Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/p1WmMz_uerdqzioVQ7xrRJwU_Ck.roa
File: p1WmMz_uerdqzioVQ7xrRJwU_Ck.roa (raw, json)
Hash identifier: T+1bpm5vV1cbLJQcIGcTv6DsepMKB9jYha8HNJosukw=
Subject key identifier: A7:55:A6:33:3F:EE:7A:B7:6A:CE:2A:15:43:BC:6B:44:9C:14:FC:29
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 09FD2FE2
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/p1WmMz_uerdqzioVQ7xrRJwU_Ck.roa
Signing time: Sat 01 Jan 2022 11:56:00 +0000
ROA not before: Sat 01 Jan 2022 11:56:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61135
IP address blocks: 185.132.124.0/24 maxlen: 24
213.226.118.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167587810 (0x9fd2fe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 1 11:56:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a755a6333fee7ab76ace2a1543bc6b449c14fc29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:50:d6:27:18:0b:82:f5:22:58:50:0c:99:7d:
8f:d6:3a:5c:0f:96:ec:14:5e:b6:3d:bc:24:f6:3f:
8f:d6:39:2d:c8:9a:29:e9:b0:8f:db:e0:e7:8b:2c:
1e:d3:db:f4:f5:e5:3a:85:80:02:df:9d:57:7a:25:
44:17:93:12:17:e3:72:e9:1e:28:bb:36:fa:72:ba:
11:f2:63:db:06:4d:bf:d6:39:82:3c:23:5d:76:b1:
ea:2f:a0:7b:dc:32:c7:cf:4e:86:f1:bb:e5:c4:b3:
6d:94:7e:62:58:e3:bc:25:c1:f6:25:02:6d:0b:68:
89:90:62:1e:53:a1:22:6f:b7:79:84:bd:a2:3a:ec:
89:79:6f:1e:e1:3b:22:8f:c8:0f:45:f7:b5:a0:f5:
19:ee:f4:62:99:00:a5:f4:0f:b7:54:d3:ae:51:dd:
9f:40:a5:ad:76:a8:68:33:88:04:81:cd:74:87:c0:
35:88:7a:ef:d9:7c:ad:23:cd:4c:27:89:80:d7:c1:
76:3b:7c:1f:5b:9a:3b:82:04:07:ad:18:30:4f:d8:
3f:fe:9d:2b:5d:64:7b:76:42:7c:b0:bf:43:b0:f3:
15:e2:c8:d5:b4:4b:75:09:d5:7c:14:e3:ad:3c:96:
5d:c6:07:c6:82:01:35:3e:ff:86:06:60:69:8c:c8:
bc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:55:A6:33:3F:EE:7A:B7:6A:CE:2A:15:43:BC:6B:44:9C:14:FC:29
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/p1WmMz_uerdqzioVQ7xrRJwU_Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.124.0/24
213.226.118.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:69:2c:76:c7:30:00:fc:a0:0f:da:ea:6a:87:cb:f2:ab:fe:
31:f0:06:0c:2e:a6:83:d5:6e:d9:f7:28:cc:4a:99:91:14:f0:
da:62:78:3a:0a:00:b5:39:22:be:41:e7:72:fe:17:ff:a8:5f:
4d:ea:00:0a:86:f8:b5:9d:9f:3d:7e:09:24:1c:30:9a:3d:9b:
18:06:ef:2a:50:54:3f:9c:23:ad:93:48:34:28:68:44:62:01:
dc:cd:32:4d:13:a3:b3:55:77:bc:0c:9d:eb:42:76:77:2f:74:
f8:c0:0a:c6:fb:78:85:5d:21:35:be:c4:83:b6:f8:b1:89:db:
6b:24:b6:04:4f:f5:68:a5:ce:60:f4:a8:6b:da:b3:28:68:c6:
ac:ce:9f:0c:fa:55:0a:29:b1:4d:1e:e0:31:c8:43:5e:a0:c0:
df:9b:ad:da:13:6f:da:65:5e:29:03:e4:da:b8:e6:69:68:0b:
c5:10:5e:c1:01:06:98:e9:12:e0:83:d9:f1:27:3f:85:55:5d:
56:f0:a0:4d:07:b5:6f:00:24:83:6e:97:f1:75:10:71:b3:69:
43:4f:c9:35:40:a6:0e:36:fd:8a:d3:75:03:cb:2b:36:80:84:
42:83:48:d4:dc:69:03:05:72:c1:79:47:9a:4f:dc:b2:cd:d7:
60:47:13:80
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECf0v4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDEw
MTExNTYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTc1NWE2MzMzZmVl
N2FiNzZhY2UyYTE1NDNiYzZiNDQ5YzE0ZmMyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVQ1icYC4L1IlhQDJl9j9Y6XA+W7BRetj28JPY/j9Y5Lcia
Kemwj9vg54ssHtPb9PXlOoWAAt+dV3olRBeTEhfjcukeKLs2+nK6EfJj2wZNv9Y5
gjwjXXax6i+ge9wyx89OhvG75cSzbZR+YljjvCXB9iUCbQtoiZBiHlOhIm+3eYS9
ojrsiXlvHuE7Io/ID0X3taD1Ge70YpkApfQPt1TTrlHdn0ClrXaoaDOIBIHNdIfA
NYh679l8rSPNTCeJgNfBdjt8H1uaO4IEB60YME/YP/6dK11ke3ZCfLC/Q7DzFeLI
1bRLdQnVfBTjrTyWXcYHxoIBNT7/hgZgaYzIvL0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSnVaYzP+56t2rOKhVDvGtEnBT8KTAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L3AxV21Nel91ZXJkcXppb1ZRN3hyUkp3VV9Day5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmEfAMEANXidjANBgkqhkiG9w0B
AQsFAAOCAQEAfWksdscwAPygD9rqaofL8qv+MfAGDC6mg9Vu2fcozEqZkRTw2mJ4
OgoAtTkivkHncv4X/6hfTeoACob4tZ2fPX4JJBwwmj2bGAbvKlBUP5wjrZNINCho
RGIB3M0yTROjs1V3vAyd60J2dy90+MAKxvt4hV0hNb7Eg7b4sYnbayS2BE/1aKXO
YPSoa9qzKGjGrM6fDPpVCimxTR7gMchDXqDA35ut2hNv2mVeKQPk2rjmaWgLxRBe
wQEGmOkS4IPZ8Sc/hVVdVvCgTQe1bwAkg26X8XUQcbNpQ0/JNUCmDjb9itN1A8sr
NoCEQoNI1NxpAwVywXlHmk/css3XYEcTgA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:40:22 2025 by rpki-client