Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Hoabeyq_yeNE8m8axG6iQq_k_l4.roa
File: Hoabeyq_yeNE8m8axG6iQq_k_l4.roa (raw, json)
Hash identifier: 9lvbQLTYMOlRynWF9NKkmw/HZhMkPKLWt8L1HeMmC74=
Subject key identifier: 1E:86:9B:7B:2A:BF:C9:E3:44:F2:6F:1A:C4:6E:A2:42:AF:E4:FE:5E
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018FD40F0F02A6DB658752CC6D7DEB1FFAEF
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Hoabeyq_yeNE8m8axG6iQq_k_l4.roa
Signing time: Sat 01 Jun 2024 13:48:27 +0000
ROA not before: Sat 01 Jun 2024 13:48:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 217.60.248.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:0f:0f:02:a6:db:65:87:52:cc:6d:7d:eb:1f:fa:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jun 1 13:48:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e869b7b2abfc9e344f26f1ac46ea242afe4fe5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b2:af:c2:19:ac:37:af:56:2e:1a:08:f9:8d:
33:fd:89:8e:9f:cc:7e:29:05:1f:d9:cc:ad:83:67:
83:bc:8d:0d:ee:9b:94:4a:1e:f3:ed:79:ce:2f:84:
68:b8:9e:86:08:76:2b:66:f2:b1:3c:74:92:92:6d:
ca:6f:95:41:98:56:d9:60:fb:d3:d8:1b:5c:51:45:
61:d8:df:ad:53:be:d5:9a:d1:be:34:6f:08:ae:0a:
bf:9e:bf:ed:88:0d:41:fd:82:10:65:a9:58:fc:e6:
e5:cc:54:fd:a5:07:50:e0:49:eb:ef:46:17:a6:4d:
95:b1:c7:30:39:fc:ef:fd:2c:41:12:96:a2:93:39:
cc:71:5b:53:92:32:f3:6f:a1:59:94:36:73:c6:f8:
43:7e:8b:f6:38:ef:aa:e3:a4:69:d8:cf:fd:fd:6e:
2e:0d:9e:84:af:bf:50:17:df:22:95:ed:d2:38:26:
cd:30:c3:88:18:b0:1f:67:ce:95:c2:a7:bc:a3:f7:
40:34:d5:03:05:15:39:91:f1:8e:e6:7b:54:27:cc:
a6:11:40:8d:8c:96:ac:d7:ec:b1:19:e5:03:33:d6:
e0:e4:00:1b:f9:58:89:97:7a:84:bc:59:99:99:0e:
f2:30:f9:e8:9a:a5:85:18:30:d0:d9:4c:99:1b:73:
37:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:86:9B:7B:2A:BF:C9:E3:44:F2:6F:1A:C4:6E:A2:42:AF:E4:FE:5E
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Hoabeyq_yeNE8m8axG6iQq_k_l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.248.0/24
Signature Algorithm: sha256WithRSAEncryption
75:35:3f:3b:4d:55:42:bb:1e:08:26:e5:3e:0c:2d:4f:56:f4:
48:20:84:45:23:53:90:26:25:1a:1b:5a:cf:9f:35:1c:3d:f0:
84:1c:2c:00:12:84:b6:3b:5f:1c:5f:4c:ea:7c:ee:14:d4:34:
c6:e4:0b:6d:77:d4:2f:0b:9e:e8:39:cb:7d:f6:52:66:44:b3:
e7:3c:81:90:ad:b0:92:9a:cb:b3:32:d8:05:8a:50:a4:e2:84:
59:41:93:12:24:04:08:f0:47:c1:90:68:4d:6d:3b:b3:bd:18:
7c:61:15:ce:bf:03:d3:f5:46:8b:c4:d9:57:49:97:59:1b:f9:
aa:7c:b1:ed:c7:95:39:9b:43:9e:d0:2a:d5:65:ab:a9:51:7d:
c8:1e:db:18:d6:11:10:fe:14:87:71:f6:16:4a:18:94:73:6e:
c4:89:d0:c8:25:30:64:5d:ca:07:39:53:5b:41:a7:4b:0c:7e:
e5:17:d8:16:8b:f2:1d:13:e2:ae:7f:40:8f:a7:0b:d2:e4:ff:
6d:8a:ce:3a:c7:4f:6a:82:99:51:3f:e9:61:a6:97:7d:4a:ac:
7f:3e:5d:42:0c:89:42:be:59:8e:98:af:a5:30:2a:cf:9a:f9:
7d:11:a0:72:45:2a:05:ee:51:1b:cd:75:6c:29:eb:3d:5f:47:
28:dd:8c:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/UDw8Cpttlh1LMbX3rH/rvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNjAxMTM0ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTg2OWI3YjJhYmZjOWUzNDRmMjZmMWFjNDZlYTI0MmFmZTRmZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrKvwhmsN69WLhoI+Y0z/YmOn8x+
KQUf2cytg2eDvI0N7puUSh7z7XnOL4RouJ6GCHYrZvKxPHSSkm3Kb5VBmFbZYPvT
2BtcUUVh2N+tU77VmtG+NG8Irgq/nr/tiA1B/YIQZalY/OblzFT9pQdQ4Enr70YX
pk2VsccwOfzv/SxBEpaikznMcVtTkjLzb6FZlDZzxvhDfov2OO+q46Rp2M/9/W4u
DZ6Er79QF98ile3SOCbNMMOIGLAfZ86Vwqe8o/dANNUDBRU5kfGO5ntUJ8ymEUCN
jJas1+yxGeUDM9bg5AAb+ViJl3qEvFmZmQ7yMPnomqWFGDDQ2UyZG3M3pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6Gm3sqv8njRPJvGsRuokKv5P5eMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvSG9hYmV5cV95ZU5FOG04YXhHNmlRcV9rX2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Tz4MA0G
CSqGSIb3DQEBCwUAA4IBAQB1NT87TVVCux4IJuU+DC1PVvRIIIRFI1OQJiUaG1rP
nzUcPfCEHCwAEoS2O18cX0zqfO4U1DTG5Attd9QvC57oOct99lJmRLPnPIGQrbCS
msuzMtgFilCk4oRZQZMSJAQI8EfBkGhNbTuzvRh8YRXOvwPT9UaLxNlXSZdZG/mq
fLHtx5U5m0Oe0CrVZaupUX3IHtsY1hEQ/hSHcfYWShiUc27EidDIJTBkXcoHOVNb
QadLDH7lF9gWi/IdE+Kuf0CPpwvS5P9tis46x09qgplRP+lhppd9Sqx/Pl1CDIlC
vlmOmK+lMCrPmvl9EaByRSoF7lEbzXVsKes9X0co3Yz1
-----END CERTIFICATE-----
Generated at Sun May 11 17:12:59 2025 by rpki-client