Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/j3Bo6gP_1_qW8-BHRMtig6llQeM.roa
File: j3Bo6gP_1_qW8-BHRMtig6llQeM.roa (raw, json)
Hash identifier: wGNNXu/yAyHzTIG3G1qKBldZ26YZk5EPmO7Rg0FpsaY=
Subject key identifier: 8F:70:68:EA:03:FF:D7:FA:96:F3:E0:47:44:CB:62:83:A9:65:41:E3
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 01856F9DD2804266E08126E848FBE3F2F200
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/j3Bo6gP_1_qW8-BHRMtig6llQeM.roa
Signing time: Sun 01 Jan 2023 23:14:52 +0000
ROA not before: Sun 01 Jan 2023 23:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44285
IP address blocks: 185.79.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d2:80:42:66:e0:81:26:e8:48:fb:e3:f2:f2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Jan 1 23:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f7068ea03ffd7fa96f3e04744cb6283a96541e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fe:d2:41:f6:69:32:53:ce:17:2e:b2:d4:53:
42:05:d0:55:66:06:15:b5:24:8b:47:4e:83:ad:56:
52:75:d6:d6:b9:d0:6b:a3:2c:8a:7e:14:14:5e:20:
1c:4f:ae:21:3b:f0:88:04:21:03:d6:89:7a:60:16:
8b:93:e7:09:8f:bd:24:6c:f1:af:40:bc:11:eb:99:
48:d2:44:02:31:a3:b1:d2:39:2a:a6:43:25:27:1d:
9c:03:55:0f:52:85:40:89:32:f7:a7:df:bd:0e:f1:
e7:24:d5:87:da:5d:23:77:43:4e:3f:0e:c1:ee:62:
d5:0c:66:53:88:17:2d:70:cb:ca:fc:01:41:1a:cc:
c9:82:7e:76:48:cc:6a:c9:07:22:84:bd:14:61:d3:
2c:d4:8e:60:71:55:8e:eb:13:02:eb:48:55:f8:a5:
79:dd:d9:d8:97:34:18:be:34:86:b2:c3:60:6b:ab:
b9:92:b7:10:6d:7b:a4:12:3d:00:c2:68:83:c6:01:
73:51:50:0b:ae:32:f8:d5:0e:e2:6d:27:4e:d1:3e:
b6:c0:c3:7d:ff:9a:e0:25:c3:cb:a7:c9:fa:49:2a:
97:97:7d:64:29:eb:0a:26:a8:8a:47:78:25:c1:f4:
41:05:8a:8d:b9:85:77:78:c8:02:99:a8:a1:6e:5b:
6f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:70:68:EA:03:FF:D7:FA:96:F3:E0:47:44:CB:62:83:A9:65:41:E3
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/j3Bo6gP_1_qW8-BHRMtig6llQeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.96.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:c7:db:7f:36:09:7e:ba:a9:91:b4:1a:05:b8:59:ce:eb:9f:
2a:27:06:e4:77:18:dd:c9:72:76:97:7c:ac:3d:f6:d7:1f:5c:
77:60:b9:6e:b9:3e:dd:d4:c1:43:2c:0b:2d:eb:3b:a0:ee:1c:
fe:6e:c4:72:f5:fb:13:76:06:11:8e:d3:27:a7:83:1d:e1:62:
72:f6:9b:43:45:c9:df:5e:5c:ff:84:f8:89:68:f5:38:cf:34:
93:0a:78:8b:fe:00:83:42:6a:c8:73:9e:0c:b2:13:9f:f3:62:
52:b0:97:13:f3:9f:06:a0:08:fa:72:b8:71:4a:96:6c:72:0d:
42:6c:42:0f:0d:64:55:29:40:71:a1:09:52:e6:28:9b:57:29:
dc:f3:80:8d:41:3b:87:75:c8:bf:6b:7b:a0:3f:44:69:71:46:
31:78:ad:f1:9a:c2:49:65:a0:f5:cc:f8:77:e0:da:b7:45:02:
2d:52:70:59:96:de:83:5b:2f:2b:25:b4:1a:4a:b5:23:f0:cc:
a9:99:e3:50:a5:67:7f:3d:2c:1e:d6:7e:72:49:8a:ff:17:64:
a1:87:42:58:03:9b:4c:aa:a2:e6:ec:37:56:14:88:18:18:4d:
2e:2c:e4:06:65:c1:e6:ea:94:d4:cc:e0:b4:ac:27:1f:42:8f:
fd:3a:ae:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvndKAQmbggSboSPvj8vIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2UwNTFjYjgzMWQxOTg5NjA3YmI3NmMwYmM1NjkzZmY5
NDdiNTMwHhcNMjMwMTAxMjMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjcwNjhlYTAzZmZkN2ZhOTZmM2UwNDc0NGNiNjI4M2E5NjU0MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv7SQfZpMlPOFy6y1FNCBdBVZgYV
tSSLR06DrVZSddbWudBroyyKfhQUXiAcT64hO/CIBCED1ol6YBaLk+cJj70kbPGv
QLwR65lI0kQCMaOx0jkqpkMlJx2cA1UPUoVAiTL3p9+9DvHnJNWH2l0jd0NOPw7B
7mLVDGZTiBctcMvK/AFBGszJgn52SMxqyQcihL0UYdMs1I5gcVWO6xMC60hV+KV5
3dnYlzQYvjSGssNga6u5krcQbXukEj0AwmiDxgFzUVALrjL41Q7ibSdO0T62wMN9
/5rgJcPLp8n6SSqXl31kKesKJqiKR3glwfRBBYqNuYV3eMgCmaihbltvpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9waOoD/9f6lvPgR0TLYoOpZUHjMB8GA1UdIwQY
MBaAFIE+BRy4MdGYlge7dsC8VpP/lHtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQt
ZjU3N2FhNDZkZTgzLzEvajNCbzZnUF8xX3FXOC1CSFJNdGlnNmxsUWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQtZjU3N2FhNDZkZTgz
LzEvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU9gMA0G
CSqGSIb3DQEBCwUAA4IBAQALx9t/Ngl+uqmRtBoFuFnO658qJwbkdxjdyXJ2l3ys
PfbXH1x3YLluuT7d1MFDLAst6zug7hz+bsRy9fsTdgYRjtMnp4Md4WJy9ptDRcnf
Xlz/hPiJaPU4zzSTCniL/gCDQmrIc54MshOf82JSsJcT858GoAj6crhxSpZscg1C
bEIPDWRVKUBxoQlS5iibVync84CNQTuHdci/a3ugP0RpcUYxeK3xmsJJZaD1zPh3
4Nq3RQItUnBZlt6DWy8rJbQaSrUj8MypmeNQpWd/PSwe1n5ySYr/F2Shh0JYA5tM
qqLm7DdWFIgYGE0uLOQGZcHm6pTUzOC0rCcfQo/9Oq69
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:16 2025 by rpki-client