Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/7RDV-Bes1NnK_cxCbcloQERbsrs.roa
File: 7RDV-Bes1NnK_cxCbcloQERbsrs.roa (raw, json)
Hash identifier: XjY/MRYIPkv7sxiu2OdMtOwR4HMqSMFCIf1x7zojdxQ=
Subject key identifier: ED:10:D5:F8:17:AC:D4:D9:CA:FD:CC:42:6D:C9:68:40:44:5B:B2:BB
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 0189AB988697A2B5C31819F2C029A7FACFAC
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/7RDV-Bes1NnK_cxCbcloQERbsrs.roa
Signing time: Mon 31 Jul 2023 10:57:27 +0000
ROA not before: Mon 31 Jul 2023 10:57:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 185.81.183.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:98:86:97:a2:b5:c3:18:19:f2:c0:29:a7:fa:cf:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jul 31 10:57:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed10d5f817acd4d9cafdcc426dc96840445bb2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ee:72:e2:05:39:f2:3b:88:cd:92:ef:8c:3d:
9e:f7:e1:58:8f:2b:59:23:dc:1e:62:3f:75:65:78:
6b:26:3d:7b:5c:11:63:42:98:f1:6e:3a:1d:07:6f:
7c:2d:31:d5:aa:d5:41:d8:54:49:e7:5c:98:e9:f1:
8e:6d:a6:2e:ce:9a:35:80:8a:49:2a:2c:28:f8:2e:
3a:7e:00:dc:81:b5:09:0d:c2:93:19:07:a1:a7:0e:
af:f0:64:4a:60:14:9b:08:f7:87:e1:d1:1c:ac:4d:
77:f5:6e:cc:46:cc:d1:65:0f:59:4d:f8:29:ac:ef:
f3:15:27:c1:49:e5:f7:08:a9:61:e0:56:e7:13:54:
6a:af:4a:d5:9d:f1:0e:fd:55:64:57:ec:85:71:35:
2a:9d:b0:f7:9f:b1:fb:b6:c2:d1:37:f9:2d:ab:e8:
02:84:c4:44:62:98:30:bf:9a:c0:2b:34:90:fa:14:
62:ee:ff:b0:5f:b8:1c:ba:9a:ad:54:fd:13:8b:36:
92:34:34:f9:5d:d1:f5:1d:ea:96:f5:ac:58:3f:63:
05:2a:b1:57:72:f0:fe:c4:47:91:51:9b:e1:4d:27:
e4:6e:3e:e0:0c:f7:2a:20:f2:eb:46:5b:10:14:83:
69:bc:50:40:a7:b0:19:9a:a9:2e:b9:a0:5d:a8:7f:
60:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:10:D5:F8:17:AC:D4:D9:CA:FD:CC:42:6D:C9:68:40:44:5B:B2:BB
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/7RDV-Bes1NnK_cxCbcloQERbsrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.183.0/24
Signature Algorithm: sha256WithRSAEncryption
85:d6:ee:fb:b6:c9:03:a8:b1:2b:85:18:cc:cf:ea:b2:f5:ea:
96:eb:92:78:9b:fc:6c:eb:80:10:21:98:32:53:1b:7e:3e:65:
be:5b:c7:c4:5d:f0:45:d2:33:37:a0:06:69:5c:c4:8a:27:95:
61:3e:7f:d1:d8:43:c1:95:23:16:ac:9c:0b:61:2b:9c:f2:da:
09:6d:fe:6b:e3:1f:25:6b:fb:96:7f:e9:e1:a3:73:b5:2d:cd:
8e:4c:25:8f:cc:04:be:98:b0:bc:03:b8:ee:1b:e9:3e:77:19:
73:12:2a:c8:54:3d:0b:09:16:c4:4b:35:b1:43:2d:43:ef:ba:
68:75:b4:c8:38:e2:b6:f3:1b:d7:7a:68:5f:56:1b:47:ec:79:
f2:f2:1b:91:81:5d:23:1f:74:fe:9d:f6:ae:bc:47:a6:63:3d:
2e:24:44:c6:54:a8:62:22:a5:35:67:2a:fb:4b:05:d8:ca:60:
43:98:fe:00:ea:5a:76:81:b6:9f:71:81:2e:90:10:d7:34:37:
98:64:63:7e:d6:36:f9:80:9b:ce:75:0a:28:c6:53:bc:43:e6:
68:2b:fa:7b:51:fa:46:2d:a6:6b:18:f6:e3:69:1c:06:54:67:
62:b8:cc:ca:8c:0e:5d:c4:b3:e6:d5:b4:cb:87:87:33:6f:e2:
ce:7f:2a:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmrmIaXorXDGBnywCmn+s+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMwNzMxMTA1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDEwZDVmODE3YWNkNGQ5Y2FmZGNjNDI2ZGM5Njg0MDQ0NWJiMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle5y4gU58juIzZLvjD2e9+FYjytZ
I9weYj91ZXhrJj17XBFjQpjxbjodB298LTHVqtVB2FRJ51yY6fGObaYuzpo1gIpJ
Kiwo+C46fgDcgbUJDcKTGQehpw6v8GRKYBSbCPeH4dEcrE139W7MRszRZQ9ZTfgp
rO/zFSfBSeX3CKlh4FbnE1Rqr0rVnfEO/VVkV+yFcTUqnbD3n7H7tsLRN/ktq+gC
hMREYpgwv5rAKzSQ+hRi7v+wX7gcupqtVP0TizaSNDT5XdH1HeqW9axYP2MFKrFX
cvD+xEeRUZvhTSfkbj7gDPcqIPLrRlsQFINpvFBAp7AZmqkuuaBdqH9gyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0Q1fgXrNTZyv3MQm3JaEBEW7K7MB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvN1JEVi1CZXMxTm5LX2N4Q2JjbG9RRVJic3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVG3MA0G
CSqGSIb3DQEBCwUAA4IBAQCF1u77tskDqLErhRjMz+qy9eqW65J4m/xs64AQIZgy
Uxt+PmW+W8fEXfBF0jM3oAZpXMSKJ5VhPn/R2EPBlSMWrJwLYSuc8toJbf5r4x8l
a/uWf+nho3O1Lc2OTCWPzAS+mLC8A7juG+k+dxlzEirIVD0LCRbESzWxQy1D77po
dbTIOOK28xvXemhfVhtH7Hny8huRgV0jH3T+nfauvEemYz0uJETGVKhiIqU1Zyr7
SwXYymBDmP4A6lp2gbafcYEukBDXNDeYZGN+1jb5gJvOdQooxlO8Q+ZoK/p7UfpG
LaZrGPbjaRwGVGdiuMzKjA5dxLPm1bTLh4czb+LOfyrM
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:00 2025 by rpki-client