Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/7WqFr8hrhsflYEOKWBVRXf1fJm8.roa
File: 7WqFr8hrhsflYEOKWBVRXf1fJm8.roa (raw, json)
Hash identifier: 9UHDp4WyAGTA86l5P/J1WGi+y06VLXAB8gznsGR5/IA=
Subject key identifier: ED:6A:85:AF:C8:6B:86:C7:E5:60:43:8A:58:15:51:5D:FD:5F:26:6F
Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Certificate serial: 10E7BC93
Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/7WqFr8hrhsflYEOKWBVRXf1fJm8.roa
Signing time: Sat 01 Jan 2022 09:01:57 +0000
ROA not before: Sat 01 Jan 2022 09:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5505
IP address blocks: 185.33.64.0/24 maxlen: 24
185.33.65.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283622547 (0x10e7bc93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Validity
Not Before: Jan 1 09:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed6a85afc86b86c7e560438a5815515dfd5f266f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b3:7e:b3:f0:3f:a0:05:b3:a9:5b:92:9e:4b:
eb:30:12:91:29:d1:18:ff:d0:99:70:86:56:58:96:
38:a5:6d:8e:8d:be:c1:36:cd:77:5e:27:0a:bb:c5:
77:e6:12:a3:3e:88:b6:03:26:c0:d8:96:6f:e7:f4:
ec:31:1c:8f:d7:2d:40:55:54:60:1b:65:12:f0:bf:
2a:36:e2:79:2b:bc:c6:df:d3:88:1e:6b:7e:9e:05:
f9:be:bd:94:ca:be:70:5d:e6:65:44:0f:02:82:fa:
67:01:53:cf:00:5f:ab:a6:75:e1:36:bf:99:e3:75:
3d:55:ad:cc:1c:8f:6f:14:73:0b:77:29:0a:0b:ec:
73:e5:ce:77:4e:1c:4e:92:1d:42:09:03:a6:5a:37:
53:e0:56:86:18:85:8d:99:a5:8a:f5:ba:cb:73:67:
48:38:54:42:a5:27:cc:59:c6:85:39:32:be:6f:52:
f0:ed:a2:5c:ed:9f:aa:92:a9:36:a0:1b:aa:6a:75:
5e:46:14:2e:6f:46:a7:44:41:08:3d:79:4f:9e:47:
47:ef:20:ab:62:54:69:f9:6b:89:00:c5:8e:d1:29:
b8:91:62:08:7c:41:0e:4c:84:76:98:f6:c1:31:40:
d7:74:fe:56:c9:85:aa:97:ac:06:e0:db:45:38:a9:
97:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6A:85:AF:C8:6B:86:C7:E5:60:43:8A:58:15:51:5D:FD:5F:26:6F
X509v3 Authority Key Identifier:
keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/7WqFr8hrhsflYEOKWBVRXf1fJm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
24:c5:e3:12:0e:c9:be:32:20:e2:24:84:01:24:a9:f4:ad:e8:
8a:9c:15:79:58:e2:e2:10:e5:a5:a4:78:63:8f:e5:3a:c8:5c:
d8:f0:db:64:25:29:9c:62:81:da:26:b2:de:28:d3:44:98:d9:
0e:d1:82:3e:80:c2:ad:68:38:de:69:3b:2b:f5:46:bf:b4:f9:
03:fd:d1:f6:95:ff:48:6a:c6:db:26:12:9c:f7:39:97:df:4e:
c6:a7:d7:b3:7d:6a:67:06:b1:f8:69:c6:a8:47:cc:43:67:d5:
4d:a8:69:0e:e5:00:da:c3:1e:9e:de:ce:8e:b4:b4:ec:2b:4f:
1a:2a:9a:c6:b2:27:95:54:a5:e8:8e:c6:56:c0:2f:c8:92:68:
dd:f4:51:c4:91:15:37:8d:09:9d:33:16:57:51:06:95:98:c6:
e8:b6:0b:83:49:69:3f:84:21:98:58:f0:90:db:c4:36:0f:cf:
bb:f2:ac:f0:63:97:6c:6c:5b:d8:cf:3c:30:55:c2:8e:26:ff:
68:36:6d:67:f5:0c:17:d9:3d:ab:0a:4f:c7:39:f5:69:2c:fd:
e5:59:65:41:82:90:2b:4d:7f:9d:53:68:bb:51:5e:09:3d:8d:
76:c8:04:fa:60:26:a1:8c:27:08:d1:84:d0:0b:ba:32:92:7e:
22:3f:7d:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEOe8kzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjU0ZmU4MzFiNmE3MTlmNDJlNmM4NDg2ZmQwM2I1NTBiZTc2MWZiMB4XDTIyMDEw
MTA5MDE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQ2YTg1YWZjODZi
ODZjN2U1NjA0MzhhNTgxNTUxNWRmZDVmMjY2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2zfrPwP6AFs6lbkp5L6zASkSnRGP/QmXCGVliWOKVtjo2+
wTbNd14nCrvFd+YSoz6ItgMmwNiWb+f07DEcj9ctQFVUYBtlEvC/KjbieSu8xt/T
iB5rfp4F+b69lMq+cF3mZUQPAoL6ZwFTzwBfq6Z14Ta/meN1PVWtzByPbxRzC3cp
Cgvsc+XOd04cTpIdQgkDplo3U+BWhhiFjZmlivW6y3NnSDhUQqUnzFnGhTkyvm9S
8O2iXO2fqpKpNqAbqmp1XkYULm9Gp0RBCD15T55HR+8gq2JUaflriQDFjtEpuJFi
CHxBDkyEdpj2wTFA13T+VsmFqpesBuDbRTipl20CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTtaoWvyGuGx+VgQ4pYFVFd/V8mbzAfBgNVHSMEGDAWgBSrVP6DG2pxn0Lm
yEhv0DtVC+dh+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ExVC1neHRxY1o5QzVzaEliOUE3VlF2bllmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8x
LzdXcUZyOGhyaHNmbFlFT0tXQlZSWGYxZkptOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8xL3ExVC1neHRxY1o5
QzVzaEliOUE3VlF2bllmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkhQDANBgkqhkiG9w0BAQsFAAOC
AQEAJMXjEg7JvjIg4iSEASSp9K3oipwVeVji4hDlpaR4Y4/lOshc2PDbZCUpnGKB
2iay3ijTRJjZDtGCPoDCrWg43mk7K/VGv7T5A/3R9pX/SGrG2yYSnPc5l99OxqfX
s31qZwax+GnGqEfMQ2fVTahpDuUA2sMent7OjrS07CtPGiqaxrInlVSl6I7GVsAv
yJJo3fRRxJEVN40JnTMWV1EGlZjG6LYLg0lpP4QhmFjwkNvENg/Pu/Ks8GOXbGxb
2M88MFXCjib/aDZtZ/UMF9k9qwpPxzn1aSz95VllQYKQK01/nVNou1FeCT2NdsgE
+mAmoYwnCNGE0Au6MpJ+Ij99dw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:32 2025 by rpki-client