Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/W14YwYE_FptK4mVsLpk-KPCkFjE.roa
File: W14YwYE_FptK4mVsLpk-KPCkFjE.roa (raw, json)
Hash identifier: ykMA9wwh69bv5hZSdqvCrxOe6tOeVlOvx2XWExrSBD8=
Subject key identifier: 5B:5E:18:C1:81:3F:16:9B:4A:E2:65:6C:2E:99:3E:28:F0:A4:16:31
Certificate issuer: /CN=83286fa6da7d252e7828f84923f55919142b007f
Certificate serial: 018CC7941C0B3CF3F51448A93B403073F05D
Authority key identifier: 83:28:6F:A6:DA:7D:25:2E:78:28:F8:49:23:F5:59:19:14:2B:00:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyhvptp9JS54KPhJI_VZGRQrAH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/W14YwYE_FptK4mVsLpk-KPCkFjE.roa
Signing time: Tue 02 Jan 2024 00:30:21 +0000
ROA not before: Tue 02 Jan 2024 00:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207160
IP address blocks: 185.65.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:1c:0b:3c:f3:f5:14:48:a9:3b:40:30:73:f0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83286fa6da7d252e7828f84923f55919142b007f
Validity
Not Before: Jan 2 00:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b5e18c1813f169b4ae2656c2e993e28f0a41631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b0:b7:a4:97:d7:00:19:5b:9c:a7:31:f5:6f:
ed:72:5c:3f:2d:8b:ea:b6:70:f9:8a:b4:0b:92:97:
fc:17:29:0a:7d:9b:c9:64:88:ef:9c:bc:56:2e:af:
5e:e5:5c:11:07:3f:a1:86:df:1f:36:17:2e:07:07:
5f:2c:06:03:11:a4:0d:64:d9:2e:92:41:16:06:d5:
e4:84:db:fe:6e:90:28:fe:69:af:16:e6:6c:17:b9:
d3:73:ed:b8:a7:a0:6b:a0:30:7f:47:ac:df:50:f1:
42:36:3b:b2:93:07:a3:54:ff:6d:70:52:ed:12:76:
dc:5b:ff:0e:67:97:4a:e1:4f:67:e6:41:56:9d:be:
81:68:18:bd:ba:07:d3:f0:0b:a9:b6:5b:50:4e:0c:
8a:46:30:58:2d:67:e9:76:f8:7b:5a:9a:81:2b:76:
bb:7b:0d:1c:9c:11:08:fe:a8:ec:dc:c9:f1:77:01:
0b:5a:16:0e:c9:b6:ef:e3:34:19:5e:68:d4:bd:9d:
86:7d:54:16:78:4e:32:41:6c:7a:d7:8c:bd:10:f6:
51:10:e2:2d:ee:05:97:be:e5:9e:da:d2:88:ae:84:
b9:74:3c:11:4d:cc:5f:28:ce:7e:af:30:43:dd:d8:
b1:e8:26:61:f8:21:8b:9e:15:7c:b0:fa:d7:5b:28:
1f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:5E:18:C1:81:3F:16:9B:4A:E2:65:6C:2E:99:3E:28:F0:A4:16:31
X509v3 Authority Key Identifier:
keyid:83:28:6F:A6:DA:7D:25:2E:78:28:F8:49:23:F5:59:19:14:2B:00:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyhvptp9JS54KPhJI_VZGRQrAH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/W14YwYE_FptK4mVsLpk-KPCkFjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/gyhvptp9JS54KPhJI_VZGRQrAH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.243.0/24
