Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/YyY6G0nu4YUOiFZt9HiuViflt5Q.roa
File: YyY6G0nu4YUOiFZt9HiuViflt5Q.roa (raw, json)
Hash identifier: /dUT9f6j3x/D4xKAIDJ5f3r/RV0T+n5r3hnlQbHAJNg=
Subject key identifier: 63:26:3A:1B:49:EE:E1:85:0E:88:56:6D:F4:78:AE:56:27:E5:B7:94
Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Certificate serial: 0185720343E51CB90892FD3F188DE3FDAB46
Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/YyY6G0nu4YUOiFZt9HiuViflt5Q.roa
Signing time: Mon 02 Jan 2023 10:24:54 +0000
ROA not before: Mon 02 Jan 2023 10:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5505
IP address blocks: 185.33.64.0/24 maxlen: 24
185.33.65.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:43:e5:1c:b9:08:92:fd:3f:18:8d:e3:fd:ab:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Validity
Not Before: Jan 2 10:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63263a1b49eee1850e88566df478ae5627e5b794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:48:cb:aa:a5:77:25:5c:1c:fd:e0:ac:80:
3f:8f:d4:49:42:78:67:8a:99:85:21:8f:ad:51:fc:
72:9f:2f:45:a5:ab:8d:1f:2a:f7:8a:b8:cb:f6:a0:
f5:86:55:9f:df:9d:81:8c:01:84:48:cd:31:40:14:
81:d0:9c:e3:00:30:d4:55:f5:2c:8c:cd:5f:fb:92:
a5:37:80:3d:ed:1e:a0:f9:b1:cc:a7:aa:1d:bf:05:
09:ae:53:32:a0:19:13:77:51:e4:ec:76:60:c0:94:
0b:d5:fc:84:67:30:63:78:61:4c:f3:ee:4b:45:c3:
37:c9:88:10:4d:f7:46:f0:bd:f0:ea:19:f7:a7:38:
63:26:a3:dd:a6:21:79:6e:bb:08:62:ad:49:de:28:
5e:f3:55:40:f0:e2:1c:08:06:26:69:ca:70:15:f8:
d2:aa:50:b5:ce:71:91:ab:8a:23:a0:ad:a2:d9:9c:
40:99:d7:82:92:44:7d:22:26:c4:96:b9:a5:a7:b6:
4b:3f:4b:d3:c1:09:df:0c:ba:ab:fd:d0:0e:ca:2c:
ed:a7:6c:53:e3:46:3a:d8:ed:82:21:12:8d:05:03:
1c:9e:a0:90:62:64:37:6a:ee:1b:ca:b0:84:b9:70:
b1:ce:d8:ea:a0:78:7d:bc:4b:7a:af:b5:cd:dc:98:
d0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:26:3A:1B:49:EE:E1:85:0E:88:56:6D:F4:78:AE:56:27:E5:B7:94
X509v3 Authority Key Identifier:
keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/YyY6G0nu4YUOiFZt9HiuViflt5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:60:37:62:45:9c:58:75:3c:28:2c:4f:30:c7:d3:02:33:94:
df:95:21:71:c9:83:95:2d:77:18:e7:99:da:e9:4e:80:89:ce:
60:8b:48:aa:fc:44:56:d2:d2:d4:13:de:9f:1f:67:29:c2:5e:
c9:13:40:55:81:8a:d5:2b:08:3c:9e:cf:0a:28:35:c7:cc:78:
11:8b:59:9b:2e:de:8e:e1:f2:30:78:54:ab:d7:df:04:5d:5e:
ac:a7:ba:c9:1d:42:1f:7a:19:d3:e9:72:e6:2e:c7:3b:1b:11:
cd:44:9b:db:f5:4a:8e:80:03:38:e2:b5:d5:61:a4:91:19:bf:
ce:c6:91:58:28:7a:c6:05:b7:4a:da:c1:fb:84:db:cd:1f:ec:
9f:87:db:30:14:17:ed:2f:9d:93:11:31:ce:22:fb:b2:2e:5a:
19:23:6c:21:e4:a2:77:60:8c:86:13:70:5e:96:03:e2:72:09:
4d:00:16:9a:38:6d:be:d4:5e:f4:80:ba:c2:39:d7:45:a2:32:
39:35:83:a7:24:60:26:de:5b:fb:6d:73:95:b5:c6:cb:10:1e:
c0:4a:2e:52:9f:82:7a:b9:2c:37:5d:c9:1b:b2:dd:7b:61:bf:
04:3b:99:c2:13:97:e0:96:a9:05:ed:96:e5:39:84:4a:7d:ac:
4d:58:e2:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA0PlHLkIkv0/GI3j/atGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNTRmZTgzMWI2YTcxOWY0MmU2Yzg0ODZmZDAzYjU1MGJl
NzYxZmIwHhcNMjMwMTAyMTAyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI2M2ExYjQ5ZWVlMTg1MGU4ODU2NmRmNDc4YWU1NjI3ZTViNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArApIy6qldyVcHP3grIA/j9RJQnhn
ipmFIY+tUfxyny9FpauNHyr3irjL9qD1hlWf352BjAGESM0xQBSB0JzjADDUVfUs
jM1f+5KlN4A97R6g+bHMp6odvwUJrlMyoBkTd1Hk7HZgwJQL1fyEZzBjeGFM8+5L
RcM3yYgQTfdG8L3w6hn3pzhjJqPdpiF5brsIYq1J3ihe81VA8OIcCAYmacpwFfjS
qlC1znGRq4ojoK2i2ZxAmdeCkkR9IibElrmlp7ZLP0vTwQnfDLqr/dAOyiztp2xT
40Y62O2CIRKNBQMcnqCQYmQ3au4byrCEuXCxztjqoHh9vEt6r7XN3JjQGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMmOhtJ7uGFDohWbfR4rlYn5beUMB8GA1UdIwQY
MBaAFKtU/oMbanGfQubISG/QO1UL52H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYt
NmZkOTc4OTIwNWJhLzEvWXlZNkcwbnU0WVVPaUZadDlIaXVWaWZsdDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYtNmZkOTc4OTIwNWJh
LzEvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSFAMA0G
CSqGSIb3DQEBCwUAA4IBAQAKYDdiRZxYdTwoLE8wx9MCM5TflSFxyYOVLXcY55na
6U6Aic5gi0iq/ERW0tLUE96fH2cpwl7JE0BVgYrVKwg8ns8KKDXHzHgRi1mbLt6O
4fIweFSr198EXV6sp7rJHUIfehnT6XLmLsc7GxHNRJvb9UqOgAM44rXVYaSRGb/O
xpFYKHrGBbdK2sH7hNvNH+yfh9swFBftL52TETHOIvuyLloZI2wh5KJ3YIyGE3Be
lgPicglNABaaOG2+1F70gLrCOddFojI5NYOnJGAm3lv7bXOVtcbLEB7ASi5Sn4J6
uSw3Xckbst17Yb8EO5nCE5fglqkF7ZblOYRKfaxNWOL+
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:43 2025 by rpki-client