Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/318a23-2876-46a2-af72-3497f7e2de62/1/mZVbu3_IuQ4e6uxLI7PE_oHYFAM.roa
File: mZVbu3_IuQ4e6uxLI7PE_oHYFAM.roa (raw, json)
Hash identifier: RV5ONXMZBt7HEMpeW3qY2E9DwTJXJa2Q0ZEaWgIQwSk=
Subject key identifier: 99:95:5B:BB:7F:C8:B9:0E:1E:EA:EC:4B:23:B3:C4:FE:81:D8:14:03
Certificate issuer: /CN=c7d91462c4dc1df6a8a3a97a1aee57a0cc14efba
Certificate serial: 0192D6FB765C26F5FA252A2DB9578EA275CA
Authority key identifier: C7:D9:14:62:C4:DC:1D:F6:A8:A3:A9:7A:1A:EE:57:A0:CC:14:EF:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x9kUYsTcHfaoo6l6Gu5XoMwU77o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/318a23-2876-46a2-af72-3497f7e2de62/1/mZVbu3_IuQ4e6uxLI7PE_oHYFAM.roa
Signing time: Tue 29 Oct 2024 06:34:16 +0000
ROA not before: Tue 29 Oct 2024 06:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200937
IP address blocks: 185.90.148.0/24 maxlen: 24
185.90.148.0/25 maxlen: 25
185.90.148.128/26 maxlen: 26
185.90.148.192/27 maxlen: 27
185.90.148.224/27 maxlen: 27
185.90.149.0/24 maxlen: 24
185.90.150.0/24 maxlen: 24
185.90.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d6:fb:76:5c:26:f5:fa:25:2a:2d:b9:57:8e:a2:75:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7d91462c4dc1df6a8a3a97a1aee57a0cc14efba
Validity
Not Before: Oct 29 06:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99955bbb7fc8b90e1eeaec4b23b3c4fe81d81403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:b6:a9:7c:67:ad:8b:7a:89:aa:d4:63:c3:
e1:9b:00:44:c2:81:7b:2d:b8:bc:59:5f:20:30:09:
13:b7:44:cb:99:04:e6:25:72:6f:31:6c:2c:f1:b5:
d7:f5:33:ab:77:b4:3a:ef:30:c1:e2:fe:8c:21:a9:
22:ac:ae:20:44:67:4b:9a:cb:07:82:f8:c3:20:22:
47:d0:1f:8f:fa:4f:ce:2e:f4:e4:dd:c8:36:a9:ea:
08:f5:77:04:63:08:8f:54:7e:78:15:66:05:3c:b8:
50:4d:de:d6:0e:4e:8e:3c:bf:73:33:f1:d2:a8:26:
d8:80:60:ea:2c:6a:d8:f5:38:3a:b9:5e:41:b0:1e:
3d:44:86:e0:4b:f7:38:2c:ff:56:18:48:c7:8a:03:
28:64:28:6c:8a:27:f1:4f:f6:06:29:c2:62:fe:f8:
24:ab:34:f9:09:80:0d:36:a7:9a:f7:56:81:2b:7a:
8a:ad:97:f4:fe:31:87:c4:98:1a:c2:4e:6a:47:44:
0c:fa:ef:43:5f:b9:55:9e:f1:bb:9d:6b:3f:b7:85:
5b:15:00:71:0d:4a:4c:aa:61:8d:9b:6b:e7:f1:c5:
d5:10:1d:38:b6:52:2b:d2:1c:fd:6a:c4:a1:62:e5:
e0:09:1d:3e:6d:de:7b:56:4c:b3:f3:a7:8d:78:6f:
d7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:95:5B:BB:7F:C8:B9:0E:1E:EA:EC:4B:23:B3:C4:FE:81:D8:14:03
X509v3 Authority Key Identifier:
keyid:C7:D9:14:62:C4:DC:1D:F6:A8:A3:A9:7A:1A:EE:57:A0:CC:14:EF:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x9kUYsTcHfaoo6l6Gu5XoMwU77o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/318a23-2876-46a2-af72-3497f7e2de62/1/mZVbu3_IuQ4e6uxLI7PE_oHYFAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/318a23-2876-46a2-af72-3497f7e2de62/1/x9kUYsTcHfaoo6l6Gu5XoMwU77o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.148.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:64:35:86:c6:e5:7e:5d:66:ce:00:5c:58:b6:fb:ab:ba:05:
