Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/PYAL5P2rU0VWg2ckmLByaUutqVc.roa
File: PYAL5P2rU0VWg2ckmLByaUutqVc.roa (raw, json)
Hash identifier: JZw214ucfTSRdtY7Z+J5X4cfBzQO7OAV+2rcxQnTvOI=
Subject key identifier: 3D:80:0B:E4:FD:AB:53:45:56:83:67:24:98:B0:72:69:4B:AD:A9:57
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 01870D9F7757251B13CCE0A7767C54F767E3
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/PYAL5P2rU0VWg2ckmLByaUutqVc.roa
Signing time: Thu 23 Mar 2023 08:39:27 +0000
ROA not before: Thu 23 Mar 2023 08:39:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 185.239.50.0/24 maxlen: 24
185.239.51.0/24 maxlen: 24
185.142.97.0/24 maxlen: 24
185.142.96.0/24 maxlen: 24
185.142.98.0/24 maxlen: 24
194.187.123.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:9f:77:57:25:1b:13:cc:e0:a7:76:7c:54:f7:67:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Mar 23 08:39:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d800be4fdab53455683672498b072694bada957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7c:f2:89:1e:f8:73:13:87:a2:54:41:6a:c2:
eb:c8:a9:03:f9:de:f9:bf:4e:c4:7b:2b:8f:17:b8:
08:bd:ac:e6:92:f4:64:b6:f2:17:0d:59:f9:2d:ed:
bc:6a:80:1b:23:b3:33:df:df:32:dd:82:cc:9e:15:
5e:5c:2b:f0:ca:43:46:40:07:05:d0:84:38:76:b2:
c0:4d:fd:1b:a7:8a:9e:78:7b:02:ab:80:fa:7b:f9:
48:55:e0:58:c3:07:8b:64:a9:78:3d:4c:05:ed:86:
57:24:72:9a:20:36:36:ce:c7:0a:f2:ab:9a:19:10:
06:11:0b:81:84:d9:9f:9e:f7:ba:5a:d8:f7:d7:13:
7a:d6:c1:93:49:c7:2a:57:cd:b5:aa:a0:42:57:c6:
a7:7d:3c:d2:c5:cf:0d:0d:b0:96:79:5d:53:b7:9a:
f5:89:c2:0f:fb:03:15:2a:b8:b9:5e:f0:e3:d8:70:
da:b1:df:63:aa:c2:01:db:5c:78:31:95:b3:d4:34:
12:63:bd:b0:b8:99:08:79:6e:b3:6d:15:c5:cb:b2:
8d:c1:ff:86:bb:a8:64:3c:89:15:4a:dc:99:98:ae:
67:53:75:97:72:20:1c:89:8d:b9:f4:4d:f2:54:c9:
5e:0f:ac:7d:46:b4:b6:1a:93:1e:83:13:50:67:1e:
58:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:80:0B:E4:FD:AB:53:45:56:83:67:24:98:B0:72:69:4B:AD:A9:57
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/PYAL5P2rU0VWg2ckmLByaUutqVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.96.0-185.142.98.255
185.239.50.0/23
194.187.123.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:6e:6d:0d:9a:f9:a9:21:95:95:fd:3f:f9:8e:2d:e3:88:b6:
08:b4:46:54:1c:c1:55:b2:00:de:23:54:aa:ae:7a:49:66:f5:
f3:ca:ab:1d:d3:4d:9d:12:cd:ce:95:1d:4d:18:a3:e4:97:e9:
1b:4e:fa:2f:78:01:e6:7f:84:56:72:d3:82:4c:6b:bb:64:08:
f0:7f:ce:49:29:f3:27:12:6e:16:fa:32:00:e3:f5:ca:be:a1:
1a:38:9b:7c:40:2d:6c:56:2d:6a:f0:64:c6:75:95:d5:19:a6:
6d:89:df:f1:8c:06:5a:f7:e6:cb:f9:fd:52:84:32:cd:89:b6:
38:05:23:01:a0:31:89:91:b6:2f:cf:be:02:5f:d4:53:04:76:
ef:4e:0b:b1:45:5f:30:a8:0a:a5:9f:d8:02:20:ad:97:12:da:
1e:af:98:08:f5:d5:92:48:17:a8:58:61:ce:15:37:fe:83:e4:
ad:ab:18:cd:59:df:1e:bb:89:b2:c9:a2:55:ec:5e:e7:31:20:
a1:e2:7c:a4:c7:ea:67:a5:5f:0c:e7:6a:2f:d4:34:dc:11:f6:
86:ca:11:cd:4d:a3:00:f1:0c:23:15:d1:0b:21:31:26:a8:a3:
74:77:f9:59:fd:52:fe:47:ae:db:58:c3:32:8b:ae:9e:d8:23:
bc:d4:6e:ae
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYcNn3dXJRsTzOCndnxU92fjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMzIzMDgzOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDgwMGJlNGZkYWI1MzQ1NTY4MzY3MjQ5OGIwNzI2OTRiYWRhOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnzyiR74cxOHolRBasLryKkD+d75
v07EeyuPF7gIvazmkvRktvIXDVn5Le28aoAbI7Mz398y3YLMnhVeXCvwykNGQAcF
0IQ4drLATf0bp4qeeHsCq4D6e/lIVeBYwweLZKl4PUwF7YZXJHKaIDY2zscK8qua
GRAGEQuBhNmfnve6Wtj31xN61sGTSccqV821qqBCV8anfTzSxc8NDbCWeV1Tt5r1
icIP+wMVKri5XvDj2HDasd9jqsIB21x4MZWz1DQSY72wuJkIeW6zbRXFy7KNwf+G
u6hkPIkVStyZmK5nU3WXciAciY259E3yVMleD6x9RrS2GpMegxNQZx5YdwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD2AC+T9q1NFVoNnJJiwcmlLralXMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvUFlBTDVQMnJVMFZXZzJja21MQnlhVXV0cVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAW5jmAD
BAC5jmIDBAG57zIDBADCu3swDQYJKoZIhvcNAQELBQADggEBAFxubQ2a+akhlZX9
P/mOLeOItgi0RlQcwVWyAN4jVKqueklm9fPKqx3TTZ0Szc6VHU0Yo+SX6RtO+i94
AeZ/hFZy04JMa7tkCPB/zkkp8ycSbhb6MgDj9cq+oRo4m3xALWxWLWrwZMZ1ldUZ
pm2J3/GMBlr35sv5/VKEMs2JtjgFIwGgMYmRti/PvgJf1FMEdu9OC7FFXzCoCqWf
2AIgrZcS2h6vmAj11ZJIF6hYYc4VN/6D5K2rGM1Z3x67ibLJolXsXucxIKHifKTH
6melXwznai/UNNwR9obKEc1NowDxDCMV0QshMSaoo3R3+Vn9Uv5HrttYwzKLrp7Y
I7zUbq4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:19:30 2025 by rpki-client