Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/3cMUITXnAWUi3KbbSgCMn6UlLQg.roa
File: 3cMUITXnAWUi3KbbSgCMn6UlLQg.roa (raw, json)
Hash identifier: muZra1lVH65qKt2Xps1Wls201oDtceqD59rh6zse1JI=
Subject key identifier: DD:C3:14:21:35:E7:01:65:22:DC:A6:DB:4A:00:8C:9F:A5:25:2D:08
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018963471BE284321A9DBC206A6AFB1D28CF
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/3cMUITXnAWUi3KbbSgCMn6UlLQg.roa
Signing time: Mon 17 Jul 2023 09:55:51 +0000
ROA not before: Mon 17 Jul 2023 09:55:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 185.81.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:47:1b:e2:84:32:1a:9d:bc:20:6a:6a:fb:1d:28:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jul 17 09:55:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddc3142135e7016522dca6db4a008c9fa5252d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7a:f6:56:90:d2:c3:5a:57:7f:47:10:f3:73:
cf:ce:41:b3:03:6a:98:c7:e5:80:12:1a:ff:15:42:
57:04:0a:dc:0d:24:f6:bc:4a:aa:a4:d2:e7:3c:bb:
74:97:66:28:f0:1a:17:94:08:08:c3:45:eb:c8:3d:
4b:1b:aa:44:ea:79:39:5f:44:68:cb:71:84:20:60:
8a:5f:72:0a:61:e5:30:c7:31:ad:0b:33:58:b2:5d:
e7:79:b4:23:8a:b3:1b:a9:d9:58:ee:68:f3:bd:37:
97:21:e1:54:d8:0b:04:3a:82:52:17:e3:84:88:6f:
d3:7f:e2:f3:37:2a:cc:9f:3c:1a:96:08:8c:82:eb:
0a:ba:46:43:58:47:e8:82:ef:3d:c4:73:36:70:d0:
df:13:63:be:64:76:27:94:b2:7e:a8:aa:4d:33:ec:
99:06:fb:bf:7a:82:59:21:a1:bb:27:14:89:e1:2c:
18:4f:20:dd:05:02:74:5f:b4:8d:47:37:da:74:b4:
ce:33:92:61:50:67:03:60:73:44:3e:1c:44:6a:88:
c2:ff:32:b8:03:2f:8c:fa:63:0b:69:50:70:c1:9b:
f1:da:66:9f:d0:77:e5:25:dd:ce:8f:58:49:7f:14:
21:c1:ae:20:47:a0:5d:d0:ad:67:b0:b4:b0:d4:65:
c4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C3:14:21:35:E7:01:65:22:DC:A6:DB:4A:00:8C:9F:A5:25:2D:08
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/3cMUITXnAWUi3KbbSgCMn6UlLQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.181.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:5e:30:a3:c2:88:0c:b1:10:cf:7f:e2:58:d8:a8:3b:d6:d9:
0d:18:87:87:77:cd:97:db:53:9f:f4:a4:db:7b:4f:fc:95:e5:
9c:31:03:f6:3c:04:86:43:83:73:2e:a2:5f:93:7c:38:24:8d:
95:65:be:5d:6b:99:cb:de:e3:13:5e:f8:ff:64:ca:76:f7:ca:
5e:7d:51:64:c1:d3:c0:0e:3a:b4:55:fb:c9:cc:89:0c:c3:39:
ee:9f:44:d6:2c:4b:0c:b1:0e:c9:84:d8:6c:da:cb:ef:4c:ff:
40:cc:7d:1a:7d:52:26:09:99:4c:69:ee:dd:1f:d3:b5:dd:13:
0b:dd:cd:91:5e:6a:9e:eb:18:51:05:a7:ba:3b:64:67:03:3a:
bd:49:7a:0a:fb:5c:55:90:d3:2a:c5:c0:5b:09:87:eb:bd:dc:
f7:48:c5:d2:05:18:53:e1:ac:d1:a6:9a:ac:cb:f3:6d:c6:66:
c1:ca:3c:c3:db:0e:45:76:92:1f:c1:48:5d:52:66:cf:dd:d5:
25:da:e9:0a:ad:ff:e1:71:17:be:83:b9:6f:85:58:e7:57:7e:
0b:e6:b3:a7:e4:ee:42:51:a5:6f:78:40:30:37:2c:fd:59:db:
f7:00:19:d6:a3:00:c4:00:6c:60:5f:10:09:71:ce:cd:ac:19:
5d:35:5b:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYljRxvihDIanbwgamr7HSjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMwNzE3MDk1NTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGMzMTQyMTM1ZTcwMTY1MjJkY2E2ZGI0YTAwOGM5ZmE1MjUyZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3r2VpDSw1pXf0cQ83PPzkGzA2qY
x+WAEhr/FUJXBArcDST2vEqqpNLnPLt0l2Yo8BoXlAgIw0XryD1LG6pE6nk5X0Ro
y3GEIGCKX3IKYeUwxzGtCzNYsl3nebQjirMbqdlY7mjzvTeXIeFU2AsEOoJSF+OE
iG/Tf+LzNyrMnzwalgiMgusKukZDWEfogu89xHM2cNDfE2O+ZHYnlLJ+qKpNM+yZ
Bvu/eoJZIaG7JxSJ4SwYTyDdBQJ0X7SNRzfadLTOM5JhUGcDYHNEPhxEaojC/zK4
Ay+M+mMLaVBwwZvx2maf0HflJd3Oj1hJfxQhwa4gR6Bd0K1nsLSw1GXEsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3DFCE15wFlItym20oAjJ+lJS0IMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvM2NNVUlUWG5BV1VpM0tiYlNnQ01uNlVsTFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVG1MA0G
CSqGSIb3DQEBCwUAA4IBAQBaXjCjwogMsRDPf+JY2Kg71tkNGIeHd82X21Of9KTb
e0/8leWcMQP2PASGQ4NzLqJfk3w4JI2VZb5da5nL3uMTXvj/ZMp298pefVFkwdPA
Djq0VfvJzIkMwznun0TWLEsMsQ7JhNhs2svvTP9AzH0afVImCZlMae7dH9O13RML
3c2RXmqe6xhRBae6O2RnAzq9SXoK+1xVkNMqxcBbCYfrvdz3SMXSBRhT4azRppqs
y/NtxmbByjzD2w5FdpIfwUhdUmbP3dUl2ukKrf/hcRe+g7lvhVjnV34L5rOn5O5C
UaVveEAwNyz9Wdv3ABnWowDEAGxgXxAJcc7NrBldNVvX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:57 2025 by rpki-client