Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/E-VI7RWOyqGnm4rT0gJ-b-1huMo.roa
File: E-VI7RWOyqGnm4rT0gJ-b-1huMo.roa (raw, json)
Hash identifier: XbnHUesuAqGIIYtKivmBX4SBcIMny8ESb8num6sSYaw=
Subject key identifier: 13:E5:48:ED:15:8E:CA:A1:A7:9B:8A:D3:D2:02:7E:6F:ED:61:B8:CA
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 018CC56EAE1E8678E319C63CD8A7BDCA0307
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/E-VI7RWOyqGnm4rT0gJ-b-1huMo.roa
Signing time: Mon 01 Jan 2024 14:30:14 +0000
ROA not before: Mon 01 Jan 2024 14:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16223
IP address blocks: 185.53.79.0/24 maxlen: 24
5.58.0.0/16 maxlen: 23
217.196.160.0/20 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ae:1e:86:78:e3:19:c6:3c:d8:a7:bd:ca:03:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 1 14:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13e548ed158ecaa1a79b8ad3d2027e6fed61b8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f4:4e:81:13:6a:fd:47:56:e0:ef:37:7d:6e:
c2:9b:8a:45:6e:8b:c3:f9:dd:da:45:e4:5d:5b:47:
41:88:b9:14:0b:40:1b:ea:95:56:e0:ce:a9:9c:fc:
2b:90:3d:82:1b:60:db:db:da:c6:13:cb:b5:fa:4e:
be:ce:a0:20:fe:35:01:51:ef:05:5f:01:b7:c6:38:
67:c4:b0:82:0b:2e:40:c5:57:7c:41:3e:54:ed:95:
cd:06:bd:df:82:03:b9:d6:d6:01:cf:b6:1a:3d:0c:
8a:53:59:11:9e:68:c9:b0:b0:ce:7d:96:d4:06:8b:
88:29:64:1c:8a:5e:9e:14:bd:17:d8:dd:3c:57:4d:
81:1a:4d:d0:b6:d8:81:bb:a3:fb:50:e0:47:79:53:
e7:7c:0a:95:3d:5e:df:f8:31:9b:5b:b2:00:ce:69:
eb:8b:43:33:2f:13:49:d0:1e:e7:cf:03:a9:4a:5f:
8f:03:5b:a0:54:80:37:b1:3e:c2:ff:94:90:82:8e:
cc:dd:c9:55:eb:ff:03:4e:68:6a:2a:fd:55:98:2e:
5d:b7:8b:75:54:d4:29:a5:83:60:26:c0:e3:4a:10:
d3:36:29:44:1e:f3:0c:52:17:26:34:9e:bd:0d:9c:
52:a2:74:59:21:22:b3:19:bd:bb:60:25:2e:72:a8:
d4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E5:48:ED:15:8E:CA:A1:A7:9B:8A:D3:D2:02:7E:6F:ED:61:B8:CA
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/E-VI7RWOyqGnm4rT0gJ-b-1huMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.58.0.0/16
185.53.79.0/24
217.196.160.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:9e:d5:4d:e2:30:9a:de:6d:31:e2:81:ff:af:be:f8:f5:f3:
80:65:63:9c:4f:6b:2d:6b:58:51:bf:10:65:cf:a9:b1:43:db:
e7:22:31:2d:78:49:fe:7d:ca:82:b0:e5:dd:b0:c4:e0:b5:96:
94:d1:fe:57:53:49:a8:28:a1:6e:09:02:c6:c4:f8:96:28:b1:
f1:cc:8b:77:df:71:bb:c7:5e:a2:92:37:f7:bf:79:91:0a:e8:
8d:71:5f:ee:5a:af:25:9a:d4:9a:08:18:39:30:99:4e:3e:e2:
b9:0d:1e:2a:aa:9c:c4:7d:4b:06:07:59:dd:81:fd:43:b4:e5:
70:da:86:9b:63:d3:fb:3c:75:71:8d:9b:b9:25:d9:4b:b6:c9:
b0:d8:1c:b2:9b:3c:e1:d4:d1:e2:01:58:00:52:6a:ff:7f:89:
3f:d3:aa:19:a3:7c:b3:a0:2d:51:05:c7:56:57:68:91:e3:2f:
cd:fd:83:01:cb:21:3e:0a:84:34:ad:0f:7a:51:bd:5b:03:a4:
6a:61:e4:36:3e:49:7f:ce:22:16:ce:7a:1c:f1:a2:3f:13:ea:
42:37:00:ed:d0:ca:01:56:4c:6d:15:e0:74:4a:97:fa:72:6f:
9c:b8:b3:25:28:71:a0:3a:dc:0a:e2:71:a0:fa:9f:2d:aa:16:
b9:47:55:5c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzFbq4ehnjjGcY82Ke9ygMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjQwMTAxMTQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2U1NDhlZDE1OGVjYWExYTc5YjhhZDNkMjAyN2U2ZmVkNjFiOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovROgRNq/UdW4O83fW7Cm4pFbovD
+d3aReRdW0dBiLkUC0Ab6pVW4M6pnPwrkD2CG2Db29rGE8u1+k6+zqAg/jUBUe8F
XwG3xjhnxLCCCy5AxVd8QT5U7ZXNBr3fggO51tYBz7YaPQyKU1kRnmjJsLDOfZbU
BouIKWQcil6eFL0X2N08V02BGk3QttiBu6P7UOBHeVPnfAqVPV7f+DGbW7IAzmnr
i0MzLxNJ0B7nzwOpSl+PA1ugVIA3sT7C/5SQgo7M3clV6/8DTmhqKv1VmC5dt4t1
VNQppYNgJsDjShDTNilEHvMMUhcmNJ69DZxSonRZISKzGb27YCUucqjUwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBPlSO0Vjsqhp5uK09ICfm/tYbjKMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL0UtVkk3UldPeXFHbm00clQwZ0otYi0xaHVNby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgABMBEDAwAFOgME
ALk1TwMEBNnEoDANBgkqhkiG9w0BAQsFAAOCAQEAfZ7VTeIwmt5tMeKB/6+++PXz
gGVjnE9rLWtYUb8QZc+psUPb5yIxLXhJ/n3KgrDl3bDE4LWWlNH+V1NJqCihbgkC
xsT4liix8cyLd99xu8deopI39795kQrojXFf7lqvJZrUmggYOTCZTj7iuQ0eKqqc
xH1LBgdZ3YH9Q7TlcNqGm2PT+zx1cY2buSXZS7bJsNgcsps84dTR4gFYAFJq/3+J
P9OqGaN8s6AtUQXHVldokeMvzf2DAcshPgqENK0PelG9WwOkamHkNj5Jf84iFs56
HPGiPxPqQjcA7dDKAVZMbRXgdEqX+nJvnLizJShxoDrcCuJxoPqfLaoWuUdVXA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:28 2025 by rpki-client