Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/7LP-HvSg5G1lz8IJObxqz30REMo.roa
File: 7LP-HvSg5G1lz8IJObxqz30REMo.roa (raw, json)
Hash identifier: b9WnJRSxMf7eGsJc0lV2Y2r2wNrd+Wc7Eacpnajj05g=
Subject key identifier: EC:B3:FE:1E:F4:A0:E4:6D:65:CF:C2:09:39:BC:6A:CF:7D:11:10:CA
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01856F66E905EE7C5DFA60F6652879BCA9DD
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/7LP-HvSg5G1lz8IJObxqz30REMo.roa
Signing time: Sun 01 Jan 2023 22:14:53 +0000
ROA not before: Sun 01 Jan 2023 22:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.63.18.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e9:05:ee:7c:5d:fa:60:f6:65:28:79:bc:a9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 1 22:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecb3fe1ef4a0e46d65cfc20939bc6acf7d1110ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:97:9b:d1:0b:3b:a3:bc:ff:86:67:5e:fd:86:
52:d8:f4:a1:33:4f:b1:88:33:88:c7:0d:e4:70:b3:
98:af:81:f2:d1:c2:a0:fb:6c:85:e4:4e:0a:df:f8:
cf:38:d6:55:5e:a8:97:ae:b5:5c:be:97:54:ad:50:
c8:a6:0b:b8:99:97:c6:da:20:31:a4:fa:1f:c5:53:
5d:8b:d7:64:b8:e2:44:da:02:be:c1:ed:ed:66:42:
e3:4c:d5:0a:ca:85:57:f5:b3:cd:6a:6e:b4:e1:68:
14:a5:9c:04:de:03:01:0a:0d:ed:4b:90:85:a1:9f:
f7:c8:18:e2:2e:e1:82:d5:01:fa:8e:c8:11:e4:2d:
f9:c9:b4:32:01:01:a1:69:31:92:6b:28:c2:11:b5:
63:18:91:0c:00:89:68:a7:d4:69:4e:24:23:1d:23:
33:cf:98:09:da:1c:e3:66:51:79:72:dc:2a:f9:ef:
8b:eb:df:27:a5:44:ef:f2:4a:42:d1:d5:99:1a:e1:
cd:56:af:41:b3:9b:1e:44:bd:db:a8:bc:56:52:96:
ca:fc:47:9c:dd:07:d5:ba:23:36:cf:3a:2a:45:7b:
91:e7:2d:c1:76:7f:9a:03:f0:4f:64:7d:51:ea:18:
3e:0e:c5:00:9a:12:31:0c:3c:a3:61:ef:cd:ce:71:
cd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B3:FE:1E:F4:A0:E4:6D:65:CF:C2:09:39:BC:6A:CF:7D:11:10:CA
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/7LP-HvSg5G1lz8IJObxqz30REMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.18.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:4c:78:08:62:63:5f:63:c9:e7:29:4d:e7:33:86:4e:b8:a0:
ac:86:ae:46:57:49:d6:78:2a:04:79:42:26:a2:73:d5:de:b7:
d2:83:9b:84:9b:42:ff:88:77:39:a0:3c:06:93:99:d4:52:cc:
35:5e:35:4d:32:b9:6c:df:d7:d4:39:1b:b2:4d:c9:81:2b:23:
ab:8c:d3:b7:70:3f:08:fc:08:02:5b:06:11:09:09:a4:a9:63:
45:9c:4f:37:31:76:9b:a5:e7:68:3a:92:79:27:87:4a:79:39:
44:92:c0:97:4c:50:d8:df:be:8b:86:f9:6a:79:3b:56:ff:1e:
dd:4c:ee:e3:e2:55:df:9a:0e:71:bc:c6:df:c6:49:d1:b9:c5:
50:31:2e:81:11:25:46:79:3c:eb:c8:31:a7:38:10:42:fe:96:
92:a9:6a:20:74:d9:35:76:23:f6:de:ff:0c:9e:29:21:75:7a:
ce:7a:5a:72:9f:a7:08:16:d7:21:4c:51:4c:a9:a0:d6:cd:ff:
82:7a:e9:55:90:61:eb:ae:08:ab:4a:a1:67:87:4f:ed:f9:ec:
fc:d4:e8:77:e1:3b:e0:22:ab:13:82:53:be:72:09:6d:ad:cc:
de:cf:f8:e2:4b:12:d2:c7:1a:80:96:4e:22:3f:7d:dc:8b:77:
d1:ca:c1:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZukF7nxd+mD2ZSh5vKndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2IzZmUxZWY0YTBlNDZkNjVjZmMyMDkzOWJjNmFjZjdkMTExMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZeb0Qs7o7z/hmde/YZS2PShM0+x
iDOIxw3kcLOYr4Hy0cKg+2yF5E4K3/jPONZVXqiXrrVcvpdUrVDIpgu4mZfG2iAx
pPofxVNdi9dkuOJE2gK+we3tZkLjTNUKyoVX9bPNam604WgUpZwE3gMBCg3tS5CF
oZ/3yBjiLuGC1QH6jsgR5C35ybQyAQGhaTGSayjCEbVjGJEMAIlop9RpTiQjHSMz
z5gJ2hzjZlF5ctwq+e+L698npUTv8kpC0dWZGuHNVq9Bs5seRL3bqLxWUpbK/Eec
3QfVuiM2zzoqRXuR5y3Bdn+aA/BPZH1R6hg+DsUAmhIxDDyjYe/NznHNIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyz/h70oORtZc/CCTm8as99ERDKMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvN0xQLUh2U2c1RzFsejhJSk9ieHF6MzBSRU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuT8SMA0G
CSqGSIb3DQEBCwUAA4IBAQAPTHgIYmNfY8nnKU3nM4ZOuKCshq5GV0nWeCoEeUIm
onPV3rfSg5uEm0L/iHc5oDwGk5nUUsw1XjVNMrls39fUORuyTcmBKyOrjNO3cD8I
/AgCWwYRCQmkqWNFnE83MXabpedoOpJ5J4dKeTlEksCXTFDY376LhvlqeTtW/x7d
TO7j4lXfmg5xvMbfxknRucVQMS6BESVGeTzryDGnOBBC/paSqWogdNk1diP23v8M
nikhdXrOelpyn6cIFtchTFFMqaDWzf+CeulVkGHrrgirSqFnh0/t+ez81Oh34Tvg
IqsTglO+cgltrczez/jiSxLSxxqAlk4iP33ci3fRysFx
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:41 2025 by rpki-client