Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/7wQ15nr4_FmW-AmXIKCN4kSQl38.roa
File: 7wQ15nr4_FmW-AmXIKCN4kSQl38.roa (raw, json)
Hash identifier: L3VcpeMXlJTlbhHiko/mQYss6I8sgzGlOebdvB+hbGg=
Subject key identifier: EF:04:35:E6:7A:F8:FC:59:96:F8:09:97:20:A0:8D:E2:44:90:97:7F
Certificate issuer: /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial: 01856BCA31269FA4D93EA9E5AD7177836A21
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/7wQ15nr4_FmW-AmXIKCN4kSQl38.roa
Signing time: Sun 01 Jan 2023 05:24:50 +0000
ROA not before: Sun 01 Jan 2023 05:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207344
IP address blocks: 185.232.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:31:26:9f:a4:d9:3e:a9:e5:ad:71:77:83:6a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Validity
Not Before: Jan 1 05:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef0435e67af8fc5996f8099720a08de24490977f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2e:2a:f8:50:7b:c2:d2:19:70:1c:2f:58:4b:
dc:ad:ca:76:28:d5:4a:2a:dd:a0:ca:6e:4b:42:4b:
5f:3b:3f:a7:e8:e1:e5:3f:32:52:4e:31:bc:d6:4c:
90:2d:57:6f:4c:47:72:22:7e:75:56:06:3c:06:6a:
f1:a6:1f:2b:8b:c7:e5:97:07:55:7c:b3:75:5b:b3:
11:cf:45:c4:22:f1:c1:f3:e8:a4:b7:79:40:bf:87:
fd:f7:ed:aa:34:77:ab:5c:38:21:a2:7d:27:85:99:
f5:11:f0:a1:61:06:1b:79:89:68:4c:25:11:77:b8:
a0:47:e1:d7:a3:54:e2:53:a8:c1:45:da:76:80:43:
e1:87:5f:67:30:48:7b:54:d2:d4:0c:18:79:e4:1b:
4a:3a:ef:29:d3:0e:25:51:2e:69:00:d1:44:29:00:
c1:b8:7e:29:f0:f1:df:5b:55:5c:bc:23:84:1a:82:
ef:23:8e:c0:c5:23:c9:3e:51:70:25:e2:63:d3:53:
23:af:c7:fe:48:71:ab:17:26:7f:9b:bf:60:71:f0:
f1:09:35:7f:7b:ce:52:98:4b:ac:4a:0e:7a:55:a2:
46:f2:9c:4f:02:de:08:b4:e9:cf:0f:db:b2:9d:ef:
3a:8c:8c:ee:d3:ae:75:4b:c1:c4:06:b2:6f:89:a4:
3f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:04:35:E6:7A:F8:FC:59:96:F8:09:97:20:A0:8D:E2:44:90:97:7F
X509v3 Authority Key Identifier:
keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/7wQ15nr4_FmW-AmXIKCN4kSQl38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.231.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:07:47:3e:d0:8f:d4:bc:97:bb:fb:d6:b6:74:dc:f1:4d:99:
f5:c8:4f:a8:3c:e6:0c:b7:c3:2b:51:ed:39:d6:8b:9d:96:18:
76:c2:48:8e:58:79:cd:5e:8e:dd:7b:e0:19:ce:9b:49:82:32:
71:50:80:a5:d4:62:2a:d9:ef:22:80:96:50:69:44:7a:44:b9:
ba:b9:42:0e:d2:d6:6a:0d:a7:6e:00:61:a4:05:23:c7:8e:1c:
6a:8e:de:2e:2c:57:82:57:55:b4:db:d6:48:50:38:3d:03:96:
5a:16:47:8f:17:c0:59:c5:81:3e:bd:00:6f:1d:6d:06:a5:71:
d5:df:55:e7:2c:c4:42:99:79:b0:bc:1b:9e:2c:cb:59:1e:72:
28:80:85:93:0a:b4:23:4a:09:ee:2a:a4:cc:cb:63:3e:fd:02:
29:13:27:45:af:89:fa:46:ff:3c:3b:a3:0c:42:0e:46:7a:17:
76:d9:bd:f4:79:17:ea:f0:70:de:b4:b6:d1:7f:3a:4d:23:77:
ca:bc:ba:e4:96:4d:96:71:27:d2:08:7c:36:49:0f:13:85:68:
63:bb:10:fb:c9:d0:ba:07:80:c7:5a:c4:e9:0c:89:ad:d4:ac:
0c:06:85:14:07:7f:2c:af:7c:ca:0a:0c:1a:28:4c:73:c6:ed:
86:f1:3a:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVryjEmn6TZPqnlrXF3g2ohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjMwMTAxMDUyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjA0MzVlNjdhZjhmYzU5OTZmODA5OTcyMGEwOGRlMjQ0OTA5NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni4q+FB7wtIZcBwvWEvcrcp2KNVK
Kt2gym5LQktfOz+n6OHlPzJSTjG81kyQLVdvTEdyIn51VgY8Bmrxph8ri8fllwdV
fLN1W7MRz0XEIvHB8+ikt3lAv4f99+2qNHerXDghon0nhZn1EfChYQYbeYloTCUR
d7igR+HXo1TiU6jBRdp2gEPhh19nMEh7VNLUDBh55BtKOu8p0w4lUS5pANFEKQDB
uH4p8PHfW1VcvCOEGoLvI47AxSPJPlFwJeJj01Mjr8f+SHGrFyZ/m79gcfDxCTV/
e85SmEusSg56VaJG8pxPAt4ItOnPD9uyne86jIzu0651S8HEBrJviaQ/EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8ENeZ6+PxZlvgJlyCgjeJEkJd/MB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvN3dRMTVucjRfRm1XLUFtWElLQ040a1NRbDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuejnMA0G
CSqGSIb3DQEBCwUAA4IBAQA6B0c+0I/UvJe7+9a2dNzxTZn1yE+oPOYMt8MrUe05
1oudlhh2wkiOWHnNXo7de+AZzptJgjJxUICl1GIq2e8igJZQaUR6RLm6uUIO0tZq
DaduAGGkBSPHjhxqjt4uLFeCV1W029ZIUDg9A5ZaFkePF8BZxYE+vQBvHW0GpXHV
31XnLMRCmXmwvBueLMtZHnIogIWTCrQjSgnuKqTMy2M+/QIpEydFr4n6Rv88O6MM
Qg5Gehd22b30eRfq8HDetLbRfzpNI3fKvLrklk2WcSfSCHw2SQ8ThWhjuxD7ydC6
B4DHWsTpDImt1KwMBoUUB38sr3zKCgwaKExzxu2G8TpL
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:34 2025 by rpki-client