Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/pV0DWBX0G--bVC2Sj61rwWd_-JU.roa
File: pV0DWBX0G--bVC2Sj61rwWd_-JU.roa (raw, json)
Hash identifier: JPBcQ+9rAvtQmptty1MSWiVIvWCNClrR7d3bYF61YqM=
Subject key identifier: A5:5D:03:58:15:F4:1B:EF:9B:54:2D:92:8F:AD:6B:C1:67:7F:F8:95
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018EF4F0332F70438C167642B83D14020129
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/pV0DWBX0G--bVC2Sj61rwWd_-JU.roa
Signing time: Fri 19 Apr 2024 05:59:26 +0000
ROA not before: Fri 19 Apr 2024 05:59:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 185.243.141.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f4:f0:33:2f:70:43:8c:16:76:42:b8:3d:14:02:01:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 19 05:59:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a55d035815f41bef9b542d928fad6bc1677ff895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ed:c6:1a:38:1c:00:d7:d7:50:5b:dc:cf:40:
dd:d2:71:65:6c:48:4e:49:89:75:b0:1d:a8:e9:67:
45:7e:38:39:2b:d1:47:94:23:4a:f6:cb:a9:a5:43:
d2:2c:d2:36:80:d6:05:f1:03:f2:70:00:24:82:5b:
56:c2:7d:50:3f:20:ce:d4:f0:ba:37:ce:77:fa:d4:
6b:07:2f:bc:1f:c9:be:21:38:d4:40:e5:1b:f6:23:
1f:b5:80:9e:f5:1e:01:df:11:60:6f:96:8b:22:43:
e3:31:c8:d2:18:a4:03:2c:fb:94:97:1b:a0:67:e9:
26:92:5e:70:65:c9:a6:ae:79:5a:7e:e4:98:75:8f:
1a:00:34:56:51:a0:27:ae:9b:3e:bc:10:66:04:65:
06:4e:7c:83:35:07:2c:7c:e5:d6:fa:f0:c8:48:b5:
8e:e5:0e:b5:14:ad:53:0d:17:86:5e:d9:93:bd:ca:
68:64:9a:69:c1:8c:1c:9d:57:dd:d5:af:5e:76:a1:
a9:00:85:f6:aa:3a:af:03:c1:43:57:58:85:da:eb:
75:ea:6a:8f:4a:8a:b2:20:c0:b5:72:9c:d2:5c:1f:
e6:dc:02:3e:16:b1:0b:e5:8d:5b:57:e7:a1:05:d9:
63:c8:fe:f7:c1:77:5f:34:f2:3d:8d:d1:b6:5d:81:
bb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5D:03:58:15:F4:1B:EF:9B:54:2D:92:8F:AD:6B:C1:67:7F:F8:95
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/pV0DWBX0G--bVC2Sj61rwWd_-JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.141.0/24
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
77:49:bf:2a:bf:1b:c4:12:6d:ba:c3:a7:42:c6:22:18:0e:7f:
a9:84:d8:dc:2a:9b:48:ec:cd:43:e9:c6:9d:15:f1:81:3e:74:
73:b9:ed:1a:e0:da:e4:61:ce:6a:13:c0:33:36:84:4b:1d:79:
5c:0e:c4:55:fb:14:5c:6d:df:13:40:c2:9c:b0:85:2e:09:28:
02:35:04:a2:e2:db:9d:39:fc:73:1f:fc:30:66:a4:a4:ff:5c:
40:87:8a:9f:7e:80:f2:f8:72:ea:89:f5:fa:85:d7:fb:60:d2:
11:55:77:79:ec:3b:af:a2:eb:5f:90:99:c9:71:3e:ea:e2:15:
38:24:c1:fe:46:81:32:45:0b:cb:46:55:8a:c9:12:e8:13:49:
94:2d:cb:10:de:50:a2:8f:31:5e:a5:e2:3b:32:94:62:6c:f8:
b0:68:e3:01:0b:2f:d7:40:80:2d:4d:04:14:39:93:13:16:42:
1b:60:77:cc:b6:40:65:94:21:df:35:85:e7:38:bf:28:df:c7:
cb:12:02:8b:3a:ce:bc:df:ed:26:be:3b:fe:be:1d:e4:75:82:
94:43:9b:23:55:e2:d5:10:e4:97:26:02:64:1d:dc:aa:73:d5:
71:e6:59:e1:19:1b:b7:a7:f1:72:9f:9e:54:33:0d:de:84:e1:
48:58:42:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY708DMvcEOMFnZCuD0UAgEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNDE5MDU1OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTVkMDM1ODE1ZjQxYmVmOWI1NDJkOTI4ZmFkNmJjMTY3N2ZmODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAge3GGjgcANfXUFvcz0Dd0nFlbEhO
SYl1sB2o6WdFfjg5K9FHlCNK9suppUPSLNI2gNYF8QPycAAkgltWwn1QPyDO1PC6
N853+tRrBy+8H8m+ITjUQOUb9iMftYCe9R4B3xFgb5aLIkPjMcjSGKQDLPuUlxug
Z+kmkl5wZcmmrnlafuSYdY8aADRWUaAnrps+vBBmBGUGTnyDNQcsfOXW+vDISLWO
5Q61FK1TDReGXtmTvcpoZJppwYwcnVfd1a9edqGpAIX2qjqvA8FDV1iF2ut16mqP
SoqyIMC1cpzSXB/m3AI+FrEL5Y1bV+ehBdljyP73wXdfNPI9jdG2XYG7zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKVdA1gV9Bvvm1Qtko+ta8Fnf/iVMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvcFYwRFdCWDBHLS1iVkMyU2o2MXJ3V2RfLUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufONAwQA
wrTuMA0GCSqGSIb3DQEBCwUAA4IBAQB3Sb8qvxvEEm26w6dCxiIYDn+phNjcKptI
7M1D6cadFfGBPnRzue0a4NrkYc5qE8AzNoRLHXlcDsRV+xRcbd8TQMKcsIUuCSgC
NQSi4tudOfxzH/wwZqSk/1xAh4qffoDy+HLqifX6hdf7YNIRVXd57DuvoutfkJnJ
cT7q4hU4JMH+RoEyRQvLRlWKyRLoE0mULcsQ3lCijzFepeI7MpRibPiwaOMBCy/X
QIAtTQQUOZMTFkIbYHfMtkBllCHfNYXnOL8o38fLEgKLOs683+0mvjv+vh3kdYKU
Q5sjVeLVEOSXJgJkHdyqc9Vx5lnhGRu3p/Fyn55UMw3ehOFIWELS
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:29:08 2025 by rpki-client