e:c5:44:be:32:
85:fb:14:72:2c:0f:f8:7a:9a:e6:7e:4f:45:98:01:
49:96:92:16:ca:2c:37:4c:d4:e4:2e:61:24:2e:90:
a2:72:35:e0:67:36:47:4c:b4:57:07:ca:c9:19:49:
14:1c:44:96:63:38:39:0b:e6:98:72:fa:ea:7b:92:
7e:07:5d:66:b1:51:f7:17:12:06:05:b7:b2:04:8d:
cc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:38:9B:8E:10:3F:13:20:75:43:FF:05:94:29:B3:11:56:CF:20:35
X509v3 Authority Key Identifier:
keyid:BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/AzibjhA_EyB1Q_8FlCmzEVbPIDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/vkCzwr54Ndeze1gmEC-HRqUZnUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.210.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:d4:71:49:ca:54:bd:18:89:1d:ca:93:56:3d:32:3d:35:5f:
43:6d:77:54:25:7d:b3:00:d9:20:51:08:b2:75:5a:24:4d:64:
42:ae:ae:a2:11:79:b5:79:cf:e4:30:59:c6:20:2d:fe:11:ae:
f6:eb:2b:e2:4c:1e:1c:5b:ee:10:bd:7d:7f:4d:0a:92:9c:06:
63:95:70:6e:b4:be:5a:93:8c:ac:4e:dd:79:6d:5f:b3:1a:e0:
8d:cc:41:44:e3:41:af:9a:a4:0d:be:fe:c6:cf:93:7f:95:15:
99:75:6c:ac:bc:1e:0b:a5:5f:18:4c:7c:78:08:b0:c4:c6:7d:
75:13:31:26:fc:0c:e5:8f:fc:73:a8:a6:cd:eb:73:5f:d5:41:
f4:3d:04:08:82:e5:d7:5a:b5:4b:8e:e4:d4:f8:49:52:c1:f8:
0f:2e:bd:94:74:54:ed:99:86:cb:61:7b:9d:f4:cc:38:9d:41:
86:55:3b:c2:6b:2b:aa:6e:ee:14:86:db:6e:bb:ee:89:15:08:
fb:5b:64:40:79:45:48:b2:17:2e:86:f6:f4:65:46:f5:4b:c7:
8c:34:85:94:e4:97:ea:27:5b:dc:c1:cb:b2:a3:0f:51:cc:43:
a8:c1:40:ee:55:14:ea:16:45:b9:23:05:f8:96:61:aa:76:0d:
a1:6a:3e:96
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATAq7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQwYjNjMmJlNzgzNWQ3YjM3YjU4MjYxMDJmODc0NmE1MTk5ZDQ5MB4XDTIyMDQw
MjEwMTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDMzODliOGUxMDNm
MTMyMDc1NDNmZjA1OTQyOWIzMTE1NmNmMjAzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ86R1l7vhyg/HlVaNjSyDKY0CmIt9FP6cLiv9VznGiliuNG
Lw6z1v9kfCULePcwT3si/caL439Iu67G9qpVVCZAKZXtXHN+23wS3zWu3wW5forZ
Laqk2yXSkjr+cV/zjhniwFhXtHv1k/Rrlyfvyd+ocGbyZ7il6uNyRxyVkLPaHs0U
BRY2stmo0p2EEDfA2cSJLaTiFXsKQIaQVeQpo7kvdS9nZNQqMxInliUZmW7FRL4y
hfsUciwP+Hqa5n5PRZgBSZaSFsosN0zU5C5hJC6QonI14Gc2R0y0VwfKyRlJFBxE
lmM4OQvmmHL66nuSfgddZrFR9xcSBgW3sgSNzCMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQDOJuOED8TIHVD/wWUKbMRVs8gNTAfBgNVHSMEGDAWgBS+QLPCvng117N7
WCYQL4dGpRmdSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZrQ3p3cjU0TmRlemUxZ21FQy1IUnFVWm5Vay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvYzcxNjM2LWVkZDgtNGQxMS04NWU4LWI4MzRmYWY2YWNlZC8x
L0F6aWJqaEFfRXlCMVFfOEZsQ216RVZiUElEVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
YzcxNjM2LWVkZDgtNGQxMS04NWU4LWI4MzRmYWY2YWNlZC8xL3ZrQ3p3cjU0TmRl
emUxZ21FQy1IUnFVWm5Vay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEq0jANBgkqhkiG9w0BAQsFAAOC
AQEAm9RxScpUvRiJHcqTVj0yPTVfQ213VCV9swDZIFEIsnVaJE1kQq6uohF5tXnP
5DBZxiAt/hGu9usr4kweHFvuEL19f00KkpwGY5VwbrS+WpOMrE7deW1fsxrgjcxB
RONBr5qkDb7+xs+Tf5UVmXVsrLweC6VfGEx8eAiwxMZ9dRMxJvwM5Y/8c6imzetz
X9VB9D0ECILl11q1S47k1PhJUsH4Dy69lHRU7ZmGy2F7nfTMOJ1BhlU7wmsrqm7u
FIbbbrvuiRUI+1tkQHlFSLIXLob29GVG9UvHjDSFlOSX6idb3MHLsqMPUcxDqMFA
7lUU6hZFuSMF+JZhqnYNoWo+lg==
-----END CERTIFICATE-----
Generated at Sun May 11 14:17:14 2025 by rpki-client