Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/LAtUckwCef6V8eHVaiO38ujOJVE.roa
File: LAtUckwCef6V8eHVaiO38ujOJVE.roa (raw, json)
Hash identifier: dlEPTunOtN5a3vUETtVLiJoJkwrTrha6SlROypdQd6Y=
Subject key identifier: 2C:0B:54:72:4C:02:79:FE:95:F1:E1:D5:6A:23:B7:F2:E8:CE:25:51
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 019422FC2A1CE11EAA6AE6492547B992EDE2
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/LAtUckwCef6V8eHVaiO38ujOJVE.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51824
IP address blocks: 192.162.196.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2a:1c:e1:1e:aa:6a:e6:49:25:47:b9:92:ed:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c0b54724c0279fe95f1e1d56a23b7f2e8ce2551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:32:da:82:04:a4:c7:de:12:bb:48:58:1b:de:
43:df:b9:39:58:f2:34:3d:30:06:86:18:c3:c6:eb:
ce:9c:0d:07:a6:2e:e4:8b:a2:9e:ca:c8:ab:a0:0d:
28:b8:20:99:43:ac:dd:81:9f:29:08:f8:58:ef:10:
c3:4d:90:7e:3a:4f:6a:82:4b:14:89:5e:6e:1a:08:
d9:a9:53:d2:21:dc:ed:0b:67:f4:d0:18:42:27:86:
d1:19:c9:48:fb:bb:ca:2e:ef:7c:ff:f4:68:e8:cc:
b8:93:f8:6e:70:aa:24:ae:4b:ff:3c:d0:f7:a1:10:
8f:13:d4:48:48:32:d5:64:f0:02:5f:d8:7d:48:1a:
bf:29:f6:53:61:2c:90:17:e6:e7:32:dc:bb:10:70:
a4:0e:e3:b9:ad:a5:0b:bf:89:b7:eb:11:cf:16:56:
e4:34:53:34:90:7f:16:8d:51:60:ad:12:f0:07:6d:
99:6b:03:b5:08:85:80:31:60:30:fa:88:34:66:0c:
a9:dc:0d:d6:6f:ee:e0:dc:de:38:56:95:7b:2f:26:
8e:8b:29:76:75:1d:80:5c:ed:73:67:8d:5f:f7:b1:
9b:6b:1a:4f:0d:fe:13:8d:51:c8:ae:5b:27:15:b5:
46:bc:19:6b:8a:ba:ea:6d:ca:c7:aa:bc:be:a3:79:
17:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0B:54:72:4C:02:79:FE:95:F1:E1:D5:6A:23:B7:F2:E8:CE:25:51
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/LAtUckwCef6V8eHVaiO38ujOJVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.196.0/23
Signature Algorithm: sha256WithRSAEncryption
76:5f:6b:5c:21:b5:bc:09:04:e0:d0:4f:c0:85:16:84:2d:13:
5c:98:a2:e7:70:b4:ce:a1:dd:bd:c7:da:eb:13:8c:d3:7f:66:
85:d2:a7:46:b3:e5:ed:3d:3a:ec:22:9d:01:10:2d:3a:03:ac:
84:2b:3f:76:06:4c:1e:12:a8:2b:0b:b6:86:9e:f7:5e:d1:ca:
9d:26:b8:ae:76:ab:fc:bd:e7:0c:51:c8:b7:46:9e:9b:76:6b:
3c:81:15:af:78:68:45:18:2f:a9:8f:bb:17:28:5d:ad:a0:48:
31:24:3b:6d:c6:2c:97:fd:94:10:e8:8d:ab:46:84:7e:0f:ba:
4a:5d:45:ca:69:71:23:df:6e:4a:96:c7:83:a4:3c:63:f8:3a:
e6:ff:47:cc:57:f6:25:3a:c8:c7:1f:4c:2a:8d:b7:b3:c4:65:
17:8e:22:ff:2d:76:8a:c1:4b:63:bb:5e:86:a9:7c:94:43:dc:
82:cb:d5:b2:74:bf:2d:fe:dc:df:81:1a:dd:d3:ec:94:a6:15:
1e:ab:20:8e:f2:9c:e2:62:02:f9:61:2f:cc:5c:7a:6a:e9:97:
28:06:b5:36:6b:e5:7e:19:f5:56:31:93:e4:9a:7d:e7:a4:81:
c9:7d:7e:c2:70:32:48:ff:63:25:b2:c3:1b:55:5f:c3:05:67:
9f:93:f1:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/Coc4R6qauZJJUe5ku3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzBiNTQ3MjRjMDI3OWZlOTVmMWUxZDU2YTIzYjdmMmU4Y2UyNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TLaggSkx94Su0hYG95D37k5WPI0
PTAGhhjDxuvOnA0Hpi7ki6KeysiroA0ouCCZQ6zdgZ8pCPhY7xDDTZB+Ok9qgksU
iV5uGgjZqVPSIdztC2f00BhCJ4bRGclI+7vKLu98//Ro6My4k/hucKokrkv/PND3
oRCPE9RISDLVZPACX9h9SBq/KfZTYSyQF+bnMty7EHCkDuO5raULv4m36xHPFlbk
NFM0kH8WjVFgrRLwB22ZawO1CIWAMWAw+og0Zgyp3A3Wb+7g3N44VpV7LyaOiyl2
dR2AXO1zZ41f97GbaxpPDf4TjVHIrlsnFbVGvBlrirrqbcrHqry+o3kXawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCwLVHJMAnn+lfHh1Wojt/LoziVRMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvTEF0VWNrd0NlZjZWOGVIVmFpTzM4dWpPSlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwKLEMA0G
CSqGSIb3DQEBCwUAA4IBAQB2X2tcIbW8CQTg0E/AhRaELRNcmKLncLTOod29x9rr
E4zTf2aF0qdGs+XtPTrsIp0BEC06A6yEKz92BkweEqgrC7aGnvde0cqdJriudqv8
vecMUci3Rp6bdms8gRWveGhFGC+pj7sXKF2toEgxJDttxiyX/ZQQ6I2rRoR+D7pK
XUXKaXEj325KlseDpDxj+Drm/0fMV/YlOsjHH0wqjbezxGUXjiL/LXaKwUtju16G
qXyUQ9yCy9WydL8t/tzfgRrd0+yUphUeqyCO8pziYgL5YS/MXHpq6ZcoBrU2a+V+
GfVWMZPkmn3npIHJfX7CcDJI/2MlssMbVV/DBWefk/HQ
-----END CERTIFICATE-----
Generated at Mon May 12 03:19:52 2025 by rpki-client