Signature Algorithm: sha256WithRSAEncryption
54:93:5d:27:38:6e:43:74:1d:c5:f6:ff:b8:1a:3f:63:b3:19:
20:99:5b:89:82:60:11:b0:5a:10:ab:45:53:81:56:83:b6:91:
0c:c5:3c:bc:a1:53:90:e4:23:d4:f6:bd:32:91:87:74:d7:8b:
ac:ce:56:0a:5f:e9:ad:2c:40:31:cd:f8:71:18:72:12:9b:91:
09:07:df:9b:32:99:dc:86:7a:03:f9:3e:6a:c2:74:b1:7f:4b:
ea:b3:08:cd:2c:0e:80:28:ee:74:8e:93:9f:ec:39:b5:9d:cd:
23:b6:b2:08:79:67:69:47:28:7d:b7:51:f2:80:1e:64:45:2a:
05:d3:52:b6:d2:d7:34:95:8d:92:6e:57:e9:d7:ce:10:3c:e8:
18:07:3e:1c:8a:cb:04:76:e2:71:1c:ed:71:11:75:24:1d:62:
e1:d6:35:56:93:23:a8:c5:bd:c4:6d:c8:81:e7:e6:7f:ee:fa:
3c:6b:25:34:6a:6d:61:1e:22:5a:c5:c7:f5:38:8d:ae:e0:f0:
c2:a2:e0:ac:95:f2:f2:97:45:8a:ee:34:52:a5:90:51:a7:fe:
1b:a6:c8:e2:ea:d5:91:39:58:46:4c:1d:c6:88:85:7c:a3:51:
f7:33:df:47:24:49:e2:0b:f0:cf:1d:6e:9a:76:a1:25:09:37:
f0:80:ba:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlBwLPPP1FEipO0Awc/BdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjg2ZmE2ZGE3ZDI1MmU3ODI4Zjg0OTIzZjU1OTE5MTQy
YjAwN2YwHhcNMjQwMTAyMDAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjVlMThjMTgxM2YxNjliNGFlMjY1NmMyZTk5M2UyOGYwYTQxNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7C3pJfXABlbnKcx9W/tclw/LYvq
tnD5irQLkpf8FykKfZvJZIjvnLxWLq9e5VwRBz+hht8fNhcuBwdfLAYDEaQNZNku
kkEWBtXkhNv+bpAo/mmvFuZsF7nTc+24p6BroDB/R6zfUPFCNjuykwejVP9tcFLt
EnbcW/8OZ5dK4U9n5kFWnb6BaBi9ugfT8AuptltQTgyKRjBYLWfpdvh7WpqBK3a7
ew0cnBEI/qjs3MnxdwELWhYOybbv4zQZXmjUvZ2GfVQWeE4yQWx614y9EPZREOIt
7gWXvuWe2tKIroS5dDwRTcxfKM5+rzBD3dix6CZh+CGLnhV8sPrXWygf8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFteGMGBPxabSuJlbC6ZPijwpBYxMB8GA1UdIwQY
MBaAFIMob6bafSUueCj4SSP1WRkUKwB/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lodnB0cDlKUzU0S1BoSklfVlpHUlFyQUg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYzU4M2QtMWFiYS00Nzk4LTg4MTct
ZDZjOWM2ZTg2OTIzLzEvVzE0WXdZRV9GcHRLNG1Wc0xway1LUENrRmpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYzU4M2QtMWFiYS00Nzk4LTg4MTctZDZjOWM2ZTg2OTIz
LzEvZ3lodnB0cDlKUzU0S1BoSklfVlpHUlFyQUg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUHzMA0G
CSqGSIb3DQEBCwUAA4IBAQBUk10nOG5DdB3F9v+4Gj9jsxkgmVuJgmARsFoQq0VT
gVaDtpEMxTy8oVOQ5CPU9r0ykYd014uszlYKX+mtLEAxzfhxGHISm5EJB9+bMpnc
hnoD+T5qwnSxf0vqswjNLA6AKO50jpOf7Dm1nc0jtrIIeWdpRyh9t1HygB5kRSoF
01K20tc0lY2Sblfp184QPOgYBz4cissEduJxHO1xEXUkHWLh1jVWkyOoxb3EbciB
5+Z/7vo8ayU0am1hHiJaxcf1OI2u4PDCouCslfLyl0WK7jRSpZBRp/4bpsji6tWR
OVhGTB3GiIV8o1H3M99HJEniC/DPHW6adqElCTfwgLo0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:55 2025 by rpki-client