Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/4f-GIQguKcQ_ocTAzOlzi2Ef2-M.roa
File: 4f-GIQguKcQ_ocTAzOlzi2Ef2-M.roa (raw, json)
Hash identifier: kmRZJYGmoe1xJU27nCFuKo+bFYw6ww4MUT4w6PXzWa8=
Subject key identifier: E1:FF:86:21:08:2E:29:C4:3F:A1:C4:C0:CC:E9:73:8B:61:1F:DB:E3
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018CC2DB06C89D5B9112C2FF3E151E670EA7
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/4f-GIQguKcQ_ocTAzOlzi2Ef2-M.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201194
IP address blocks: 185.201.50.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:06:c8:9d:5b:91:12:c2:ff:3e:15:1e:67:0e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1ff8621082e29c43fa1c4c0cce9738b611fdbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:49:45:1e:5d:3e:29:c3:96:0b:f9:48:13:ff:
f0:88:b7:4e:fc:6a:59:01:34:4b:64:6a:12:5f:3d:
c0:ab:e9:1b:73:8d:d5:ad:b2:6c:e7:f0:da:aa:5f:
0a:fe:f5:07:b9:dc:1b:41:ef:a3:96:b7:70:98:29:
26:e1:56:f7:b5:e7:9c:d9:18:d8:21:11:f9:5e:19:
4b:2e:ea:8a:81:be:24:3d:48:f6:32:ba:dd:2a:57:
1a:4c:da:fd:d9:8f:64:a2:b1:0f:2d:7b:cd:49:9b:
9d:ec:91:92:81:bc:9a:bf:ef:36:ff:d1:51:0e:5e:
38:b0:df:0e:66:f0:b0:3e:cf:47:88:b8:87:a7:62:
2f:2c:84:eb:13:80:2a:b1:20:4c:de:ae:2c:29:ce:
e1:e8:fd:1f:64:a1:74:ff:30:54:ef:99:09:3e:8f:
06:b1:f1:c4:ed:83:ea:2b:8e:ed:b8:45:59:b1:56:
50:bc:85:d8:3b:de:f6:a4:df:50:56:79:09:a7:79:
79:ce:1c:34:68:cf:b5:2b:56:04:29:01:c2:09:d4:
a0:ec:70:1d:8a:81:ba:f7:ee:8e:31:ff:27:97:97:
11:6c:aa:1b:f1:b9:b0:2b:fc:6e:cc:31:1b:30:e6:
ab:b3:b0:02:60:02:01:ed:cb:b3:f8:1d:4c:00:64:
fc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FF:86:21:08:2E:29:C4:3F:A1:C4:C0:CC:E9:73:8B:61:1F:DB:E3
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/4f-GIQguKcQ_ocTAzOlzi2Ef2-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.50.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d6:67:5d:04:1a:9d:66:8e:12:92:84:9b:4c:10:f6:e9:54:
d2:c4:ba:fe:44:bc:b2:05:76:03:e4:22:29:57:36:ca:4d:7d:
e7:7a:96:c5:ee:51:a5:98:8d:a3:25:e2:b2:27:f6:4d:81:18:
51:2c:dd:09:00:da:21:df:90:1e:45:b1:63:f1:0e:98:6c:ea:
fa:03:6e:aa:5f:7f:58:dc:e4:08:aa:5e:0a:d6:97:2b:0f:ea:
1f:57:25:30:eb:b8:1b:11:5d:5a:ef:8e:4e:8b:53:71:52:ff:
9d:7a:b4:e0:a9:fa:98:9b:eb:c4:9e:fe:6f:a8:65:a9:78:23:
0a:8e:b4:61:ce:0b:a3:fc:3c:69:40:7a:b5:f3:7b:f3:38:59:
23:02:97:14:4b:0d:0a:8a:2c:e9:06:54:bb:b6:0c:0c:4f:94:
dd:73:9c:7c:c5:5b:a2:77:56:a1:d6:89:44:8b:2f:e3:0a:b4:
f9:25:85:f9:42:0a:a0:48:c4:17:ba:ec:79:76:e2:de:45:cd:
70:b6:aa:55:d0:b3:86:73:2b:39:f6:e2:e2:17:c6:51:8b:20:
19:32:4e:c9:df:c6:72:b8:4c:96:1d:35:51:31:87:7b:81:c1:
c5:44:80:9c:c5:d8:62:09:6f:aa:f0:03:51:93:c0:ba:f3:2d:
01:23:b0:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2wbInVuREsL/PhUeZw6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWZmODYyMTA4MmUyOWM0M2ZhMWM0YzBjY2U5NzM4YjYxMWZkYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UlFHl0+KcOWC/lIE//wiLdO/GpZ
ATRLZGoSXz3Aq+kbc43VrbJs5/Daql8K/vUHudwbQe+jlrdwmCkm4Vb3teec2RjY
IRH5XhlLLuqKgb4kPUj2MrrdKlcaTNr92Y9korEPLXvNSZud7JGSgbyav+82/9FR
Dl44sN8OZvCwPs9HiLiHp2IvLITrE4AqsSBM3q4sKc7h6P0fZKF0/zBU75kJPo8G
sfHE7YPqK47tuEVZsVZQvIXYO972pN9QVnkJp3l5zhw0aM+1K1YEKQHCCdSg7HAd
ioG69+6OMf8nl5cRbKob8bmwK/xuzDEbMOars7ACYAIB7cuz+B1MAGT8oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOH/hiEILinEP6HEwMzpc4thH9vjMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvNGYtR0lRZ3VLY1Ffb2NUQXpPbHppMkVmMi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuckyMA0G
CSqGSIb3DQEBCwUAA4IBAQBH1mddBBqdZo4SkoSbTBD26VTSxLr+RLyyBXYD5CIp
VzbKTX3nepbF7lGlmI2jJeKyJ/ZNgRhRLN0JANoh35AeRbFj8Q6YbOr6A26qX39Y
3OQIql4K1pcrD+ofVyUw67gbEV1a745Oi1NxUv+derTgqfqYm+vEnv5vqGWpeCMK
jrRhzguj/DxpQHq183vzOFkjApcUSw0KiizpBlS7tgwMT5Tdc5x8xVuid1ah1olE
iy/jCrT5JYX5QgqgSMQXuux5duLeRc1wtqpV0LOGcys59uLiF8ZRiyAZMk7J38Zy
uEyWHTVRMYd7gcHFRICcxdhiCW+q8ANRk8C68y0BI7AW
-----END CERTIFICATE-----
Generated at Fri Apr 18 13:45:23 2025 by rpki-client