Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/EcSu6QQTmOklSpBdy0YnUwgBZ48.roa
File: EcSu6QQTmOklSpBdy0YnUwgBZ48.roa (raw, json)
Hash identifier: yJ8BOdWJOUhrnhtu20R7HNjMZvmumIzWnikM3/a761U=
Subject key identifier: 11:C4:AE:E9:04:13:98:E9:25:4A:90:5D:CB:46:27:53:08:01:67:8F
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0183FF94E87DDCB36C68BA413AF749E1C3E4
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/EcSu6QQTmOklSpBdy0YnUwgBZ48.roa
Signing time: Sat 22 Oct 2022 12:04:52 +0000
ROA not before: Sat 22 Oct 2022 12:04:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204650
IP address blocks: 185.201.51.0/24 maxlen: 24
185.201.48.0/24 maxlen: 24
185.82.136.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ff:94:e8:7d:dc:b3:6c:68:ba:41:3a:f7:49:e1:c3:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Oct 22 12:04:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11c4aee9041398e9254a905dcb4627530801678f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fc:7f:49:48:7e:b3:d4:d5:6f:90:76:1d:3e:
fb:0d:94:2c:0b:d5:85:7f:80:e2:20:91:51:5a:ce:
d8:1d:a7:3a:e8:b2:54:41:b7:97:81:8c:d1:4c:d5:
2f:b6:bf:3a:7b:38:23:ba:6b:e3:c9:6a:d6:e9:c7:
0a:a1:b2:7d:ba:c3:57:0b:2d:15:12:d3:81:2b:90:
12:aa:7a:21:12:7c:cc:0a:51:e2:f5:c8:6f:9b:8b:
d5:68:da:f6:89:45:59:57:d3:20:eb:1e:e8:f8:51:
21:af:b5:66:e4:ad:55:fc:7d:a2:2f:32:ae:91:5d:
2b:8d:5e:2a:e7:2d:4b:e1:5e:aa:97:ee:fb:9e:3c:
02:40:ae:4f:a7:29:4c:cd:40:f4:11:74:ab:f9:45:
37:ac:4d:71:7c:37:f5:7b:44:2b:e0:73:6c:28:6f:
cd:84:3f:9d:ac:6d:82:de:72:bf:6f:f1:b5:d9:91:
20:29:6d:dc:7a:76:56:f4:4b:c6:90:3f:a8:85:54:
7b:2b:32:0e:e2:3b:21:19:11:63:e3:52:e5:c4:42:
9e:df:40:ad:2d:b4:ec:8c:cb:58:1c:62:d4:a0:64:
3e:2a:15:6b:d6:47:3c:07:db:28:f0:83:03:7c:e9:
86:72:1b:6a:23:d6:fe:ba:7b:97:81:0a:47:88:f1:
9c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C4:AE:E9:04:13:98:E9:25:4A:90:5D:CB:46:27:53:08:01:67:8F
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/EcSu6QQTmOklSpBdy0YnUwgBZ48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.136.0/22
185.201.48.0/24
185.201.51.0/24
Signature Algorithm: sha256WithRSAEncryption
84:51:0b:06:f7:12:4d:21:9c:54:f8:14:cb:6f:83:34:52:1f:
c7:a2:91:7f:04:5b:5a:84:02:97:3b:c5:4c:15:40:19:46:06:
4b:50:73:49:7e:d6:d7:1a:3d:d6:b8:c8:f2:25:02:4d:84:91:
d5:63:58:d5:ae:51:83:08:41:07:33:06:fa:e0:5b:62:8f:e1:
33:fc:c2:a5:a7:6d:7e:cf:21:19:95:71:46:e7:fe:c4:75:a6:
f2:48:b4:07:1e:71:9a:d3:f2:b8:64:f6:1f:92:73:64:e7:8e:
8b:11:b1:8e:44:bf:ed:c2:a9:f6:8a:b9:b7:b6:5e:6c:c9:3d:
0c:11:df:e6:b4:eb:53:85:0c:4b:02:d6:db:3d:e9:3c:da:13:
ee:08:89:ce:13:56:38:aa:f9:1d:3f:74:9d:65:ed:08:0a:92:
3c:c1:d3:36:8b:5e:94:82:05:41:a8:2c:6e:0f:4f:b9:5b:c5:
83:43:f8:f1:e1:33:9a:30:53:d8:15:18:4d:e4:80:3a:d1:9e:
d9:df:19:60:78:e3:fe:4d:31:51:79:be:f8:36:c0:30:82:7b:
72:f9:65:1b:ce:8e:0a:fe:1f:26:9e:89:a9:77:4b:6d:e0:76:
7a:eb:c5:9d:6d:75:4f:ed:eb:c9:91:f5:93:59:68:d9:91:2d:
f1:ae:bb:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYP/lOh93LNsaLpBOvdJ4cPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIxMDIyMTIwNDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWM0YWVlOTA0MTM5OGU5MjU0YTkwNWRjYjQ2Mjc1MzA4MDE2NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPx/SUh+s9TVb5B2HT77DZQsC9WF
f4DiIJFRWs7YHac66LJUQbeXgYzRTNUvtr86ezgjumvjyWrW6ccKobJ9usNXCy0V
EtOBK5ASqnohEnzMClHi9chvm4vVaNr2iUVZV9Mg6x7o+FEhr7Vm5K1V/H2iLzKu
kV0rjV4q5y1L4V6ql+77njwCQK5PpylMzUD0EXSr+UU3rE1xfDf1e0Qr4HNsKG/N
hD+drG2C3nK/b/G12ZEgKW3cenZW9EvGkD+ohVR7KzIO4jshGRFj41LlxEKe30Ct
LbTsjMtYHGLUoGQ+KhVr1kc8B9so8IMDfOmGchtqI9b+unuXgQpHiPGceQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBHErukEE5jpJUqQXctGJ1MIAWePMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvRWNTdTZRUVRtT2tsU3BCZHkwWW5Vd2dCWjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuVKIAwQA
uckwAwQAuckzMA0GCSqGSIb3DQEBCwUAA4IBAQCEUQsG9xJNIZxU+BTLb4M0Uh/H
opF/BFtahAKXO8VMFUAZRgZLUHNJftbXGj3WuMjyJQJNhJHVY1jVrlGDCEEHMwb6
4Ftij+Ez/MKlp21+zyEZlXFG5/7EdabySLQHHnGa0/K4ZPYfknNk546LEbGORL/t
wqn2irm3tl5syT0MEd/mtOtThQxLAtbbPek82hPuCInOE1Y4qvkdP3SdZe0ICpI8
wdM2i16UggVBqCxuD0+5W8WDQ/jx4TOaMFPYFRhN5IA60Z7Z3xlgeOP+TTFReb74
NsAwgnty+WUbzo4K/h8mnompd0tt4HZ668WdbXVP7evJkfWTWWjZkS3xrrs6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:51 2025 by rpki-client