Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/Suj-27Bo7vX-qgnyfBLe674WxBk.roa
File: Suj-27Bo7vX-qgnyfBLe674WxBk.roa (raw, json)
Hash identifier: MUHgH3f3YA3RxrlqC8YY+CjpGUa/uZmm4CrrLzfGuG8=
Subject key identifier: 4A:E8:FE:DB:B0:68:EE:F5:FE:AA:09:F2:7C:12:DE:EB:BE:16:C4:19
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 0194221F48D329EF5D229DCD5844A086427E
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/Suj-27Bo7vX-qgnyfBLe674WxBk.roa
Signing time: Wed 01 Jan 2025 13:47:43 +0000
ROA not before: Wed 01 Jan 2025 13:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12888
IP address blocks: 195.27.162.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:48:d3:29:ef:5d:22:9d:cd:58:44:a0:86:42:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Jan 1 13:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ae8fedbb068eef5feaa09f27c12deebbe16c419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d2:9e:5a:5f:51:ac:08:28:87:8f:4a:70:6f:
9a:22:cf:54:98:7d:50:7b:9a:0b:2e:72:06:71:9b:
f8:95:f8:87:36:73:9c:67:dc:ad:23:d7:b9:e3:59:
47:fb:9a:0a:3e:63:41:6b:fc:6f:a3:55:ce:5a:7e:
06:b9:40:6f:38:57:b2:e7:8e:34:57:d2:2e:c4:d4:
38:03:02:28:2f:8c:85:4c:d6:e4:a6:87:72:22:4e:
09:64:60:e2:ba:a2:e1:55:f4:05:e1:38:47:88:93:
42:74:00:54:e6:a7:b4:98:53:d8:f7:1b:c6:d8:87:
8c:9f:e7:0a:45:5f:5f:21:c3:55:d4:b0:70:1d:7c:
87:ff:41:ac:0f:48:68:3d:47:68:ab:ae:65:cd:83:
a4:6e:a3:f9:86:21:c7:27:ff:0e:5d:a9:cb:03:66:
f4:8f:5f:da:fe:e2:74:b5:4f:0c:59:78:40:80:4f:
ae:84:df:e6:99:24:fa:79:df:2b:f3:1e:9f:e3:c3:
91:b3:7e:cb:42:5d:47:33:2e:9d:a1:a2:25:97:eb:
1d:8f:03:e7:dd:32:ae:b8:23:fe:ba:53:6b:7c:5b:
40:d1:22:97:5b:3e:a0:ce:8e:d4:43:2a:54:49:b4:
30:51:57:cb:22:13:ab:0e:6c:fa:e6:49:2f:be:e3:
df:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E8:FE:DB:B0:68:EE:F5:FE:AA:09:F2:7C:12:DE:EB:BE:16:C4:19
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/Suj-27Bo7vX-qgnyfBLe674WxBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.27.162.0/23
Signature Algorithm: sha256WithRSAEncryption
95:85:94:a6:c7:06:74:51:65:e3:df:5f:aa:13:24:32:d3:79:
53:d6:74:9e:91:62:02:74:43:63:2f:c3:84:16:43:ec:81:60:
06:50:7c:f0:9a:b9:ca:aa:fb:69:3f:25:bc:6d:1f:f6:79:b3:
28:8d:12:06:76:c4:88:af:f2:30:02:41:dd:8b:d1:7f:10:a2:
e5:73:3f:85:a8:7f:69:5e:94:0a:49:ce:28:cc:94:b5:50:44:
57:29:ae:1e:16:82:4f:7f:f4:d8:f6:f6:11:7f:36:22:45:5c:
dd:66:3b:63:04:35:dc:3e:90:b7:f4:9f:1e:37:c2:f2:7b:f3:
f8:bf:5e:a5:cd:e4:c6:f0:64:ba:8d:66:be:04:ed:c5:e7:52:
fe:ad:2c:c3:b3:c7:5f:8f:38:f2:90:ca:75:49:b8:6a:65:c1:
42:b3:0a:35:80:ba:4b:f4:8b:16:41:a2:8d:5f:dd:94:1c:29:
d5:b4:20:8f:17:11:04:33:9e:41:1c:79:09:64:02:00:64:29:
9b:00:05:1b:2c:55:e1:59:a3:2c:62:7c:62:07:84:64:28:6d:
ae:74:65:b2:2b:6a:1f:b0:0f:53:93:a5:b3:db:5a:57:bf:ee:
d3:c5:7e:a0:27:a9:27:3f:8b:10:87:41:a2:4c:69:c6:f9:c5:
44:80:f8:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH0jTKe9dIp3NWESghkJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjUwMTAxMTM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU4ZmVkYmIwNjhlZWY1ZmVhYTA5ZjI3YzEyZGVlYmJlMTZjNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdKeWl9RrAgoh49KcG+aIs9UmH1Q
e5oLLnIGcZv4lfiHNnOcZ9ytI9e541lH+5oKPmNBa/xvo1XOWn4GuUBvOFey5440
V9IuxNQ4AwIoL4yFTNbkpodyIk4JZGDiuqLhVfQF4ThHiJNCdABU5qe0mFPY9xvG
2IeMn+cKRV9fIcNV1LBwHXyH/0GsD0hoPUdoq65lzYOkbqP5hiHHJ/8OXanLA2b0
j1/a/uJ0tU8MWXhAgE+uhN/mmST6ed8r8x6f48ORs37LQl1HMy6doaIll+sdjwPn
3TKuuCP+ulNrfFtA0SKXWz6gzo7UQypUSbQwUVfLIhOrDmz65kkvvuPfAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEro/tuwaO71/qoJ8nwS3uu+FsQZMB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvU3VqLTI3Qm83dlgtcWdueWZCTGU2NzRXeEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwxuiMA0G
CSqGSIb3DQEBCwUAA4IBAQCVhZSmxwZ0UWXj31+qEyQy03lT1nSekWICdENjL8OE
FkPsgWAGUHzwmrnKqvtpPyW8bR/2ebMojRIGdsSIr/IwAkHdi9F/EKLlcz+FqH9p
XpQKSc4ozJS1UERXKa4eFoJPf/TY9vYRfzYiRVzdZjtjBDXcPpC39J8eN8Lye/P4
v16lzeTG8GS6jWa+BO3F51L+rSzDs8dfjzjykMp1SbhqZcFCswo1gLpL9IsWQaKN
X92UHCnVtCCPFxEEM55BHHkJZAIAZCmbAAUbLFXhWaMsYnxiB4RkKG2udGWyK2of
sA9Tk6Wz21pXv+7TxX6gJ6knP4sQh0GiTGnG+cVEgPiZ
-----END CERTIFICATE-----
Generated at Mon May 12 21:52:12 2025 by rpki-client