Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/Hh6Pa6sxBKt6aGKGiDOiKyLY4Ik.roa
File: Hh6Pa6sxBKt6aGKGiDOiKyLY4Ik.roa (raw, json)
Hash identifier: 7XObgGtMbw11ce4d1pifxjvrJxE5VU+m3BkQiOpJycA=
Subject key identifier: 1E:1E:8F:6B:AB:31:04:AB:7A:68:62:86:88:33:A2:2B:22:D8:E0:89
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 01856F9DD235926D1C0AA37C8F61EF64A92C
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/Hh6Pa6sxBKt6aGKGiDOiKyLY4Ik.roa
Signing time: Sun 01 Jan 2023 23:14:52 +0000
ROA not before: Sun 01 Jan 2023 23:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 185.232.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d2:35:92:6d:1c:0a:a3:7c:8f:61:ef:64:a9:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Jan 1 23:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e1e8f6bab3104ab7a6862868833a22b22d8e089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5a:60:c2:dd:8c:f0:e3:f0:02:5a:05:f5:80:
02:aa:4b:58:ba:11:00:1f:c7:c9:9b:6e:52:63:92:
a6:38:15:fc:8d:4e:f2:2c:d8:1a:45:8e:4e:d7:a4:
77:00:27:78:62:8b:87:0b:c5:5c:b3:c8:91:1f:23:
3c:ca:b0:6d:46:2b:d2:7f:bf:ca:79:07:46:70:05:
dc:3f:7e:34:99:0c:e2:0c:dd:79:cb:3d:e5:5c:91:
d4:c4:03:a9:5b:2e:6a:35:fd:82:37:9b:60:bc:4a:
11:c6:19:ed:a7:f8:37:7e:6c:42:27:23:d3:3c:89:
03:c4:e3:8d:6f:af:a8:70:d1:e2:1c:85:88:f1:6a:
3e:11:35:96:ba:88:d6:bf:ea:86:e9:70:6c:5d:89:
f9:82:b7:4c:be:cf:43:5f:32:6a:52:9d:36:b8:9c:
f5:73:11:ed:76:cf:ff:6f:72:d0:d8:bc:25:df:33:
d4:f2:47:78:e8:51:66:26:37:ae:fb:dc:75:23:9d:
fa:d3:f2:63:db:b4:28:ac:50:78:1f:ac:65:1e:84:
6d:19:d9:61:fb:76:c1:93:4e:4f:9e:4c:fd:f3:6f:
d3:a4:88:77:67:c1:3e:6e:4b:97:16:61:87:f0:1b:
62:c1:e5:4c:5c:68:e5:79:cc:72:84:de:ed:fc:6a:
5c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:1E:8F:6B:AB:31:04:AB:7A:68:62:86:88:33:A2:2B:22:D8:E0:89
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/Hh6Pa6sxBKt6aGKGiDOiKyLY4Ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.152.0/24
Signature Algorithm: sha256WithRSAEncryption
03:34:d3:c5:dd:e5:f7:c7:16:0a:ab:9e:33:5b:78:a0:35:0b:
2d:1f:cc:64:0d:f7:7f:39:3b:3b:fb:42:4f:52:df:d5:53:c3:
d3:3a:85:91:6e:47:f3:9e:8f:60:b9:29:94:dc:6c:2c:d1:d9:
3d:1e:19:ec:6e:c9:42:e1:aa:4e:d9:64:1a:a9:27:c2:63:7c:
3a:3d:9f:63:94:a0:17:65:1d:58:27:0d:97:80:fc:18:47:1f:
51:fe:52:12:18:f7:a5:d7:21:7f:8c:58:82:0c:f0:1b:00:c6:
ea:79:e0:9e:16:a6:3f:7f:a4:99:90:df:57:78:32:41:d5:87:
4c:7c:b9:ad:fe:0b:ea:43:23:ca:e1:2e:4f:c9:9e:b1:f2:dd:
49:7f:c8:32:e0:a3:40:3a:80:8f:48:cf:0b:bc:44:b8:78:8d:
60:f4:78:b9:ae:d1:c3:b8:76:f0:53:7e:a5:58:0f:05:37:94:
26:90:c2:c1:bd:4b:a6:c4:3b:c9:ae:7c:5e:ed:92:11:0f:a1:
e7:18:ea:8e:ac:0e:27:a7:e9:e5:de:4a:58:10:ba:30:ea:a9:
89:80:40:47:fc:46:83:15:09:fe:e4:42:d2:5b:93:4c:f3:ec:
58:f8:da:f7:03:e0:43:20:28:d5:26:57:8c:4d:1a:df:c0:ea:
bb:0f:fb:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvndI1km0cCqN8j2HvZKksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2UwNTFjYjgzMWQxOTg5NjA3YmI3NmMwYmM1NjkzZmY5
NDdiNTMwHhcNMjMwMTAxMjMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTFlOGY2YmFiMzEwNGFiN2E2ODYyODY4ODMzYTIyYjIyZDhlMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1pgwt2M8OPwAloF9YACqktYuhEA
H8fJm25SY5KmOBX8jU7yLNgaRY5O16R3ACd4YouHC8Vcs8iRHyM8yrBtRivSf7/K
eQdGcAXcP340mQziDN15yz3lXJHUxAOpWy5qNf2CN5tgvEoRxhntp/g3fmxCJyPT
PIkDxOONb6+ocNHiHIWI8Wo+ETWWuojWv+qG6XBsXYn5grdMvs9DXzJqUp02uJz1
cxHtds//b3LQ2Lwl3zPU8kd46FFmJjeu+9x1I5360/Jj27QorFB4H6xlHoRtGdlh
+3bBk05Pnkz982/TpIh3Z8E+bkuXFmGH8BtiweVMXGjlecxyhN7t/GpcSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB4ej2urMQSremhihogzoisi2OCJMB8GA1UdIwQY
MBaAFIE+BRy4MdGYlge7dsC8VpP/lHtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQt
ZjU3N2FhNDZkZTgzLzEvSGg2UGE2c3hCS3Q2YUdLR2lET2lLeUxZNElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQtZjU3N2FhNDZkZTgz
LzEvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueiYMA0G
CSqGSIb3DQEBCwUAA4IBAQADNNPF3eX3xxYKq54zW3igNQstH8xkDfd/OTs7+0JP
Ut/VU8PTOoWRbkfzno9guSmU3Gws0dk9HhnsbslC4apO2WQaqSfCY3w6PZ9jlKAX
ZR1YJw2XgPwYRx9R/lISGPel1yF/jFiCDPAbAMbqeeCeFqY/f6SZkN9XeDJB1YdM
fLmt/gvqQyPK4S5PyZ6x8t1Jf8gy4KNAOoCPSM8LvES4eI1g9Hi5rtHDuHbwU36l
WA8FN5QmkMLBvUumxDvJrnxe7ZIRD6HnGOqOrA4np+nl3kpYELow6qmJgEBH/EaD
FQn+5ELSW5NM8+xY+Nr3A+BDICjVJleMTRrfwOq7D/uU
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:46:58 2025 by rpki-client