Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/5bb1d0-634e-46fc-a75a-0c9aa6696b49/1/b1mCOo92tB-h8Wqzu8EYigjVZ-w.roa
File: b1mCOo92tB-h8Wqzu8EYigjVZ-w.roa (raw, json)
Hash identifier: 1Qi5rrXsx5SkuzMVZHeDYw/l2Rd/ww2oXlwVFzdjT5k=
Subject key identifier: 6F:59:82:3A:8F:76:B4:1F:A1:F1:6A:B3:BB:C1:18:8A:08:D5:67:EC
Certificate issuer: /CN=e5c78fa1993d4512fe2436b8ceda8bfc929d657d
Certificate serial: 01897EDC325580A84D4788879C5C64C9A68D
Authority key identifier: E5:C7:8F:A1:99:3D:45:12:FE:24:36:B8:CE:DA:8B:FC:92:9D:65:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cePoZk9RRL-JDa4ztqL_JKdZX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/5bb1d0-634e-46fc-a75a-0c9aa6696b49/1/b1mCOo92tB-h8Wqzu8EYigjVZ-w.roa
Signing time: Sat 22 Jul 2023 18:28:27 +0000
ROA not before: Sat 22 Jul 2023 18:28:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 185.164.163.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7e:dc:32:55:80:a8:4d:47:88:87:9c:5c:64:c9:a6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c78fa1993d4512fe2436b8ceda8bfc929d657d
Validity
Not Before: Jul 22 18:28:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f59823a8f76b41fa1f16ab3bbc1188a08d567ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ec:f2:8e:35:30:69:01:b3:59:36:23:a5:37:
43:15:5d:bc:f6:fb:b9:ce:10:a7:e4:b1:1f:43:80:
12:80:49:9e:33:4b:db:10:5d:40:60:89:c9:22:60:
56:4e:2f:21:82:9a:af:5e:2a:e8:66:6f:a7:8a:6e:
84:58:13:fa:b3:1b:08:3c:f4:eb:88:ca:8c:9b:b0:
24:e1:eb:38:42:fb:19:0b:5c:68:3e:9d:7b:32:90:
6e:75:2a:6b:f7:c5:47:6b:52:6a:44:33:11:74:88:
9f:cb:8d:5f:72:97:ee:f4:db:42:62:4e:f2:5d:f0:
7f:fc:53:88:45:a0:fd:e9:fa:35:f4:9d:5c:6b:7d:
18:d4:47:94:ee:2d:e6:97:c3:41:13:f9:2b:c4:0c:
9e:92:b7:44:5b:35:e6:a0:46:9e:05:80:c8:28:cc:
66:29:89:ce:c9:c5:3d:a0:93:d1:8a:5d:e6:5b:3a:
fd:fa:f5:68:1c:f1:1f:b9:47:90:b2:77:6f:6f:fd:
36:fa:fe:38:77:3b:2c:d8:2e:d0:ea:22:81:2f:c2:
49:89:c9:15:a0:bb:ea:10:cf:63:2d:ba:f8:53:1e:
97:ff:e5:30:2d:2e:e7:35:83:a2:42:06:5d:66:ec:
b9:1e:1b:93:72:8f:dd:61:ef:2f:79:81:24:5e:47:
73:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:59:82:3A:8F:76:B4:1F:A1:F1:6A:B3:BB:C1:18:8A:08:D5:67:EC
X509v3 Authority Key Identifier:
keyid:E5:C7:8F:A1:99:3D:45:12:FE:24:36:B8:CE:DA:8B:FC:92:9D:65:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cePoZk9RRL-JDa4ztqL_JKdZX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5bb1d0-634e-46fc-a75a-0c9aa6696b49/1/b1mCOo92tB-h8Wqzu8EYigjVZ-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5bb1d0-634e-46fc-a75a-0c9aa6696b49/1/5cePoZk9RRL-JDa4ztqL_JKdZX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.163.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:0d:1b:a0:5c:a8:d0:c3:66:97:a8:6d:40:80:b2:3c:c1:c6:
