Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PwsD5O-Mq3lEg69coMrX9appxow.roa
File: PwsD5O-Mq3lEg69coMrX9appxow.roa (raw, json)
Hash identifier: claC73YqkqQ2Y47NC9oRd+2e/cSjIGCuv5b90IKpW84=
Subject key identifier: 3F:0B:03:E4:EF:8C:AB:79:44:83:AF:5C:A0:CA:D7:F5:AA:69:C6:8C
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 01824DED72CA9DF9C98A797A434355457C65
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PwsD5O-Mq3lEg69coMrX9appxow.roa
Signing time: Sat 30 Jul 2022 07:06:23 +0000
ROA not before: Sat 30 Jul 2022 07:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204650
IP address blocks: 185.201.51.0/24 maxlen: 24
185.201.48.0/24 maxlen: 24
185.82.136.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4d:ed:72:ca:9d:f9:c9:8a:79:7a:43:43:55:45:7c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jul 30 07:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f0b03e4ef8cab794483af5ca0cad7f5aa69c68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:76:bb:92:6f:9c:8d:d8:cc:c6:f3:fd:42:02:
6d:7e:25:ff:86:d4:fa:eb:3e:31:35:f5:be:04:41:
58:56:c3:ae:e4:4c:0f:bc:dc:6e:4a:50:af:56:94:
d2:82:c7:f9:3e:46:7d:0f:c4:c8:66:e3:bd:85:a8:
37:7c:61:56:85:e4:03:8b:3e:00:e0:a1:c8:73:88:
5c:9c:7d:58:5c:66:99:62:73:d9:80:1b:38:bc:0c:
f2:f6:97:eb:53:bc:59:2b:da:e8:20:1a:99:a6:4c:
1f:b3:4d:f0:a0:68:4b:08:a0:b5:a2:42:01:7b:a6:
21:b5:be:2f:7c:39:ca:67:af:00:f4:d6:8b:45:f6:
1e:d9:fc:36:01:79:10:c9:25:40:8f:5f:28:d6:a9:
c9:cb:3e:8f:c2:f2:a0:c1:b9:30:b5:7b:3b:c2:d1:
b0:3c:1e:79:de:44:fa:f5:92:19:6b:49:f5:cd:1f:
9e:d2:de:4e:51:fc:c4:05:0c:10:6f:24:68:5c:35:
2a:6d:4c:43:97:0d:3a:d3:ea:4f:28:c4:86:8d:cb:
65:d4:73:67:f5:f8:23:ea:1d:ac:d0:c6:4f:87:85:
cf:28:19:46:81:25:7f:17:9b:8d:48:4c:d6:a1:cc:
89:15:ed:3b:01:a6:dd:66:94:17:d6:cd:a4:e4:05:
87:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0B:03:E4:EF:8C:AB:79:44:83:AF:5C:A0:CA:D7:F5:AA:69:C6:8C
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PwsD5O-Mq3lEg69coMrX9appxow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.136.0/22
185.201.48.0/24
185.201.51.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:9d:69:da:66:4a:0f:9c:40:a9:ed:8e:50:00:92:31:e3:c0:
d9:48:50:7b:e7:5e:ba:18:80:bf:db:6f:5e:db:6e:e3:07:af:
7f:8d:8e:1d:af:49:95:bf:6f:95:39:d6:99:7f:9c:34:1d:31:
fa:91:42:31:f3:5e:e2:a3:80:9c:35:69:9b:84:e9:98:89:e7:
19:4a:49:d0:ea:db:4b:a5:d7:fe:cc:50:5b:ae:ca:ca:74:8e:
38:83:b8:9c:0e:26:1c:00:fb:75:80:de:10:eb:c2:79:fb:ec:
f0:bd:db:bc:40:b2:d6:ef:0a:90:21:f8:92:8a:c1:94:3d:f6:
82:ed:7b:da:96:23:66:74:af:39:c4:8f:c6:e9:d4:a4:96:41:
5a:2d:98:74:c3:30:e2:12:d3:54:13:72:00:4a:32:a7:c2:be:
e0:0f:64:3f:63:ab:8e:30:cf:7a:a2:cf:71:b6:52:91:e1:d5:
64:a9:39:37:f0:08:87:38:03:eb:c5:0a:cf:2c:59:b2:46:8e:
9e:78:74:ad:a4:67:cc:19:69:0f:3b:72:06:68:32:23:dd:48:
a3:8d:f1:1d:5e:13:4a:6a:9b:dc:8a:7d:f3:c6:9d:ad:56:0d:
eb:78:34:f9:d3:90:2a:ca:18:9c:dd:0f:b3:0a:b1:3b:55:8f:
45:84:3a:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJN7XLKnfnJinl6Q0NVRXxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIwNzMwMDcwNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBiMDNlNGVmOGNhYjc5NDQ4M2FmNWNhMGNhZDdmNWFhNjljNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHa7km+cjdjMxvP9QgJtfiX/htT6
6z4xNfW+BEFYVsOu5EwPvNxuSlCvVpTSgsf5PkZ9D8TIZuO9hag3fGFWheQDiz4A
4KHIc4hcnH1YXGaZYnPZgBs4vAzy9pfrU7xZK9roIBqZpkwfs03woGhLCKC1okIB
e6Yhtb4vfDnKZ68A9NaLRfYe2fw2AXkQySVAj18o1qnJyz6PwvKgwbkwtXs7wtGw
PB553kT69ZIZa0n1zR+e0t5OUfzEBQwQbyRoXDUqbUxDlw060+pPKMSGjctl1HNn
9fgj6h2s0MZPh4XPKBlGgSV/F5uNSEzWocyJFe07AabdZpQX1s2k5AWHBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD8LA+TvjKt5RIOvXKDK1/WqacaMMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvUHdzRDVPLU1xM2xFZzY5Y29Nclg5YXBweG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuVKIAwQA
uckwAwQAuckzMA0GCSqGSIb3DQEBCwUAA4IBAQConWnaZkoPnECp7Y5QAJIx48DZ
SFB75166GIC/229e227jB69/jY4dr0mVv2+VOdaZf5w0HTH6kUIx817io4CcNWmb
hOmYiecZSknQ6ttLpdf+zFBbrsrKdI44g7icDiYcAPt1gN4Q68J5++zwvdu8QLLW
7wqQIfiSisGUPfaC7XvaliNmdK85xI/G6dSklkFaLZh0wzDiEtNUE3IASjKnwr7g
D2Q/Y6uOMM96os9xtlKR4dVkqTk38AiHOAPrxQrPLFmyRo6eeHStpGfMGWkPO3IG
aDIj3UijjfEdXhNKapvcin3zxp2tVg3reDT505Aqyhic3Q+zCrE7VY9FhDrV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:50 2025 by rpki-client