Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/b15WcE60kHFG7eAzUkS3wW8SVm8.roa
File: b15WcE60kHFG7eAzUkS3wW8SVm8.roa (raw, json)
Hash identifier: otTpTZoFtgHc9vM77LodegQ07zEAPPk9aKB4gp1VDXY=
Subject key identifier: 6F:5E:56:70:4E:B4:90:71:46:ED:E0:33:52:44:B7:C1:6F:12:56:6F
Certificate issuer: /CN=306d618355bd8937f75bb4650bb5c1af70f9a12e
Certificate serial: 01856FD4E173871C2216ADE554933609D3F8
Authority key identifier: 30:6D:61:83:55:BD:89:37:F7:5B:B4:65:0B:B5:C1:AF:70:F9:A1:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MG1hg1W9iTf3W7RlC7XBr3D5oS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/b15WcE60kHFG7eAzUkS3wW8SVm8.roa
Signing time: Mon 02 Jan 2023 00:15:00 +0000
ROA not before: Mon 02 Jan 2023 00:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 2.57.227.0/24 maxlen: 24
185.155.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:e1:73:87:1c:22:16:ad:e5:54:93:36:09:d3:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306d618355bd8937f75bb4650bb5c1af70f9a12e
Validity
Not Before: Jan 2 00:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f5e56704eb4907146ede0335244b7c16f12566f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1d:af:da:bc:ee:a8:d2:84:9e:1a:a6:e8:ab:
85:df:8c:90:16:40:91:54:9e:ed:0c:5c:c8:36:90:
05:9a:17:fc:2b:64:6c:d6:da:c1:bd:a9:c2:88:b1:
8f:5e:ee:33:b8:46:5f:33:ab:b9:36:94:f1:93:4d:
5f:6e:6e:46:a1:ca:01:e5:f1:34:fb:44:54:50:a5:
c1:7e:59:e5:d7:6d:57:74:27:c8:4a:26:09:07:a5:
bb:18:7a:15:b5:2d:b6:da:95:eb:96:ea:f1:8c:a5:
35:94:97:94:8c:8f:91:b7:d4:7c:a7:5d:73:2d:24:
38:ea:1f:9b:1e:10:e6:ff:ed:cb:a7:34:22:bd:75:
b1:ed:8b:2f:87:d5:d4:77:bd:5e:eb:80:80:03:02:
b7:65:a9:f8:d5:33:69:48:65:b3:af:f5:a4:86:e2:
23:2f:f1:44:bc:1d:31:d4:50:e9:ca:2d:f8:64:fb:
13:18:6d:3a:38:2c:c6:2e:c3:21:c4:4d:3a:4f:86:
f4:89:45:a4:ea:d5:bb:0c:e1:89:43:ed:7e:80:30:
81:2d:f1:80:1e:84:86:6f:d7:47:f6:22:8c:04:18:
90:ae:08:18:47:04:5f:a1:c6:b7:29:96:e2:b5:69:
b4:e1:05:49:83:73:c4:87:32:18:74:dd:10:a4:23:
fb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5E:56:70:4E:B4:90:71:46:ED:E0:33:52:44:B7:C1:6F:12:56:6F
X509v3 Authority Key Identifier:
keyid:30:6D:61:83:55:BD:89:37:F7:5B:B4:65:0B:B5:C1:AF:70:F9:A1:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MG1hg1W9iTf3W7RlC7XBr3D5oS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/b15WcE60kHFG7eAzUkS3wW8SVm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/MG1hg1W9iTf3W7RlC7XBr3D5oS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.227.0/24