65:b9:1e:25:aa:b0:d3:0b:df:44:4c:bc:ef:a0:f5:a4:73:a9:
95:66:25:d7:54:fd:d5:56:8a:3c:1b:79:6e:d1:fe:48:24:f2:
38:b7:36:e2:c8:05:b9:f9:70:e6:d1:91:59:80:ca:6a:3e:4e:
8b:30:22:17:dd:bc:0b:1a:c5:0f:2d:3c:77:93:79:02:e6:1f:
72:4b:56:21:c4:69:e4:1c:88:27:09:ce:30:aa:32:42:84:77:
23:54:3a:94:6f:24:dc:b1:8b:20:51:71:e2:0d:b6:54:5f:50:
70:9c:14:21:21:74:54:cf:c2:ad:c5:9c:fa:d9:39:db:c1:cd:
dc:fa:06:53:4f:da:b2:cd:9c:d9:53:ef:85:74:0b:f1:35:e1:
9d:d6:1a:b0:36:40:e1:04:9a:a1:00:df:f1:82:49:d1:06:a4:
6e:fb:5c:d5:fa:0d:90:12:a3:3e:ee:2b:03:09:95:6e:2b:88:
47:20:9e:04:fe:9c:c7:84:74:0a:78:46:97:1e:b4:e4:ac:4a:
00:66:0d:15:9b:ea:5f:16:a3:b7:6d:3e:7a:36:73:93:dd:70:
0e:eb:be:2b:3b:d4:1c:14:15:20:95:99:41:76:48:20:9a:32:
83:b0:5d:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLW+3ZcJvX6JSotuVeOonXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZDkxNDYyYzRkYzFkZjZhOGEzYTk3YTFhZWU1N2EwY2Mx
NGVmYmEwHhcNMjQxMDI5MDYzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk1NWJiYjdmYzhiOTBlMWVlYWVjNGIyM2IzYzRmZTgxZDgxNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+q2qXxnrYt6iarUY8PhmwBEwoF7
Lbi8WV8gMAkTt0TLmQTmJXJvMWws8bXX9TOrd7Q67zDB4v6MIakirK4gRGdLmssH
gvjDICJH0B+P+k/OLvTk3cg2qeoI9XcEYwiPVH54FWYFPLhQTd7WDk6OPL9zM/HS
qCbYgGDqLGrY9Tg6uV5BsB49RIbgS/c4LP9WGEjHigMoZChsiifxT/YGKcJi/vgk
qzT5CYANNqea91aBK3qKrZf0/jGHxJgawk5qR0QM+u9DX7lVnvG7nWs/t4VbFQBx
DUpMqmGNm2vn8cXVEB04tlIr0hz9asShYuXgCR0+bd57Vkyz86eNeG/XuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmVW7t/yLkOHursSyOzxP6B2BQDMB8GA1UdIwQY
MBaAFMfZFGLE3B32qKOpehruV6DMFO+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDlrVVlzVGNIZmFvbzZsNkd1NVhvTXdVNzdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zMThhMjMtMjg3Ni00NmEyLWFmNzIt
MzQ5N2Y3ZTJkZTYyLzEvbVpWYnUzX0l1UTRlNnV4TEk3UEVfb0hZRkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zMThhMjMtMjg3Ni00NmEyLWFmNzItMzQ5N2Y3ZTJkZTYy
LzEveDlrVVlzVGNIZmFvbzZsNkd1NVhvTXdVNzdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVqUMA0G
CSqGSIb3DQEBCwUAA4IBAQBrZDWGxuV+XWbOAFxYtvurugVluR4lqrDTC99ETLzv
oPWkc6mVZiXXVP3VVoo8G3lu0f5IJPI4tzbiyAW5+XDm0ZFZgMpqPk6LMCIX3bwL
GsUPLTx3k3kC5h9yS1YhxGnkHIgnCc4wqjJChHcjVDqUbyTcsYsgUXHiDbZUX1Bw
nBQhIXRUz8KtxZz62Tnbwc3c+gZTT9qyzZzZU++FdAvxNeGd1hqwNkDhBJqhAN/x
gknRBqRu+1zV+g2QEqM+7isDCZVuK4hHIJ4E/pzHhHQKeEaXHrTkrEoAZg0Vm+pf
FqO3bT56NnOT3XAO674rO9QcFBUglZlBdkggmjKDsF2s
-----END CERTIFICATE-----
Generated at Wed Apr 16 08:13:50 2025 by rpki-client