Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/u9l7pKcdUqtMqAGq0_LhJiogCGU.roa
File: u9l7pKcdUqtMqAGq0_LhJiogCGU.roa (raw, json)
Hash identifier: S+CnOgsJDFdztDqED6mIEz0t3BWjYmvEiBxOn786+EY=
Subject key identifier: BB:D9:7B:A4:A7:1D:52:AB:4C:A8:01:AA:D3:F2:E1:26:2A:20:08:65
Certificate issuer: /CN=e123860e20cdb2cfdf2cefb3753a15b822829266
Certificate serial: 1305691A
Authority key identifier: E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/u9l7pKcdUqtMqAGq0_LhJiogCGU.roa
Signing time: Sat 01 Jan 2022 05:02:19 +0000
ROA not before: Sat 01 Jan 2022 05:02:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56974
IP address blocks: 185.44.229.0/24 maxlen: 24
185.44.228.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 319121690 (0x1305691a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e123860e20cdb2cfdf2cefb3753a15b822829266
Validity
Not Before: Jan 1 05:02:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbd97ba4a71d52ab4ca801aad3f2e1262a200865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5a:d3:8b:33:1a:b8:97:18:65:44:ba:f1:72:
9b:31:6b:1e:18:74:29:b2:1a:73:01:2a:ea:ec:51:
6f:ef:6d:6f:00:5a:ed:b5:19:9a:6d:77:4a:25:e8:
37:89:a1:55:c7:c1:41:d5:6f:02:c4:4e:a8:9d:0b:
28:ab:1d:f6:1d:d7:96:b0:14:3a:ab:e7:05:eb:fe:
78:9f:f2:d4:68:4d:ef:b7:01:7a:91:bc:48:74:f9:
7b:02:ac:2c:36:22:cd:50:b1:ab:56:d0:2e:4c:7f:
fe:33:55:5c:66:15:16:29:e2:f6:2d:ec:a6:a6:b9:
f7:c1:71:d5:49:f3:65:20:28:ad:a3:56:3b:db:67:
1a:99:6e:3e:84:4a:2b:9e:86:72:7d:56:b4:bb:ba:
89:0b:28:d3:ed:e1:cb:d4:26:ee:fa:c1:2c:14:db:
97:ce:12:d5:d3:bb:b8:d3:f2:1e:b1:a0:d8:a8:e3:
9c:31:6f:03:0a:27:db:13:df:d7:23:05:95:c5:40:
8b:d2:27:ba:0b:b2:53:62:6a:04:20:b4:1b:83:95:
38:59:35:22:1c:94:36:ec:ee:60:1a:d6:ab:87:e6:
96:47:1a:0d:33:39:e6:a6:a9:e4:38:1e:c7:e1:32:
4b:b1:db:63:53:f8:d3:b7:57:a9:2f:3a:e8:6b:e8:
3c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D9:7B:A4:A7:1D:52:AB:4C:A8:01:AA:D3:F2:E1:26:2A:20:08:65
X509v3 Authority Key Identifier:
keyid:E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/u9l7pKcdUqtMqAGq0_LhJiogCGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/4SOGDiDNss_fLO-zdToVuCKCkmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.228.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:b8:c7:5e:57:85:be:20:b0:9f:5c:bc:19:44:8b:c7:04:77:
a0:25:8b:84:7e:d4:aa:56:68:aa:9d:14:ce:36:fd:2d:36:65:
1c:0e:58:15:da:39:55:d2:15:26:ef:b7:18:44:bb:2c:9d:cd:
60:d1:bc:91:c3:7c:f5:cd:48:ee:66:a2:a4:88:9e:ce:a9:f0:
2d:45:d9:e2:5a:d0:5a:1c:a4:61:31:45:39:c3:76:d5:6e:ae:
16:e3:af:23:e6:02:d0:d4:d2:46:2d:22:03:b0:f8:d0:bf:a9:
78:af:43:5b:61:38:4b:aa:9d:7f:d6:3e:ad:b1:16:75:17:7e:
22:ac:c9:32:d7:ee:e5:09:e6:25:ef:e3:e0:e3:90:19:7b:6c:
09:33:1c:d0:a6:77:c9:5b:e8:43:70:88:d8:8f:3c:36:bd:f4:
5b:30:72:70:6e:af:cf:60:a9:30:2a:29:25:8b:44:c3:ff:75:
ee:4c:c6:ec:7f:9c:d9:df:cc:63:78:52:be:41:5a:3e:56:3e:
c6:07:46:a6:49:2c:45:94:2e:ff:e9:d5:b6:cd:3c:42:a5:e1:
72:fe:50:5b:0f:56:5a:c9:3d:e2:6a:28:36:91:87:33:c3:9c:
e1:1d:7b:4b:61:18:49:a9:b2:96:93:fc:fd:4c:b1:ed:ca:12:
87:48:3d:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEwVpGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTIzODYwZTIwY2RiMmNmZGYyY2VmYjM3NTNhMTViODIyODI5MjY2MB4XDTIyMDEw
MTA1MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJkOTdiYTRhNzFk
NTJhYjRjYTgwMWFhZDNmMmUxMjYyYTIwMDg2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBa04szGriXGGVEuvFymzFrHhh0KbIacwEq6uxRb+9tbwBa
7bUZmm13SiXoN4mhVcfBQdVvAsROqJ0LKKsd9h3XlrAUOqvnBev+eJ/y1GhN77cB
epG8SHT5ewKsLDYizVCxq1bQLkx//jNVXGYVFini9i3spqa598Fx1UnzZSAoraNW
O9tnGpluPoRKK56Gcn1WtLu6iQso0+3hy9Qm7vrBLBTbl84S1dO7uNPyHrGg2Kjj
nDFvAwon2xPf1yMFlcVAi9InuguyU2JqBCC0G4OVOFk1IhyUNuzuYBrWq4fmlkca
DTM55qap5Dgex+EyS7HbY1P407dXqS866GvoPPMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS72Xukpx1Sq0yoAarT8uEmKiAIZTAfBgNVHSMEGDAWgBThI4YOIM2yz98s
77N1OhW4IoKSZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRTT0dEaUROc3NfZkxPLXpkVG9WdUNLQ2ttWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvODEwNTk5LTczMWEtNDg2YS1iMjNmLTQ3NTM3ZWI2NDRmNS8x
L3U5bDdwS2NkVXF0TXFBR3EwX0xoSmlvZ0NHVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
ODEwNTk5LTczMWEtNDg2YS1iMjNmLTQ3NTM3ZWI2NDRmNS8xLzRTT0dEaUROc3Nf
ZkxPLXpkVG9WdUNLQ2ttWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbks5DANBgkqhkiG9w0BAQsFAAOC
AQEAP7jHXleFviCwn1y8GUSLxwR3oCWLhH7UqlZoqp0Uzjb9LTZlHA5YFdo5VdIV
Ju+3GES7LJ3NYNG8kcN89c1I7maipIiezqnwLUXZ4lrQWhykYTFFOcN21W6uFuOv
I+YC0NTSRi0iA7D40L+peK9DW2E4S6qdf9Y+rbEWdRd+IqzJMtfu5QnmJe/j4OOQ
GXtsCTMc0KZ3yVvoQ3CI2I88Nr30WzBycG6vz2CpMCopJYtEw/917kzG7H+c2d/M
Y3hSvkFaPlY+xgdGpkksRZQu/+nVts08QqXhcv5QWw9WWsk94mooNpGHM8Oc4R17
S2EYSamylpP8/Uyx7coSh0g9Sw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:39 2025 by rpki-client