Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/5MQsjOXnJH8TOYvp4wwap421AUw.roa
File: 5MQsjOXnJH8TOYvp4wwap421AUw.roa (raw, json)
Hash identifier: lZbJWLWWVAB0N+QG6vKn5nYfdSwxDX4rU9hVq5C4NzI=
Subject key identifier: E4:C4:2C:8C:E5:E7:24:7F:13:39:8B:E9:E3:0C:1A:A7:8D:B5:01:4C
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 3823501E
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/5MQsjOXnJH8TOYvp4wwap421AUw.roa
Signing time: Sat 01 Jan 2022 09:59:30 +0000
ROA not before: Sat 01 Jan 2022 09:59:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211504
IP address blocks: 178.175.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941838366 (0x3823501e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jan 1 09:59:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4c42c8ce5e7247f13398be9e30c1aa78db5014c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:23:ea:5b:bb:7c:12:53:97:62:89:d4:13:5b:
e8:9f:43:87:61:45:d8:d7:64:26:69:02:02:85:75:
d2:61:32:8c:fe:7a:c6:68:5b:d2:59:ec:f0:3b:06:
c9:bf:df:bf:97:13:58:af:ba:f6:74:a5:cf:df:a2:
e2:d7:c3:5b:3d:c1:c4:6c:3e:6a:e2:ca:da:24:3e:
04:c9:c8:97:e9:74:e0:78:63:37:5c:dd:05:56:60:
90:dd:85:54:f2:30:90:c7:4c:10:c5:f4:61:fe:2f:
d2:10:4d:2b:cd:6c:d4:92:8f:95:d8:89:ef:2c:ee:
ad:ea:ba:5e:85:1f:36:35:58:df:da:e7:33:94:be:
83:0c:98:f8:f0:37:36:c6:ea:02:0e:9c:4a:d8:a8:
d3:17:09:5b:af:ea:9b:56:18:ae:a7:8b:df:43:90:
7f:b3:66:0e:15:a3:e2:db:e3:f1:42:34:c4:29:dc:
e0:60:e0:48:d4:b7:dc:98:6a:8c:56:63:9f:fd:a2:
12:06:51:f8:51:73:05:59:19:0d:78:ae:58:5e:81:
6a:d2:27:1f:93:9d:71:e7:c1:6b:08:dc:9b:5e:10:
84:51:ab:22:4a:e2:b0:24:78:58:63:35:e7:d4:c6:
56:cc:bb:d2:92:a7:36:7e:39:89:d4:d3:44:ee:da:
41:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C4:2C:8C:E5:E7:24:7F:13:39:8B:E9:E3:0C:1A:A7:8D:B5:01:4C
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/5MQsjOXnJH8TOYvp4wwap421AUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.190.0/24
Signature Algorithm: sha256WithRSAEncryption
75:7d:98:74:3b:c0:37:e1:3c:6c:31:7b:82:40:77:b0:47:fd:
5c:76:7a:28:a8:f9:b6:76:9d:f1:22:9e:f6:02:23:36:47:f8:
11:0e:bc:06:2d:4b:8f:5f:e2:e8:9a:c7:8f:99:21:7c:a7:86:
44:55:a0:b7:e5:1d:2a:3c:44:1f:e3:82:aa:22:1e:85:c9:22:
7c:bd:82:a5:71:69:94:9c:f0:9c:ff:1d:b2:85:6f:0b:d1:92:
dd:2f:2b:cf:eb:5a:59:6e:35:01:0b:22:5b:9c:a6:53:45:80:
02:3d:b2:44:57:d9:bc:86:26:8c:82:2e:2a:c1:fd:4e:7a:95:
00:95:43:e3:71:ce:1a:21:5b:96:42:ef:ad:80:4b:ca:3f:2a:
59:74:ae:e0:12:40:a1:1b:91:64:81:bf:8e:6d:5c:d0:85:51:
32:a8:80:61:b9:b1:35:2e:47:ca:69:06:c9:75:31:7e:07:23:
8a:fa:97:5e:d8:fe:d5:0f:7d:85:7e:36:7a:83:3a:52:f3:b1:
ab:cf:fd:40:fa:54:cd:fa:f5:25:82:bc:27:95:89:df:c7:d4:
62:7a:d6:af:9d:b0:e0:b7:d7:d6:eb:f8:1b:31:98:b9:a6:b8:
66:a7:1e:c7:be:0c:d0:ce:9a:c1:3c:5f:8c:e0:d1:ec:49:09:
5f:21:b4:16
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOCNQHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTFiOTE1MDQ5ODMwOTE1MDZhMWE5NDQ0NTdhNDU1OGI5NGRhYjdmMB4XDTIyMDEw
MTA5NTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRjNDJjOGNlNWU3
MjQ3ZjEzMzk4YmU5ZTMwYzFhYTc4ZGI1MDE0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQj6lu7fBJTl2KJ1BNb6J9Dh2FF2NdkJmkCAoV10mEyjP56
xmhb0lns8DsGyb/fv5cTWK+69nSlz9+i4tfDWz3BxGw+auLK2iQ+BMnIl+l04Hhj
N1zdBVZgkN2FVPIwkMdMEMX0Yf4v0hBNK81s1JKPldiJ7yzureq6XoUfNjVY39rn
M5S+gwyY+PA3NsbqAg6cStio0xcJW6/qm1YYrqeL30OQf7NmDhWj4tvj8UI0xCnc
4GDgSNS33JhqjFZjn/2iEgZR+FFzBVkZDXiuWF6BatInH5OdcefBawjcm14QhFGr
IkrisCR4WGM159TGVsy70pKnNn45idTTRO7aQcECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTkxCyM5eckfxM5i+njDBqnjbUBTDAfBgNVHSMEGDAWgBS5G5FQSYMJFQah
qURFekVYuU2rfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VSdVJVRW1EQ1JVR29hbEVSWHBGV0xsTnEzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8x
LzVNUXNqT1huSkg4VE9ZdnA0d3dhcDQyMUFVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8xL3VSdVJVRW1EQ1JV
R29hbEVSWHBGV0xsTnEzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALKvvjANBgkqhkiG9w0BAQsFAAOC
AQEAdX2YdDvAN+E8bDF7gkB3sEf9XHZ6KKj5tnad8SKe9gIjNkf4EQ68Bi1Lj1/i
6JrHj5khfKeGRFWgt+UdKjxEH+OCqiIehckifL2CpXFplJzwnP8dsoVvC9GS3S8r
z+taWW41AQsiW5ymU0WAAj2yRFfZvIYmjIIuKsH9TnqVAJVD43HOGiFblkLvrYBL
yj8qWXSu4BJAoRuRZIG/jm1c0IVRMqiAYbmxNS5HymkGyXUxfgcjivqXXtj+1Q99
hX42eoM6UvOxq8/9QPpUzfr1JYK8J5WJ38fUYnrWr52w4LfX1uv4GzGYuaa4Zqce
x74M0M6awTxfjODR7EkJXyG0Fg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:25 2025 by rpki-client