185.155.207.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:98:00:53:f6:2b:56:dd:c4:eb:60:04:61:81:12:4d:6f:4c:
23:ba:7d:4e:58:be:03:6f:c5:c8:57:19:c5:af:f9:e8:33:29:
61:6a:f0:56:c7:ff:d8:6c:56:a7:5d:aa:66:e7:a8:6c:7c:3e:
8e:1e:44:d4:5d:03:c6:7d:78:4a:73:cb:63:59:d1:f1:25:02:
cb:a9:ff:90:7c:8b:5e:83:be:61:36:00:65:58:b9:a6:50:a7:
85:8b:52:98:7c:b7:5f:1e:26:72:d4:39:7b:3c:ff:78:4a:8e:
0c:9d:44:3a:68:87:cb:36:60:fe:43:3f:96:f6:76:de:9b:48:
a6:92:c4:90:1a:92:b2:c7:f3:23:01:cb:c7:0b:54:3b:8b:8c:
65:3b:b4:51:c0:53:04:8c:e2:8f:ea:ff:49:68:a9:2e:65:fa:
e6:76:24:6d:1e:c4:03:ef:d5:60:1c:8c:06:b0:0f:b5:6a:fb:
86:98:2b:1a:a4:d8:85:a1:12:26:ca:3c:fd:ce:6b:3f:f9:8c:
6e:6b:b2:f4:f4:2e:ed:97:45:71:9c:66:3a:97:1d:20:0e:a5:
5d:5a:33:62:d4:dd:60:06:07:31:87:78:35:23:c3:f8:6d:f3:
b7:71:c6:80:13:96:e8:85:96:ec:50:70:3b:16:5a:1f:85:c4:
50:99:0a:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv1OFzhxwiFq3lVJM2CdP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmQ2MTgzNTViZDg5MzdmNzViYjQ2NTBiYjVjMWFmNzBm
OWExMmUwHhcNMjMwMTAyMDAxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjVlNTY3MDRlYjQ5MDcxNDZlZGUwMzM1MjQ0YjdjMTZmMTI1NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB2v2rzuqNKEnhqm6KuF34yQFkCR
VJ7tDFzINpAFmhf8K2Rs1trBvanCiLGPXu4zuEZfM6u5NpTxk01fbm5GocoB5fE0
+0RUUKXBflnl121XdCfISiYJB6W7GHoVtS222pXrlurxjKU1lJeUjI+Rt9R8p11z
LSQ46h+bHhDm/+3LpzQivXWx7Ysvh9XUd71e64CAAwK3Zan41TNpSGWzr/WkhuIj
L/FEvB0x1FDpyi34ZPsTGG06OCzGLsMhxE06T4b0iUWk6tW7DOGJQ+1+gDCBLfGA
HoSGb9dH9iKMBBiQrggYRwRfoca3KZbitWm04QVJg3PEhzIYdN0QpCP7uwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG9eVnBOtJBxRu3gM1JEt8FvElZvMB8GA1UdIwQY
MBaAFDBtYYNVvYk391u0ZQu1wa9w+aEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUcxaGcxVzlpVGYzVzdSbEM3WEJyM0Q1b1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8zY2RlOWItMzcwNS00ZGMzLThkN2Ut
NTE2ZmZkODczNzZjLzEvYjE1V2NFNjBrSEZHN2VBelVrUzN3VzhTVm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8zY2RlOWItMzcwNS00ZGMzLThkN2UtNTE2ZmZkODczNzZj
LzEvTUcxaGcxVzlpVGYzVzdSbEM3WEJyM0Q1b1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjnjAwQA
uZvPMA0GCSqGSIb3DQEBCwUAA4IBAQCLmABT9itW3cTrYARhgRJNb0wjun1OWL4D
b8XIVxnFr/noMylhavBWx//YbFanXapm56hsfD6OHkTUXQPGfXhKc8tjWdHxJQLL
qf+QfIteg75hNgBlWLmmUKeFi1KYfLdfHiZy1Dl7PP94So4MnUQ6aIfLNmD+Qz+W
9nbem0imksSQGpKyx/MjAcvHC1Q7i4xlO7RRwFMEjOKP6v9JaKkuZfrmdiRtHsQD
79VgHIwGsA+1avuGmCsapNiFoRImyjz9zms/+Yxua7L09C7tl0VxnGY6lx0gDqVd
WjNi1N1gBgcxh3g1I8P4bfO3ccaAE5bohZbsUHA7FlofhcRQmQrO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:54 2025 by rpki-client