Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/v-WBrwYHSri4315dDSTsMIDC3vI.roa
File: v-WBrwYHSri4315dDSTsMIDC3vI.roa (raw, json)
Hash identifier: x3Z+j52js3Go4YN/MA1urCud6KWYtAcFaOEZOqGnj5g=
Subject key identifier: BF:E5:81:AF:06:07:4A:B8:B8:DF:5E:5D:0D:24:EC:30:80:C2:DE:F2
Certificate issuer: /CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Certificate serial: 0195AE973713A6AEFB20BB97EFBA67B695C9
Authority key identifier: 2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/v-WBrwYHSri4315dDSTsMIDC3vI.roa
Signing time: Wed 19 Mar 2025 13:28:20 +0000
ROA not before: Wed 19 Mar 2025 13:28:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198735
IP address blocks: 5.1.104.0/24 maxlen: 24
5.1.105.0/24 maxlen: 24
5.1.106.0/24 maxlen: 24
5.1.107.0/24 maxlen: 24
5.1.108.0/24 maxlen: 24
5.1.109.0/24 maxlen: 24
5.1.110.0/24 maxlen: 24
217.145.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:97:37:13:a6:ae:fb:20:bb:97:ef:ba:67:b6:95:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Validity
Not Before: Mar 19 13:28:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfe581af06074ab8b8df5e5d0d24ec3080c2def2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:33:b6:8d:d3:34:8d:29:a3:13:56:7f:45:
48:a1:f9:b3:23:d4:76:6c:a5:71:65:e7:b4:30:25:
70:09:8b:2a:1a:74:15:87:c5:84:24:98:b8:81:b6:
a2:ee:9e:b9:33:81:23:68:78:f0:9c:db:23:a7:12:
39:3e:65:c3:d3:6f:5b:64:55:9b:f9:84:4d:c9:17:
e9:e3:e2:29:b0:f8:f3:26:2d:f4:76:0b:6f:e9:cc:
c7:a9:a8:af:26:5c:87:7d:0c:16:75:a3:a4:5a:fd:
c9:ad:54:dd:ef:39:de:99:92:7d:b7:58:c3:51:93:
d8:5b:8f:03:80:d8:cb:7e:1c:b7:64:ab:b3:b6:aa:
3c:f7:66:b7:d1:67:6e:ac:ea:af:8e:4c:d3:92:a3:
71:39:dd:b6:e2:49:b7:a2:77:10:22:79:0d:d2:9b:
49:5d:31:3e:30:0d:b9:81:e7:1b:97:28:8f:51:5f:
3b:84:33:8e:69:68:cc:25:3f:cd:e7:dc:3f:d2:b6:
31:da:9c:0b:1b:80:20:41:5a:23:a2:79:37:f4:89:
38:77:ab:44:e7:61:58:34:cb:cf:f3:01:b8:15:27:
9f:fe:0e:48:82:42:b8:30:68:7f:da:d5:51:e8:c7:
ae:38:1e:b5:9f:f3:cd:d3:20:1b:8a:d2:b0:de:33:
75:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E5:81:AF:06:07:4A:B8:B8:DF:5E:5D:0D:24:EC:30:80:C2:DE:F2
X509v3 Authority Key Identifier:
keyid:2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/v-WBrwYHSri4315dDSTsMIDC3vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.104.0-5.1.110.255
217.145.231.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:9f:70:99:d2:0f:92:5a:be:30:60:08:4f:89:7d:27:5a:03:
8e:1b:02:a7:f7:a3:e2:a0:8e:95:62:67:8f:08:1b:af:34:5d:
6b:3e:39:de:bd:ac:b0:36:4d:20:15:6e:6b:c6:42:b4:ab:4c:
11:cc:23:4b:47:28:e6:46:8e:3f:66:72:3e:7f:b8:05:eb:c5:
da:16:73:82:f5:35:cd:f7:29:e8:55:a3:c8:bb:ac:d1:d3:13:
d9:e9:a1:29:11:0b:28:48:b0:d4:fa:10:c5:82:74:16:1f:45:
07:3b:2a:01:45:c0:e2:db:e6:d6:94:6f:0f:95:04:13:dd:16:
d5:14:1a:97:de:5e:42:b3:d2:b4:2a:43:47:7c:ac:79:33:d5:
0f:70:1f:33:2d:f1:3d:00:c3:f6:08:18:38:27:ab:cf:59:b4:
f9:de:62:da:1c:e7:4e:b3:0b:ec:5a:4b:f5:9e:e3:70:cd:fe:
0a:fb:cc:1a:fb:d0:6c:bb:bc:ed:bf:4a:3c:18:e9:b4:c7:c6:
b5:69:33:a5:dd:61:8f:a4:c0:d9:63:09:26:47:8f:dc:70:76:
c4:12:df:6c:e1:44:ca:19:fb:bf:87:65:bc:54:49:3c:36:b9:
92:53:29:aa:12:e2:40:bb:63:91:79:bd:5e:92:0d:84:4f:ac:
0b:c7:eb:26
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZWulzcTpq77ILuX77pntpXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjhjZmEzZmQyZGE5Y2FhYTY1OTI4NDc1OGRlZTY3MDk5
OTM0ZjgwHhcNMjUwMzE5MTMyODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmU1ODFhZjA2MDc0YWI4YjhkZjVlNWQwZDI0ZWMzMDgwYzJkZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS0zto3TNI0poxNWf0VIofmzI9R2
bKVxZee0MCVwCYsqGnQVh8WEJJi4gbai7p65M4EjaHjwnNsjpxI5PmXD029bZFWb
+YRNyRfp4+IpsPjzJi30dgtv6czHqaivJlyHfQwWdaOkWv3JrVTd7znemZJ9t1jD
UZPYW48DgNjLfhy3ZKuztqo892a30WdurOqvjkzTkqNxOd224km3oncQInkN0ptJ
XTE+MA25gecblyiPUV87hDOOaWjMJT/N59w/0rYx2pwLG4AgQVojonk39Ik4d6tE
52FYNMvP8wG4FSef/g5IgkK4MGh/2tVR6MeuOB61n/PN0yAbitKw3jN1iQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFL/lga8GB0q4uN9eXQ0k7DCAwt7yMB8GA1UdIwQY
MBaAFC0oz6P9LanKqmWShHWN7mcJmTT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEt
M2FkNTJlOGI5NjI4LzEvdi1XQnJ3WUhTcmk0MzE1ZERTVHNNSURDM3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEtM2FkNTJlOGI5NjI4
LzEvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAMFAWgD
BAAFAW4DBADZkecwDQYJKoZIhvcNAQELBQADggEBAMafcJnSD5JavjBgCE+JfSda
A44bAqf3o+KgjpViZ48IG680XWs+Od69rLA2TSAVbmvGQrSrTBHMI0tHKOZGjj9m
cj5/uAXrxdoWc4L1Nc33KehVo8i7rNHTE9npoSkRCyhIsNT6EMWCdBYfRQc7KgFF
wOLb5taUbw+VBBPdFtUUGpfeXkKz0rQqQ0d8rHkz1Q9wHzMt8T0Aw/YIGDgnq89Z
tPneYtoc506zC+xaS/We43DN/gr7zBr70Gy7vO2/SjwY6bTHxrVpM6XdYY+kwNlj
CSZHj9xwdsQS32zhRMoZ+7+HZbxUSTw2uZJTKaoS4kC7Y5F5vV6SDYRPrAvH6yY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:47:03 2025 by rpki-client