Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/IvK5sfGYGjQJyqxkQriZsLF--rc.roa
File: IvK5sfGYGjQJyqxkQriZsLF--rc.roa (raw, json)
Hash identifier: /ZIwBEeoM2r+GJX7Ro51cXjOMfRTPYDg9lTCQD/NlVY=
Subject key identifier: 22:F2:B9:B1:F1:98:1A:34:09:CA:AC:64:42:B8:99:B0:B1:7E:FA:B7
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 09AE65D3
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/IvK5sfGYGjQJyqxkQriZsLF--rc.roa
Signing time: Mon 25 Apr 2022 11:20:06 +0000
ROA not before: Mon 25 Apr 2022 11:20:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15611
IP address blocks: 185.79.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162424275 (0x9ae65d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Apr 25 11:20:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22f2b9b1f1981a3409caac6442b899b0b17efab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:57:a4:dd:95:80:44:60:6d:a1:73:b2:83:16:
c6:ed:2d:43:bc:d6:16:d0:73:70:ec:06:8e:d6:52:
da:15:f6:ef:55:9e:13:55:c1:bf:fa:93:b2:70:b6:
db:98:36:bf:da:a1:8e:38:b6:74:95:0f:4c:8a:77:
90:e5:3c:78:93:45:74:23:6d:96:8c:17:b3:fc:eb:
23:fe:38:61:bf:df:22:5c:8d:75:f3:ff:c7:c3:4d:
a7:44:e4:29:6b:01:f3:d5:4e:89:f1:53:56:b0:5a:
bb:db:cb:17:aa:ea:4c:8f:43:50:19:7d:e6:c4:e8:
10:f6:8d:e2:32:b4:8b:38:4f:05:b0:28:4c:81:c9:
2d:a5:1c:05:c6:9e:fc:c0:6c:f3:39:a4:af:94:d0:
84:57:45:a7:c6:31:14:83:5c:bf:f6:b4:7a:e9:96:
e5:25:f6:ad:29:20:42:dd:b0:e0:2e:f6:79:a7:24:
74:d2:a7:22:d3:5e:f1:4b:9e:7f:9e:0e:2e:ac:ae:
36:fa:b0:56:2c:26:f1:4c:f1:90:78:1d:e4:40:ec:
7e:75:85:7e:37:15:64:5d:c7:ff:b6:1c:5c:e6:5e:
11:1a:9f:e3:f0:ac:6d:32:41:93:bc:fd:d5:80:20:
e6:20:1f:c0:6e:98:df:6a:4d:32:26:7e:09:17:36:
39:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F2:B9:B1:F1:98:1A:34:09:CA:AC:64:42:B8:99:B0:B1:7E:FA:B7
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/IvK5sfGYGjQJyqxkQriZsLF--rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.96.0/24
Signature Algorithm: sha256WithRSAEncryption
37:17:07:fb:3b:fb:2c:71:ca:9c:50:2d:d5:89:ac:57:83:cf:
03:91:3c:8e:50:a6:93:65:ab:25:c1:69:b2:3d:47:94:81:e2:
9e:d7:d2:a7:af:40:04:e2:25:a8:50:51:23:fd:2a:2f:f1:e4:
90:d1:93:86:9a:19:1b:61:57:6f:ab:11:61:03:4b:ef:31:fb:
ea:3a:ac:4e:14:f6:96:cf:4e:81:8e:61:4f:23:a1:2c:51:4d:
93:c7:ac:2c:b4:03:90:ce:d9:ad:36:44:0c:22:98:00:d9:09:
dd:55:c1:88:6c:dc:71:8d:89:e1:e7:64:bd:d2:eb:12:ce:72:
7b:55:11:71:dd:15:52:76:ab:85:c5:70:34:0b:75:b4:44:2f:
d4:25:95:bc:aa:c9:f2:a4:98:51:fb:0e:c6:0a:6b:bf:18:32:
4c:6b:96:20:48:b6:bb:92:4a:b4:c5:30:9c:24:18:de:45:89:
26:98:5e:4a:3b:af:78:bf:e7:51:ed:3e:f4:c0:44:2f:49:ab:
f9:88:48:8a:e5:f0:c2:16:9d:84:55:3e:50:52:9a:cd:b6:c8:
77:bc:bc:5a:7b:9f:3b:a4:74:5f:7a:76:a2:82:0c:b1:5f:3e:
47:e9:b7:8b:f2:7d:59:e3:03:d9:83:bb:9d:1b:8c:77:d8:58:
22:87:a7:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECa5l0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTNlMDUxY2I4MzFkMTk4OTYwN2JiNzZjMGJjNTY5M2ZmOTQ3YjUzMB4XDTIyMDQy
NTExMjAwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJmMmI5YjFmMTk4
MWEzNDA5Y2FhYzY0NDJiODk5YjBiMTdlZmFiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRXpN2VgERgbaFzsoMWxu0tQ7zWFtBzcOwGjtZS2hX271We
E1XBv/qTsnC225g2v9qhjji2dJUPTIp3kOU8eJNFdCNtlowXs/zrI/44Yb/fIlyN
dfP/x8NNp0TkKWsB89VOifFTVrBau9vLF6rqTI9DUBl95sToEPaN4jK0izhPBbAo
TIHJLaUcBcae/MBs8zmkr5TQhFdFp8YxFINcv/a0eumW5SX2rSkgQt2w4C72eack
dNKnItNe8Uuef54OLqyuNvqwViwm8UzxkHgd5EDsfnWFfjcVZF3H/7YcXOZeERqf
4/CsbTJBk7z91YAg5iAfwG6Y32pNMiZ+CRc2Of8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQi8rmx8ZgaNAnKrGRCuJmwsX76tzAfBgNVHSMEGDAWgBSBPgUcuDHRmJYH
u3bAvFaT/5R7UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dUNEZITGd4MFppV0I3dDJ3THhXa18tVWUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8x
L0l2SzVzZkdZR2pRSnlxeGtRcmlac0xGLS1yYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8xL2dUNEZITGd4MFpp
V0I3dDJ3THhXa18tVWUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlPYDANBgkqhkiG9w0BAQsFAAOC
AQEANxcH+zv7LHHKnFAt1YmsV4PPA5E8jlCmk2WrJcFpsj1HlIHintfSp69ABOIl
qFBRI/0qL/HkkNGThpoZG2FXb6sRYQNL7zH76jqsThT2ls9OgY5hTyOhLFFNk8es
LLQDkM7ZrTZEDCKYANkJ3VXBiGzccY2J4edkvdLrEs5ye1URcd0VUnarhcVwNAt1
tEQv1CWVvKrJ8qSYUfsOxgprvxgyTGuWIEi2u5JKtMUwnCQY3kWJJpheSjuveL/n
Ue0+9MBEL0mr+YhIiuXwwhadhFU+UFKazbbId7y8WnufO6R0X3p2ooIMsV8+R+m3
i/J9WeMD2YO7nRuMd9hYIoenBg==
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:25:06 2025 by rpki-client