Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/2e9xTNPTpux0P9k_QW0zt9p36wY.roa
File: 2e9xTNPTpux0P9k_QW0zt9p36wY.roa (raw, json)
Hash identifier: 2nDfyzRurRXSlcD2fnmhV/B/t1tS+t3VzOC/6pttVGc=
Subject key identifier: D9:EF:71:4C:D3:D3:A6:EC:74:3F:D9:3F:41:6D:33:B7:DA:77:EB:06
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 078B6726
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/2e9xTNPTpux0P9k_QW0zt9p36wY.roa
Signing time: Sat 01 Jan 2022 15:00:25 +0000
ROA not before: Sat 01 Jan 2022 15:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212776
IP address blocks: 185.161.67.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126576422 (0x78b6726)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Jan 1 15:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9ef714cd3d3a6ec743fd93f416d33b7da77eb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:40:dd:99:c9:a6:0e:8b:a4:7b:d0:32:af:22:
0d:c6:f9:68:9d:27:72:fc:93:44:ab:21:42:cd:b1:
f5:c5:b8:68:11:36:b4:4a:96:34:0f:53:68:38:7d:
8c:46:49:2d:81:9f:8f:d3:bd:fb:7f:01:9b:3c:c9:
62:cc:d8:5a:86:6c:cd:1f:b2:1b:57:9a:ce:84:11:
12:5b:b7:cf:cf:b5:92:69:80:51:cf:60:e8:10:59:
d4:40:c5:bf:d8:55:e8:63:82:d8:26:8a:c4:11:3a:
83:05:61:96:01:aa:c5:4b:23:15:8f:b9:64:c4:7d:
0f:58:c7:9e:7b:e7:9f:6d:ca:40:e6:02:92:62:16:
b2:59:ed:a1:5c:dc:06:2f:1e:5d:9d:76:db:c3:30:
dd:93:40:f2:44:bc:7c:7a:1a:d5:cc:3d:03:4a:4f:
17:82:8d:27:f2:6a:d6:b6:81:46:2b:ba:dd:40:33:
5e:73:55:af:59:6a:e7:aa:af:e8:d2:82:46:fc:5d:
da:a2:20:ec:b9:c2:fb:a1:b0:2a:57:84:d0:d2:a8:
1f:75:be:5b:80:f4:87:ad:7a:14:8b:1f:e4:c5:c4:
40:23:bb:29:51:67:03:82:58:49:bb:f5:6b:2b:37:
21:3e:c1:8f:0d:75:cb:44:fc:f2:e0:68:00:69:02:
83:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:EF:71:4C:D3:D3:A6:EC:74:3F:D9:3F:41:6D:33:B7:DA:77:EB:06
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/2e9xTNPTpux0P9k_QW0zt9p36wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.67.0/24
Signature Algorithm: sha256WithRSAEncryption
34:36:30:37:73:e4:fb:45:3b:4c:a4:cb:2e:fd:c1:a9:48:a9:
98:73:37:2d:a5:6e:82:c7:cd:7a:64:22:76:ac:a4:ba:1b:3e:
a3:cf:69:70:d8:d9:58:f5:70:cd:9c:68:10:d1:eb:a7:e1:3a:
f3:17:59:bb:ea:ef:64:33:0e:4a:2c:db:37:07:b3:39:7a:65:
6d:08:c4:f6:b9:79:e5:00:d1:61:93:64:45:f2:75:90:5c:c3:
c7:0e:17:ef:7a:7d:35:ae:9f:18:eb:83:fa:01:60:b7:88:11:
3a:e1:1b:3f:82:e1:18:3a:78:a4:d5:ae:0b:71:22:54:48:f1:
25:69:fd:03:af:e0:93:1c:b0:f7:e7:e9:7f:64:c1:f8:dd:10:
09:71:18:93:d5:48:3f:f1:d5:64:58:42:55:63:9b:8e:90:42:
8c:b5:a9:50:ff:5b:5d:43:af:61:49:db:f2:d1:20:36:9b:9e:
83:05:0f:c1:b0:ae:22:71:bf:10:a4:d8:fe:7b:54:32:13:7f:
8a:32:35:61:2e:f8:a5:af:51:c2:1a:d6:0a:df:9f:be:a0:62:
62:20:ac:0f:cc:45:43:5a:a2:d4:6f:93:0b:e2:6f:da:58:b7:
19:bd:c2:57:b2:3e:5b:fe:29:b0:3e:b4:04:e0:da:10:4d:82:
68:a2:54:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB4tnJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTBjM2NmM2RjNTNjYTU0OWMwM2U0ZjVmNDZkOTFjZTkwYjhlMDcwMB4XDTIyMDEw
MTE1MDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDllZjcxNGNkM2Qz
YTZlYzc0M2ZkOTNmNDE2ZDMzYjdkYTc3ZWIwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxA3ZnJpg6LpHvQMq8iDcb5aJ0ncvyTRKshQs2x9cW4aBE2
tEqWNA9TaDh9jEZJLYGfj9O9+38BmzzJYszYWoZszR+yG1eazoQRElu3z8+1kmmA
Uc9g6BBZ1EDFv9hV6GOC2CaKxBE6gwVhlgGqxUsjFY+5ZMR9D1jHnnvnn23KQOYC
kmIWslntoVzcBi8eXZ1228Mw3ZNA8kS8fHoa1cw9A0pPF4KNJ/Jq1raBRiu63UAz
XnNVr1lq56qv6NKCRvxd2qIg7LnC+6GwKleE0NKoH3W+W4D0h616FIsf5MXEQCO7
KVFnA4JYSbv1ays3IT7Bjw11y0T88uBoAGkCg8MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZ73FM09Om7HQ/2T9BbTO32nfrBjAfBgNVHSMEGDAWgBSxDDzz3FPKVJwD
5PX0bZHOkLjgcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NRdzg4OXhUeWxTY0EtVDE5RzJSenBDNDRIQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvMjVjZGI0LWU1MDgtNGIzNy04MWJjLTM2ZjgyYmQzNzliZC8x
LzJlOXhUTlBUcHV4MFA5a19RVzB6dDlwMzZ3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
MjVjZGI0LWU1MDgtNGIzNy04MWJjLTM2ZjgyYmQzNzliZC8xL3NRdzg4OXhUeWxT
Y0EtVDE5RzJSenBDNDRIQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmhQzANBgkqhkiG9w0BAQsFAAOC
AQEANDYwN3Pk+0U7TKTLLv3BqUipmHM3LaVugsfNemQidqykuhs+o89pcNjZWPVw
zZxoENHrp+E68xdZu+rvZDMOSizbNwezOXplbQjE9rl55QDRYZNkRfJ1kFzDxw4X
73p9Na6fGOuD+gFgt4gROuEbP4LhGDp4pNWuC3EiVEjxJWn9A6/gkxyw9+fpf2TB
+N0QCXEYk9VIP/HVZFhCVWObjpBCjLWpUP9bXUOvYUnb8tEgNpuegwUPwbCuInG/
EKTY/ntUMhN/ijI1YS74pa9RwhrWCt+fvqBiYiCsD8xFQ1qi1G+TC+Jv2li3Gb3C
V7I+W/4psD60BODaEE2CaKJUIw==
-----END CERTIFICATE-----
Generated at Sat May 17 03:33:44 2025 by rpki-client