Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/j5oK6d1poKs_zwYZJOWpM1MDJ7g.roa
File: j5oK6d1poKs_zwYZJOWpM1MDJ7g.roa (raw, json)
Hash identifier: +HPNu7p6Jr2SfDWLtv3LhDOsPQ2iM8lmjlMYeaxI5yA=
Subject key identifier: 8F:9A:0A:E9:DD:69:A0:AB:3F:CF:06:19:24:E5:A9:33:53:03:27:B8
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 089BE483
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/j5oK6d1poKs_zwYZJOWpM1MDJ7g.roa
Signing time: Sat 01 Jan 2022 11:01:02 +0000
ROA not before: Sat 01 Jan 2022 11:01:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35372
IP address blocks: 185.79.99.0/24 maxlen: 24
185.232.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144434307 (0x89be483)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Jan 1 11:01:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f9a0ae9dd69a0ab3fcf061924e5a933530327b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b1:e4:e0:b2:25:3c:fa:99:af:25:3d:5a:f2:
c4:12:4a:00:b8:ea:f5:86:83:ef:8c:e7:42:c1:88:
12:13:de:d4:05:49:4b:5f:d4:cb:cf:70:62:47:ed:
89:e7:55:c9:51:8c:87:ae:a5:45:7e:81:17:ac:5a:
28:5a:a2:73:84:e9:8b:9b:78:c9:fa:05:0b:cf:b3:
53:89:f4:04:36:16:74:92:30:07:c2:4a:81:ff:be:
26:08:67:74:11:06:a6:11:d4:44:50:54:26:c9:14:
44:8e:b7:06:44:74:02:b6:21:23:d2:34:e2:1b:6e:
12:e7:d3:0f:2f:da:bc:57:64:39:f2:3c:fd:7b:b8:
58:f7:61:3c:69:b3:ab:9c:89:4d:6b:ef:ed:d8:7f:
de:72:9e:e3:3a:f4:19:15:21:21:bc:6f:b8:d3:4c:
35:2f:d0:ce:69:a0:af:b1:ab:cd:a7:4e:7c:16:5d:
64:e5:84:67:00:dc:b6:9b:a1:ff:0c:6f:01:5f:88:
7f:06:d4:a6:03:ec:2a:52:14:19:21:8c:e1:92:66:
5e:34:f3:de:da:87:8a:0a:6e:67:10:44:84:1e:d8:
8b:d5:2d:a1:05:d4:32:37:a9:5b:8d:90:0c:9e:21:
6d:9d:c3:35:4c:a2:74:2a:55:c8:85:d2:2e:67:8e:
41:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:9A:0A:E9:DD:69:A0:AB:3F:CF:06:19:24:E5:A9:33:53:03:27:B8
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/j5oK6d1poKs_zwYZJOWpM1MDJ7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.99.0/24
185.232.152.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:91:d6:86:df:b1:2c:c4:0f:6c:f9:7b:78:d5:4a:f7:e7:18:
c2:c7:b3:41:5c:02:01:4f:b7:f0:66:68:c2:15:d7:5e:ca:5d:
0d:f5:40:08:e1:06:c3:a4:cd:69:25:cb:e9:ad:b7:e6:4e:01:
7f:84:cd:8a:28:e5:31:0e:da:af:b1:45:4c:e2:0e:35:ce:42:
af:c8:76:9f:96:66:78:44:91:c3:50:84:73:7e:95:54:6e:55:
5d:de:8a:44:1d:5e:da:fb:2a:fd:cd:cf:db:98:97:2e:57:a9:
bd:ac:c4:85:43:ff:04:5f:56:3b:be:e8:51:6e:dc:5b:ba:d1:
15:e0:2d:2e:58:58:a7:39:2d:df:16:f5:f1:90:4c:80:55:31:
a0:1b:c1:23:7f:b0:5c:3b:d8:4f:1a:c4:a5:b0:4a:23:22:0e:
0e:e0:9c:40:7d:70:fe:0a:7f:84:d9:ed:37:16:46:79:39:14:
9d:8d:22:8d:6a:fa:5d:49:86:ff:2f:2b:ee:9c:ed:13:6a:7a:
ed:62:ff:95:f7:80:82:15:ab:74:f6:f7:03:53:ae:36:62:05:
a5:f3:33:92:d9:05:27:4c:82:48:79:ad:b1:44:64:2f:82:a4:
cb:f6:86:01:c7:36:48:fe:ab:79:a6:a9:86:f7:62:6a:45:d8:
11:f5:4f:0a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECJvkgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTNlMDUxY2I4MzFkMTk4OTYwN2JiNzZjMGJjNTY5M2ZmOTQ3YjUzMB4XDTIyMDEw
MTExMDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY5YTBhZTlkZDY5
YTBhYjNmY2YwNjE5MjRlNWE5MzM1MzAzMjdiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCx5OCyJTz6ma8lPVryxBJKALjq9YaD74znQsGIEhPe1AVJ
S1/Uy89wYkftiedVyVGMh66lRX6BF6xaKFqic4Tpi5t4yfoFC8+zU4n0BDYWdJIw
B8JKgf++JghndBEGphHURFBUJskURI63BkR0ArYhI9I04htuEufTDy/avFdkOfI8
/Xu4WPdhPGmzq5yJTWvv7dh/3nKe4zr0GRUhIbxvuNNMNS/Qzmmgr7GrzadOfBZd
ZOWEZwDctpuh/wxvAV+IfwbUpgPsKlIUGSGM4ZJmXjTz3tqHigpuZxBEhB7Yi9Ut
oQXUMjepW42QDJ4hbZ3DNUyidCpVyIXSLmeOQXkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSPmgrp3Wmgqz/PBhkk5akzUwMnuDAfBgNVHSMEGDAWgBSBPgUcuDHRmJYH
u3bAvFaT/5R7UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dUNEZITGd4MFppV0I3dDJ3THhXa18tVWUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8x
L2o1b0s2ZDFwb0tzX3p3WVpKT1dwTTFNREo3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8xL2dUNEZITGd4MFpp
V0I3dDJ3THhXa18tVWUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlPYwMEALnomDANBgkqhkiG9w0B
AQsFAAOCAQEAi5HWht+xLMQPbPl7eNVK9+cYwsezQVwCAU+38GZowhXXXspdDfVA
COEGw6TNaSXL6a235k4Bf4TNiijlMQ7ar7FFTOIONc5Cr8h2n5ZmeESRw1CEc36V
VG5VXd6KRB1e2vsq/c3P25iXLlepvazEhUP/BF9WO77oUW7cW7rRFeAtLlhYpzkt
3xb18ZBMgFUxoBvBI3+wXDvYTxrEpbBKIyIODuCcQH1w/gp/hNntNxZGeTkUnY0i
jWr6XUmG/y8r7pztE2p67WL/lfeAghWrdPb3A1OuNmIFpfMzktkFJ0yCSHmtsURk
L4Kky/aGAcc2SP6reaaphvdiakXYEfVPCg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:36 2025 by rpki-client