92:35:d9:47:43:ae:e3:f3:e5:0f:d2:b3:e1:ed:41:8c:65:54:
be:92:5d:ca:32:8f:83:00:1a:80:41:47:4e:a1:a1:cb:df:5b:
4f:3f:48:62:fa:94:74:4b:ec:cd:8a:33:a0:47:44:9e:b3:25:
c1:33:3a:8b:b1:f9:52:9f:12:94:79:2d:3b:b9:e9:bf:67:d3:
b9:d6:f5:e6:12:ea:6e:5d:a5:69:4c:59:43:2a:c1:74:e2:5d:
08:4b:ee:8e:6a:ba:ba:14:47:c1:08:3b:9a:a0:66:73:ec:c6:
e1:2b:77:a5:48:06:28:14:dd:68:76:3b:65:c5:1c:a9:17:46:
c4:11:23:e5:c3:91:f5:48:dd:e1:14:82:06:22:be:ef:9e:5a:
3d:ef:a5:b1:47:03:41:ca:54:1c:b9:63:96:89:19:ea:ad:fe:
d9:59:e1:d4:2f:d3:97:db:a9:34:48:3c:12:24:e4:6a:0d:5f:
4c:2f:0e:3b:c5:bf:60:86:21:9b:51:03:73:49:33:f3:da:ae:
1b:cd:ac:52:a5:63:d0:6b:d0:97:f1:f0:6e:76:6c:26:98:71:
5a:2d:87:7a:6f:db:3b:f8:56:ae:c5:e9:bc:23:7f:ba:78:b6:
ba:91:f6:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl+3DJVgKhNR4iHnFxkyaaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1Yzc4ZmExOTkzZDQ1MTJmZTI0MzZiOGNlZGE4YmZjOTI5
ZDY1N2QwHhcNMjMwNzIyMTgyODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjU5ODIzYThmNzZiNDFmYTFmMTZhYjNiYmMxMTg4YTA4ZDU2N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+zyjjUwaQGzWTYjpTdDFV289vu5
zhCn5LEfQ4ASgEmeM0vbEF1AYInJImBWTi8hgpqvXiroZm+nim6EWBP6sxsIPPTr
iMqMm7Ak4es4QvsZC1xoPp17MpBudSpr98VHa1JqRDMRdIify41fcpfu9NtCYk7y
XfB//FOIRaD96fo19J1ca30Y1EeU7i3ml8NBE/krxAyekrdEWzXmoEaeBYDIKMxm
KYnOycU9oJPRil3mWzr9+vVoHPEfuUeQsndvb/02+v44dzss2C7Q6iKBL8JJickV
oLvqEM9jLbr4Ux6X/+UwLS7nNYOiQgZdZuy5HhuTco/dYe8veYEkXkdzzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG9ZgjqPdrQfofFqs7vBGIoI1WfsMB8GA1UdIwQY
MBaAFOXHj6GZPUUS/iQ2uM7ai/ySnWV9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNlUG9aazlSUkwtSkRhNHp0cUxfSktkWlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy81YmIxZDAtNjM0ZS00NmZjLWE3NWEt
MGM5YWE2Njk2YjQ5LzEvYjFtQ09vOTJ0Qi1oOFdxenU4RVlpZ2pWWi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy81YmIxZDAtNjM0ZS00NmZjLWE3NWEtMGM5YWE2Njk2YjQ5
LzEvNWNlUG9aazlSUkwtSkRhNHp0cUxfSktkWlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaSjMA0G
CSqGSIb3DQEBCwUAA4IBAQDDDRugXKjQw2aXqG1AgLI8wcaSNdlHQ67j8+UP0rPh
7UGMZVS+kl3KMo+DABqAQUdOoaHL31tPP0hi+pR0S+zNijOgR0SesyXBMzqLsflS
nxKUeS07uem/Z9O51vXmEupuXaVpTFlDKsF04l0IS+6Oarq6FEfBCDuaoGZz7Mbh
K3elSAYoFN1odjtlxRypF0bEESPlw5H1SN3hFIIGIr7vnlo976WxRwNBylQcuWOW
iRnqrf7ZWeHUL9OX26k0SDwSJORqDV9MLw47xb9ghiGbUQNzSTPz2q4bzaxSpWPQ
a9CX8fBudmwmmHFaLYd6b9s7+Fauxem8I3+6eLa6kfYB
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:21:13 2025 by rpki-client