Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/wc7uJquZkJpOThKTPo-_R0AXrio.roa
File: wc7uJquZkJpOThKTPo-_R0AXrio.roa (raw, json)
Hash identifier: nd5DzxkcpmRNuHVE66QK04Z0KOUtJV1o2nvdW/aGdB0=
Subject key identifier: C1:CE:EE:26:AB:99:90:9A:4E:4E:12:93:3E:8F:BF:47:40:17:AE:2A
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 09B020AC
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/wc7uJquZkJpOThKTPo-_R0AXrio.roa
Signing time: Mon 25 Apr 2022 11:21:59 +0000
ROA not before: Mon 25 Apr 2022 11:21:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 185.79.96.0/24 maxlen: 24
185.232.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162537644 (0x9b020ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Apr 25 11:21:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1ceee26ab99909a4e4e12933e8fbf474017ae2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8f:46:96:f2:40:d8:a7:13:8a:ad:f1:be:21:
95:07:e6:7e:55:0f:0a:7c:27:ad:20:8e:46:74:48:
c4:b1:1a:b5:38:13:ef:7c:ab:8a:46:b9:8e:80:36:
5a:c9:f9:89:4b:ab:8c:30:c3:f6:e3:eb:28:44:06:
1d:96:69:51:cd:1b:0c:4b:ad:13:9d:b0:30:e0:99:
9d:9c:4f:2d:a5:bf:12:04:9d:16:08:b9:47:49:c6:
4b:91:0e:1d:81:6c:99:37:c9:af:ee:d7:35:51:68:
c1:0e:d5:f3:88:fd:2a:30:3d:08:14:8b:ad:9e:6d:
3a:f8:bf:41:b3:15:fa:b6:6e:a0:f6:b2:7c:2a:e5:
93:d1:7b:ad:90:f4:27:bf:cf:b4:66:34:8f:0b:b8:
96:43:af:8d:c0:9f:46:5f:01:b6:85:33:89:46:8d:
f0:22:1e:54:93:cb:f9:e3:bb:65:e4:c1:d1:c3:88:
e6:89:dd:b4:69:79:eb:5c:63:d5:4c:e8:74:30:78:
1d:8d:7d:a2:39:ca:82:68:46:f5:b5:0d:6a:03:e0:
16:55:5a:7c:ff:55:ed:01:b0:69:e2:0c:93:46:3d:
28:85:db:95:9f:3a:8f:69:6c:f0:25:94:1e:10:15:
95:99:e8:f7:17:a1:dd:27:77:f4:da:4a:3f:b5:b0:
c1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CE:EE:26:AB:99:90:9A:4E:4E:12:93:3E:8F:BF:47:40:17:AE:2A
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/wc7uJquZkJpOThKTPo-_R0AXrio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.96.0/24
185.232.152.0/24
Signature Algorithm: sha256WithRSAEncryption
86:b6:e9:11:4a:26:17:cd:b0:5a:45:64:6f:23:31:56:9c:1e:
11:1d:d1:b6:ed:02:2e:aa:f4:fd:b4:a8:03:47:e1:c2:b0:08:
d1:65:5f:a6:da:3b:87:22:91:cf:e9:3c:9e:32:b0:d7:ac:ac:
aa:a7:6e:93:02:0f:07:a8:7e:ed:aa:3c:36:e5:2d:e0:1f:fb:
c2:56:4a:c8:e5:80:b5:c8:47:67:e1:3c:42:21:27:60:a7:87:
33:e1:f2:62:4c:f2:25:55:2a:fe:b2:57:11:0d:8d:13:b2:b6:
f3:25:39:e2:12:bc:c4:10:e0:e4:8e:f4:99:b2:e3:d8:7a:15:
ca:af:d8:a7:a9:df:7e:9a:f7:90:9f:9d:71:a1:ab:e0:ab:29:
0e:52:f7:11:3e:28:1a:7a:8a:ea:e3:3b:ea:67:98:4c:f5:7a:
5b:c6:38:47:ce:ec:66:d0:5a:04:1e:91:b6:ca:55:c7:ea:49:
1c:29:d0:9e:b9:2b:20:85:41:3a:d0:04:62:90:0f:cb:10:34:
3d:d7:eb:91:c4:f8:f6:2a:f1:85:07:9d:f9:33:04:12:50:d0:
bf:0c:d6:a8:e8:d3:64:a3:63:bb:b5:42:b8:22:ba:3a:99:a0:
68:45:8f:ea:9d:15:d0:82:61:95:af:03:97:f4:1f:21:a4:ce:
45:04:0b:8c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECbAgrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTNlMDUxY2I4MzFkMTk4OTYwN2JiNzZjMGJjNTY5M2ZmOTQ3YjUzMB4XDTIyMDQy
NTExMjE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzFjZWVlMjZhYjk5
OTA5YTRlNGUxMjkzM2U4ZmJmNDc0MDE3YWUyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGPRpbyQNinE4qt8b4hlQfmflUPCnwnrSCORnRIxLEatTgT
73yrika5joA2Wsn5iUurjDDD9uPrKEQGHZZpUc0bDEutE52wMOCZnZxPLaW/EgSd
Fgi5R0nGS5EOHYFsmTfJr+7XNVFowQ7V84j9KjA9CBSLrZ5tOvi/QbMV+rZuoPay
fCrlk9F7rZD0J7/PtGY0jwu4lkOvjcCfRl8BtoUziUaN8CIeVJPL+eO7ZeTB0cOI
5ondtGl561xj1UzodDB4HY19ojnKgmhG9bUNagPgFlVafP9V7QGwaeIMk0Y9KIXb
lZ86j2ls8CWUHhAVlZno9xeh3Sd39NpKP7WwwXsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTBzu4mq5mQmk5OEpM+j79HQBeuKjAfBgNVHSMEGDAWgBSBPgUcuDHRmJYH
u3bAvFaT/5R7UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dUNEZITGd4MFppV0I3dDJ3THhXa18tVWUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8x
L3djN3VKcXVaa0pwT1RoS1RQby1fUjBBWHJpby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8xL2dUNEZITGd4MFpp
V0I3dDJ3THhXa18tVWUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlPYAMEALnomDANBgkqhkiG9w0B
AQsFAAOCAQEAhrbpEUomF82wWkVkbyMxVpweER3Rtu0CLqr0/bSoA0fhwrAI0WVf
pto7hyKRz+k8njKw16ysqqdukwIPB6h+7ao8NuUt4B/7wlZKyOWAtchHZ+E8QiEn
YKeHM+HyYkzyJVUq/rJXEQ2NE7K28yU54hK8xBDg5I70mbLj2HoVyq/Yp6nffpr3
kJ+dcaGr4KspDlL3ET4oGnqK6uM76meYTPV6W8Y4R87sZtBaBB6RtspVx+pJHCnQ
nrkrIIVBOtAEYpAPyxA0PdfrkcT49irxhQed+TMEElDQvwzWqOjTZKNju7VCuCK6
OpmgaEWP6p0V0IJhla8Dl/QfIaTORQQLjA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:43 2025 by rpki-client