Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/a6KrE_O64hojumIDRdNqjdvjmb8.roa
File: a6KrE_O64hojumIDRdNqjdvjmb8.roa (raw, json)
Hash identifier: uP2xPPfOeLg1XSlhCBafTPaGVDNMLp5PsfduEOt9qog=
Subject key identifier: 6B:A2:AB:13:F3:BA:E2:1A:23:BA:62:03:45:D3:6A:8D:DB:E3:99:BF
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0182F03BC2B73B3EE483B081E528A33A5461
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/a6KrE_O64hojumIDRdNqjdvjmb8.roa
Signing time: Tue 30 Aug 2022 19:30:24 +0000
ROA not before: Tue 30 Aug 2022 19:30:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49847
IP address blocks: 185.201.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f0:3b:c2:b7:3b:3e:e4:83:b0:81:e5:28:a3:3a:54:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Aug 30 19:30:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ba2ab13f3bae21a23ba620345d36a8ddbe399bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ce:24:99:aa:6b:31:11:64:dc:40:73:5d:fd:
41:0d:3e:8a:5d:67:91:aa:3c:fe:22:f1:47:7a:91:
06:d0:46:28:a8:47:e2:b1:6f:9d:35:cf:71:02:21:
7e:e8:f4:f3:7d:3b:9b:fb:6a:c4:75:d4:cd:83:cb:
31:15:61:b2:37:31:d4:29:80:38:0f:6e:4c:12:f9:
36:52:23:e9:e8:e0:d9:cb:43:9a:7c:b4:47:a5:81:
44:f5:0d:a3:f8:8d:f8:d2:b5:1d:00:a4:84:9c:56:
81:62:ff:13:0c:fd:7d:df:e5:8e:6c:c8:0f:df:3b:
19:ac:3f:f8:1f:b3:cb:0e:8b:25:c7:d4:ee:51:54:
31:b5:17:37:bc:e8:7b:2d:b9:ac:58:de:51:43:ad:
b3:3a:84:bb:7b:5e:3e:57:5b:f1:8d:dd:a6:c7:eb:
b4:3f:9f:e4:24:05:c0:53:fe:fc:03:cf:75:32:7b:
dc:3e:3f:d6:33:9d:b4:0c:fe:32:32:0a:77:52:b2:
8e:1e:a3:d6:01:d6:28:ed:31:b4:13:47:fa:ab:c1:
06:77:ad:85:28:2b:4f:e7:19:50:a2:d9:f4:5e:a5:
f8:fe:9c:13:77:c8:09:ab:c8:cc:78:75:d5:43:2d:
23:c9:e3:da:0e:38:34:87:66:81:09:82:ad:b6:ab:
b8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A2:AB:13:F3:BA:E2:1A:23:BA:62:03:45:D3:6A:8D:DB:E3:99:BF
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/a6KrE_O64hojumIDRdNqjdvjmb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
43:3d:a3:54:26:a6:03:6c:60:fd:75:a5:40:90:d1:74:71:56:
86:08:f6:1d:01:ba:f3:1d:67:9c:ae:40:0d:0f:8a:f6:d4:2a:
cf:0a:82:36:5d:b5:b4:58:6a:3c:81:c1:75:fd:d9:7b:19:35:
c4:d8:30:f1:cb:f3:dd:77:c6:d3:5f:1c:87:53:18:5f:ac:ed:
01:0f:0f:9e:1f:a3:09:ef:cf:ec:2a:a4:08:54:98:78:f4:04:
af:4d:4f:be:bc:11:1d:3e:bb:32:b2:16:62:3b:17:29:bb:d9:
26:34:af:75:5b:bc:4f:b7:e4:39:c3:4f:47:11:1a:ed:6d:ae:
b2:9a:ad:d4:bd:42:d8:5d:87:71:be:11:b1:3f:00:73:8a:75:
74:d4:06:c8:90:e5:ef:3e:b5:24:0c:48:34:db:52:c8:a9:1c:
89:d0:99:4b:1d:2f:31:f2:de:74:ec:0c:4d:9d:37:54:d8:9b:
f5:b5:d8:ac:9f:eb:74:6a:6d:16:5e:91:b9:0a:8f:b4:80:08:
23:03:78:21:e9:ac:35:f4:ae:28:ff:93:1f:f1:42:4d:fd:e4:
a1:a8:5d:5b:74:19:49:8a:b6:0d:29:b1:10:df:4c:60:40:83:
0c:b2:72:69:7f:99:7b:8d:8d:22:4e:ad:0f:87:15:24:81:f2:
80:aa:55:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLwO8K3Oz7kg7CB5SijOlRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIwODMwMTkzMDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmEyYWIxM2YzYmFlMjFhMjNiYTYyMDM0NWQzNmE4ZGRiZTM5OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg84kmaprMRFk3EBzXf1BDT6KXWeR
qjz+IvFHepEG0EYoqEfisW+dNc9xAiF+6PTzfTub+2rEddTNg8sxFWGyNzHUKYA4
D25MEvk2UiPp6ODZy0OafLRHpYFE9Q2j+I340rUdAKSEnFaBYv8TDP193+WObMgP
3zsZrD/4H7PLDoslx9TuUVQxtRc3vOh7LbmsWN5RQ62zOoS7e14+V1vxjd2mx+u0
P5/kJAXAU/78A891MnvcPj/WM520DP4yMgp3UrKOHqPWAdYo7TG0E0f6q8EGd62F
KCtP5xlQotn0XqX4/pwTd8gJq8jMeHXVQy0jyePaDjg0h2aBCYKttqu4/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuiqxPzuuIaI7piA0XTao3b45m/MB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvYTZLckVfTzY0aG9qdW1JRFJkTnFqZHZqbWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuckxMA0G
CSqGSIb3DQEBCwUAA4IBAQBDPaNUJqYDbGD9daVAkNF0cVaGCPYdAbrzHWecrkAN
D4r21CrPCoI2XbW0WGo8gcF1/dl7GTXE2DDxy/Pdd8bTXxyHUxhfrO0BDw+eH6MJ
78/sKqQIVJh49ASvTU++vBEdPrsyshZiOxcpu9kmNK91W7xPt+Q5w09HERrtba6y
mq3UvULYXYdxvhGxPwBzinV01AbIkOXvPrUkDEg021LIqRyJ0JlLHS8x8t507AxN
nTdU2Jv1tdisn+t0am0WXpG5Co+0gAgjA3gh6aw19K4o/5Mf8UJN/eShqF1bdBlJ
irYNKbEQ30xgQIMMsnJpf5l7jY0iTq0PhxUkgfKAqlUs
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:56 2025 by rpki-client