Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/U8YH4nydqvTEMvXjxSkzo5IFdig.roa
File: U8YH4nydqvTEMvXjxSkzo5IFdig.roa (raw, json)
Hash identifier: qkoM1ckV90DmxjiNvPCK8GDxcfMBHFoAeiek4yc4lRU=
Subject key identifier: 53:C6:07:E2:7C:9D:AA:F4:C4:32:F5:E3:C5:29:33:A3:92:05:76:28
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 388B4DBE
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/U8YH4nydqvTEMvXjxSkzo5IFdig.roa
Signing time: Sat 01 Jan 2022 01:51:50 +0000
ROA not before: Sat 01 Jan 2022 01:51:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213241
IP address blocks: 185.185.230.0/24 maxlen: 24
87.238.226.0/24 maxlen: 24
94.139.34.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948653502 (0x388b4dbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 1 01:51:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53c607e27c9daaf4c432f5e3c52933a392057628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:dd:13:a5:c9:9b:0f:50:84:c4:88:53:bd:aa:
3f:f0:35:0d:d0:3b:1d:9d:b0:37:2e:3f:5b:39:a2:
80:82:01:b6:34:37:2e:fa:39:56:9a:06:74:f8:47:
ea:60:d1:29:8a:9a:fe:60:ca:99:07:0c:60:75:1a:
d8:4a:3d:d9:ee:8e:04:c9:40:0c:23:8e:2d:6b:2c:
13:20:3e:65:16:ce:08:24:5e:c6:c3:56:07:e1:bd:
6b:0e:2e:6e:6c:0f:10:ad:ee:dd:5c:b2:73:99:28:
c2:e3:ee:67:2c:1d:da:06:f6:36:3b:a9:2c:86:a6:
7e:d0:a3:e8:0a:9c:dd:82:0c:23:9b:be:0a:8c:c1:
90:8a:7d:8d:19:cb:c2:8a:c7:60:85:c9:fd:2c:30:
32:2b:bf:3c:d4:38:ba:21:df:8e:68:34:89:3e:b8:
e4:ca:e3:19:4b:0a:44:46:9f:76:44:99:6e:55:fd:
5d:38:78:9c:e4:9d:4b:17:1c:40:e3:a5:02:6c:9a:
d5:db:0e:97:06:55:1e:2b:c8:01:a3:aa:c7:85:63:
7e:24:db:d8:30:2b:0d:ed:fc:b1:45:30:b9:62:38:
f4:37:2c:d2:20:f7:fa:24:87:75:e9:2b:bd:bd:99:
e8:00:e5:22:a4:0f:90:ce:d2:52:69:ce:29:9a:78:
04:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C6:07:E2:7C:9D:AA:F4:C4:32:F5:E3:C5:29:33:A3:92:05:76:28
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/U8YH4nydqvTEMvXjxSkzo5IFdig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.226.0/24
94.139.34.0/23
185.185.230.0/24
Signature Algorithm: sha256WithRSAEncryption
95:74:56:ec:dd:50:28:28:ad:d2:21:cf:8f:32:c6:44:50:4a:
ef:9f:c6:cc:60:a6:5c:e1:11:da:87:6a:26:02:9e:38:cc:ca:
9b:da:91:5e:dd:cb:6e:cd:32:d0:87:a2:af:1f:b8:0c:24:bb:
a0:c9:de:f1:6a:b3:f4:d0:fd:da:89:43:68:72:23:49:25:f5:
60:ca:ac:64:ad:e5:37:f9:6e:2d:15:a6:ec:79:27:38:ab:7a:
99:75:d6:0f:71:e5:12:63:38:eb:8c:96:f8:31:35:7a:06:86:
5b:ea:8b:fc:a1:57:67:ac:4f:e4:ca:50:12:22:81:40:64:95:
f5:7a:65:90:14:4f:1d:84:5f:b8:1e:7e:24:2e:22:c6:d2:eb:
18:d5:2b:a6:d5:a1:5e:fb:cb:e2:2d:90:fb:6d:0a:91:ce:4b:
22:83:27:eb:e6:51:52:68:f9:7a:5a:d2:9f:c6:6f:57:85:1b:
97:c7:0e:ba:58:64:7e:96:ce:94:f3:97:7b:aa:0c:80:e7:58:
c6:e3:99:b4:2e:a7:9e:5d:7d:08:34:03:2b:5e:f3:ef:90:e2:
03:87:01:76:71:af:de:91:15:ac:77:29:de:75:06:6a:55:8e:
6c:4f:9c:28:e8:42:39:99:23:1f:5d:b8:ea:fb:b8:65:bf:d5:
68:76:47:bd
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEOItNvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Nzc3YjViMzZmNjZlMTNjNDM4OGM5OTM0ZGE1MDc4NTY1MTVkMDczMB4XDTIyMDEw
MTAxNTE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNjNjA3ZTI3Yzlk
YWFmNGM0MzJmNWUzYzUyOTMzYTM5MjA1NzYyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfdE6XJmw9QhMSIU72qP/A1DdA7HZ2wNy4/WzmigIIBtjQ3
Lvo5VpoGdPhH6mDRKYqa/mDKmQcMYHUa2Eo92e6OBMlADCOOLWssEyA+ZRbOCCRe
xsNWB+G9aw4ubmwPEK3u3Vyyc5kowuPuZywd2gb2NjupLIamftCj6Aqc3YIMI5u+
CozBkIp9jRnLworHYIXJ/SwwMiu/PNQ4uiHfjmg0iT645MrjGUsKREafdkSZblX9
XTh4nOSdSxccQOOlAmya1dsOlwZVHivIAaOqx4VjfiTb2DArDe38sUUwuWI49Dcs
0iD3+iSHdekrvb2Z6ADlIqQPkM7SUmnOKZp4BJ0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRTxgfifJ2q9MQy9ePFKTOjkgV2KDAfBgNVHSMEGDAWgBSHd7Wzb2bhPEOI
yZNNpQeFZRXQczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gzZTFzMjltNFR4RGlNbVRUYVVIaFdVVjBITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvZjkyZTJhLWUxZTQtNDg3ZC05YWNjLWVkMWYzMGNjMWM1Ny8x
L1U4WUg0bnlkcXZURU12WGp4U2t6bzVJRmRpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
ZjkyZTJhLWUxZTQtNDg3ZC05YWNjLWVkMWYzMGNjMWM1Ny8xL2gzZTFzMjltNFR4
RGlNbVRUYVVIaFdVVjBITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFfu4gMEAV6LIgMEALm55jANBgkq
hkiG9w0BAQsFAAOCAQEAlXRW7N1QKCit0iHPjzLGRFBK75/GzGCmXOER2odqJgKe
OMzKm9qRXt3Lbs0y0Ieirx+4DCS7oMne8Wqz9ND92olDaHIjSSX1YMqsZK3lN/lu
LRWm7HknOKt6mXXWD3HlEmM464yW+DE1egaGW+qL/KFXZ6xP5MpQEiKBQGSV9Xpl
kBRPHYRfuB5+JC4ixtLrGNUrptWhXvvL4i2Q+20Kkc5LIoMn6+ZRUmj5elrSn8Zv
V4Ubl8cOulhkfpbOlPOXe6oMgOdYxuOZtC6nnl19CDQDK17z75DiA4cBdnGv3pEV
rHcp3nUGalWObE+cKOhCOZkjH1246vu4Zb/VaHZHvQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:17 2025 by rpki-client