Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/EIE--mrpqkUa_jv9vzbqmeckAaU.roa
File: EIE--mrpqkUa_jv9vzbqmeckAaU.roa (raw, json)
Hash identifier: msW4rAs5+kBOc6JjJX3obmc92WpO3GLY0n9e8Hpatc0=
Subject key identifier: 10:81:3E:FA:6A:E9:AA:45:1A:FE:3B:FD:BF:36:EA:99:E7:24:01:A5
Certificate issuer: /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial: 04664426
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/EIE--mrpqkUa_jv9vzbqmeckAaU.roa
Signing time: Sat 01 Jan 2022 09:03:34 +0000
ROA not before: Sat 01 Jan 2022 09:03:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205009
IP address blocks: 185.232.228.0/24 maxlen: 24
185.232.229.0/24 maxlen: 24
185.232.230.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73810982 (0x4664426)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Validity
Not Before: Jan 1 09:03:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10813efa6ae9aa451afe3bfdbf36ea99e72401a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c6:58:d8:cb:90:af:9f:0f:14:8f:68:2b:33:
fe:c8:f0:79:fb:8f:dc:c5:5e:20:5c:a0:16:80:0a:
7f:f8:1e:c1:c0:14:59:d8:ac:5f:59:d5:f7:52:11:
f7:43:10:f5:24:f0:6a:e6:29:81:d5:a7:96:3a:b4:
7a:2d:90:13:0a:f6:5f:5b:f9:3b:2a:c4:e8:da:20:
05:41:7c:d1:47:00:fa:4b:06:43:4e:5d:c9:67:e2:
24:5c:54:55:4c:52:f5:27:02:bc:6d:dd:61:10:6e:
57:75:e0:f3:f9:f0:aa:2a:72:d0:74:56:ff:30:f2:
41:7e:f3:d8:62:9c:c3:cb:77:e4:62:91:4c:bb:84:
be:5e:58:f8:97:04:2f:ae:99:13:90:06:39:1a:ef:
d9:82:50:16:01:4a:5c:a0:c2:e3:6a:d7:1a:a9:de:
8d:2b:b4:25:a8:a3:db:df:fd:b2:28:67:ea:b8:27:
bc:88:3f:a9:fc:50:68:88:c2:9f:7d:ed:6b:83:6a:
00:c4:89:70:b5:e5:19:52:f8:eb:cb:b4:a6:b5:bd:
f1:eb:16:43:77:fe:d0:5c:c2:aa:da:6c:68:5d:c1:
41:11:36:51:95:93:5f:58:77:ee:b6:17:8b:d8:35:
ea:57:1f:2a:8d:b7:b8:ca:6f:2c:0b:b7:be:e3:1a:
3d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:81:3E:FA:6A:E9:AA:45:1A:FE:3B:FD:BF:36:EA:99:E7:24:01:A5
X509v3 Authority Key Identifier:
keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/EIE--mrpqkUa_jv9vzbqmeckAaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.228.0-185.232.230.255
Signature Algorithm: sha256WithRSAEncryption
0b:93:1a:92:8b:48:52:5d:5a:28:e1:dd:9f:dc:59:05:00:63:
6b:06:3c:c6:43:c7:a8:5a:6d:f1:22:d5:b1:e9:18:83:ce:6f:
1b:fd:a3:5e:9b:8a:6b:38:92:9c:58:c4:f3:fd:02:b0:19:ae:
f0:b0:33:8d:ed:c1:36:e7:ab:ee:c1:89:7e:77:a7:a2:f8:61:
8c:37:73:04:fb:ef:f0:7a:9d:6e:f3:45:42:fe:ee:5b:45:d1:
04:64:11:87:25:c5:74:9a:da:47:4e:2b:99:63:b5:e0:b9:e3:
8c:97:b2:92:16:a5:67:7c:ba:64:30:06:21:8a:fa:99:2c:7d:
e6:37:5f:63:35:83:e8:5e:ec:ad:ec:26:93:0f:cf:9f:43:95:
fc:3a:2c:97:b8:ae:79:fd:21:7b:6c:eb:d2:e0:d3:90:40:1a:
2f:6b:d1:78:af:55:2f:95:db:3b:97:86:e4:26:93:5e:85:d2:
49:b4:ac:51:13:b7:3e:00:a2:68:27:84:a8:c9:e3:53:c8:9a:
b7:fc:71:f7:4d:c8:2b:d1:b9:d3:8d:25:8a:3b:a2:c9:51:9f:
7e:21:52:ca:9e:be:0d:c3:56:9d:72:28:47:16:4f:e0:ab:fa:
14:0b:ff:bc:42:0c:18:a1:37:2c:3f:d0:56:0b:c8:e4:b4:9c:
60:ee:eb:68
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBGZEJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZWE4NzkwYTA4YzhlMGQ4NDU4OGQ5NGQxYTUxYmNhOWFiZTc1ODFkMB4XDTIyMDEw
MTA5MDMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTA4MTNlZmE2YWU5
YWE0NTFhZmUzYmZkYmYzNmVhOTllNzI0MDFhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/GWNjLkK+fDxSPaCsz/sjwefuP3MVeIFygFoAKf/gewcAU
WdisX1nV91IR90MQ9STwauYpgdWnljq0ei2QEwr2X1v5OyrE6NogBUF80UcA+ksG
Q05dyWfiJFxUVUxS9ScCvG3dYRBuV3Xg8/nwqipy0HRW/zDyQX7z2GKcw8t35GKR
TLuEvl5Y+JcEL66ZE5AGORrv2YJQFgFKXKDC42rXGqnejSu0Jaij29/9sihn6rgn
vIg/qfxQaIjCn33ta4NqAMSJcLXlGVL468u0prW98esWQ3f+0FzCqtpsaF3BQRE2
UZWTX1h37rYXi9g16lcfKo23uMpvLAu3vuMaPckCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQQgT76aumqRRr+O/2/NuqZ5yQBpTAfBgNVHSMEGDAWgBReqHkKCMjg2EWI
2U0aUbypq+dYHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hxaDVDZ2pJNE5oRmlObE5HbEc4cWF2bldCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvYzA2YTIzLTAxNjMtNDdhNS04NjA4LTMwYzBhMTExY2Q1NS8x
L0VJRS0tbXJwcWtVYV9qdjl2emJxbWVja0FhVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
YzA2YTIzLTAxNjMtNDdhNS04NjA4LTMwYzBhMTExY2Q1NS8xL1hxaDVDZ2pJNE5o
RmlObE5HbEc4cWF2bldCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCuejkAwQAuejmMA0GCSqGSIb3
DQEBCwUAA4IBAQALkxqSi0hSXVoo4d2f3FkFAGNrBjzGQ8eoWm3xItWx6RiDzm8b
/aNem4prOJKcWMTz/QKwGa7wsDON7cE256vuwYl+d6ei+GGMN3ME++/wep1u80VC
/u5bRdEEZBGHJcV0mtpHTiuZY7XgueOMl7KSFqVnfLpkMAYhivqZLH3mN19jNYPo
Xuyt7CaTD8+fQ5X8OiyXuK55/SF7bOvS4NOQQBova9F4r1Uvlds7l4bkJpNehdJJ
tKxRE7c+AKJoJ4SoyeNTyJq3/HH3Tcgr0bnTjSWKO6LJUZ9+IVLKnr4Nw1adcihH
Fk/gq/oUC/+8QgwYoTcsP9BWC8jktJxg7uto
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:31 2025 by rpki-client