Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/bZvBvQjn0R5uBRI1kgl6Og2IZ8A.roa
File: bZvBvQjn0R5uBRI1kgl6Og2IZ8A.roa (raw, json)
Hash identifier: KPB5Wt0QeCTKBAhc/dw4qdccEPfEF108Ps7+i5X4JVM=
Subject key identifier: 6D:9B:C1:BD:08:E7:D1:1E:6E:05:12:35:92:09:7A:3A:0D:88:67:C0
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 0194221F496AC8F130E88C2943355DDD3371
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/bZvBvQjn0R5uBRI1kgl6Og2IZ8A.roa
Signing time: Wed 01 Jan 2025 13:47:43 +0000
ROA not before: Wed 01 Jan 2025 13:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51318
IP address blocks: 195.89.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:49:6a:c8:f1:30:e8:8c:29:43:35:5d:dd:33:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Jan 1 13:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d9bc1bd08e7d11e6e05123592097a3a0d8867c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:98:1d:0a:d8:80:c8:90:b5:a7:f6:48:f9:c2:
93:5c:77:dd:9c:b8:f4:af:2f:f0:fb:1d:fe:fd:0e:
19:16:e7:30:86:0b:0e:cc:bf:7e:c1:92:84:6f:ad:
d2:04:33:9a:b7:31:a7:e7:34:39:52:27:24:b2:de:
66:64:45:e8:7c:4e:44:1e:d8:61:21:48:8a:18:c6:
7a:c3:e0:40:96:b6:6b:c8:7c:f3:98:cb:d9:88:8e:
a7:b3:bc:bb:75:70:b0:f0:80:4c:48:26:28:79:39:
6f:c6:28:d2:2b:e3:1b:c3:62:18:25:3e:e8:0e:9a:
36:2c:5c:bd:99:20:8b:6d:e7:bb:55:ef:bc:b8:59:
e2:fa:74:91:72:8d:34:b6:46:97:7c:fe:ad:43:af:
50:d1:84:f5:c4:c9:18:c3:b8:ae:54:e3:79:26:fd:
41:ea:48:57:1b:ca:fd:6f:a6:16:68:e7:f5:95:91:
3a:53:e1:8f:4c:6a:18:07:c0:ec:ee:23:c3:4b:ef:
05:b8:58:1f:42:7a:06:b4:93:dd:ae:ea:9d:bf:bd:
61:c1:de:49:37:9a:41:1b:3f:f2:80:2d:d2:43:a2:
d7:77:ff:e4:63:3a:60:b2:4b:d9:c0:b1:f1:a1:79:
c7:e2:39:c3:1b:1a:3d:61:59:f4:9e:7d:dc:02:32:
5d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9B:C1:BD:08:E7:D1:1E:6E:05:12:35:92:09:7A:3A:0D:88:67:C0
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/bZvBvQjn0R5uBRI1kgl6Og2IZ8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.89.13.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:01:7e:13:30:be:d9:45:00:3e:ab:f8:b3:0a:83:8d:8a:22:
23:f6:91:bf:d6:42:bf:d6:e3:92:7d:da:4d:33:9b:74:5a:75:
ea:f5:a0:78:f5:36:75:b5:59:f3:bd:b3:aa:1c:3a:e2:51:60:
0e:46:bd:6b:f1:35:aa:b8:15:67:15:ba:22:80:9e:97:c3:b7:
e5:1c:c8:08:0a:bd:6f:b8:b8:7a:dd:36:87:11:33:59:e8:a4:
35:e2:e1:41:09:fa:7c:9a:9d:c2:35:ce:f2:16:1e:b9:90:93:
89:83:32:7b:8c:c7:6c:cb:7e:e3:af:98:d2:f1:60:b4:6f:ba:
d6:d8:2a:7c:c8:9b:ae:33:c0:ed:f9:ee:f8:5c:ec:a9:35:2b:
f8:ea:23:88:81:51:2f:7e:e4:07:c3:45:3a:db:f5:05:e7:d5:
60:87:ed:05:94:1c:db:46:f9:c6:1a:a5:d1:35:dc:b7:16:6f:
d2:37:6a:32:50:c6:34:31:e4:99:c0:b9:7d:2a:f4:ad:a7:b3:
32:44:d8:ec:4b:51:06:c4:0c:bf:7c:41:36:1c:48:6b:bf:18:
ea:e2:3e:19:61:77:e9:86:36:bf:bd:49:b5:d3:ea:1f:0d:6b:
db:39:d5:2e:e0:38:4d:0d:00:17:56:5c:a9:b1:4c:b1:ac:77:
9f:b1:b2:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH0lqyPEw6IwpQzVd3TNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjUwMTAxMTM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDliYzFiZDA4ZTdkMTFlNmUwNTEyMzU5MjA5N2EzYTBkODg2N2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZgdCtiAyJC1p/ZI+cKTXHfdnLj0
ry/w+x3+/Q4ZFucwhgsOzL9+wZKEb63SBDOatzGn5zQ5Uickst5mZEXofE5EHthh
IUiKGMZ6w+BAlrZryHzzmMvZiI6ns7y7dXCw8IBMSCYoeTlvxijSK+Mbw2IYJT7o
Dpo2LFy9mSCLbee7Ve+8uFni+nSRco00tkaXfP6tQ69Q0YT1xMkYw7iuVON5Jv1B
6khXG8r9b6YWaOf1lZE6U+GPTGoYB8Ds7iPDS+8FuFgfQnoGtJPdruqdv71hwd5J
N5pBGz/ygC3SQ6LXd//kYzpgskvZwLHxoXnH4jnDGxo9YVn0nn3cAjJdrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2bwb0I59EebgUSNZIJejoNiGfAMB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvYlp2QnZRam4wUjV1QlJJMWtnbDZPZzJJWjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1kNMA0G
CSqGSIb3DQEBCwUAA4IBAQArAX4TML7ZRQA+q/izCoONiiIj9pG/1kK/1uOSfdpN
M5t0WnXq9aB49TZ1tVnzvbOqHDriUWAORr1r8TWquBVnFboigJ6Xw7flHMgICr1v
uLh63TaHETNZ6KQ14uFBCfp8mp3CNc7yFh65kJOJgzJ7jMdsy37jr5jS8WC0b7rW
2Cp8yJuuM8Dt+e74XOypNSv46iOIgVEvfuQHw0U62/UF59Vgh+0FlBzbRvnGGqXR
Ndy3Fm/SN2oyUMY0MeSZwLl9KvStp7MyRNjsS1EGxAy/fEE2HEhrvxjq4j4ZYXfp
hja/vUm10+ofDWvbOdUu4DhNDQAXVlypsUyxrHefsbJm
-----END CERTIFICATE-----
Generated at Sat May 10 21:14:08 2025 by rpki-client