Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/jHXkkTd1R7KVX5B1AMdCQKqYUg8.roa
File: jHXkkTd1R7KVX5B1AMdCQKqYUg8.roa (raw, json)
Hash identifier: cCJ8+vP6D65aGCW6BOAJljCjKfZ2H9FHolMD0/DElSw=
Subject key identifier: 8C:75:E4:91:37:75:47:B2:95:5F:90:75:00:C7:42:40:AA:98:52:0F
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 0186EB20C34D2ECD0187DDE732EA51F6CAEA
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/jHXkkTd1R7KVX5B1AMdCQKqYUg8.roa
Signing time: Thu 16 Mar 2023 15:53:58 +0000
ROA not before: Thu 16 Mar 2023 15:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203061
IP address blocks: 5.181.88.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:eb:20:c3:4d:2e:cd:01:87:dd:e7:32:ea:51:f6:ca:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Mar 16 15:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c75e491377547b2955f907500c74240aa98520f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:02:5b:85:d9:42:4b:5e:bc:e0:83:82:44:0e:
2e:46:f6:7b:5b:55:c3:63:ea:6f:c2:e0:9e:28:a9:
70:1a:70:a1:05:32:04:c2:4f:b1:7b:81:5f:32:43:
b6:cb:5a:19:cb:a2:6b:0a:27:b6:74:8c:ac:0a:e4:
21:39:f4:d4:54:25:9f:3c:eb:fa:3b:f2:6b:15:81:
39:e3:61:51:ba:06:39:b7:10:21:c6:f8:a2:02:29:
8f:26:18:2a:23:38:d4:d5:41:e0:87:0d:b2:ef:8d:
65:60:09:69:4b:b8:fe:f6:d3:a1:cd:dc:0b:c1:cd:
72:4a:e7:89:1f:0e:89:77:87:7b:6f:0d:b0:a2:36:
49:a2:0f:86:2c:10:1f:df:ac:ad:77:e5:63:e2:44:
82:cd:04:13:2a:bd:99:67:7c:45:e2:2f:00:0a:93:
1e:a7:0e:e8:28:bc:0e:52:67:fb:60:29:7b:49:c1:
df:29:f3:58:66:b0:ef:f6:c1:e8:52:85:0a:73:61:
05:24:13:1b:48:96:54:73:7e:3c:00:f5:15:b3:12:
5f:3e:90:53:4e:5a:01:c5:41:af:38:82:e8:ba:f9:
d3:1f:c0:53:05:4e:76:48:2a:eb:26:91:d6:02:86:
19:92:16:dc:98:79:8b:01:43:04:45:83:0a:bc:a0:
28:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:75:E4:91:37:75:47:B2:95:5F:90:75:00:C7:42:40:AA:98:52:0F
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/jHXkkTd1R7KVX5B1AMdCQKqYUg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.88.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:6c:2c:ae:cf:4e:dd:b9:91:c9:ee:04:2a:97:ea:9a:33:a0:
36:e9:a9:12:88:a3:2a:e5:fb:20:ec:33:44:1f:e1:67:32:31:
77:c5:17:90:67:d1:cd:dd:a0:58:5d:36:cd:fe:2e:18:61:34:
a0:19:35:c8:21:bf:3d:07:f1:88:f5:06:c3:f3:93:69:dc:45:
87:09:23:54:72:85:f3:7f:16:94:b9:bd:0f:53:ef:ae:52:4a:
1f:5d:4d:74:55:1f:3c:1a:0a:51:d2:28:4f:a8:74:bd:0a:b5:
00:1e:83:0a:49:8d:be:b7:9a:46:43:e6:91:81:5f:15:f7:2b:
d2:7c:36:9f:e2:0a:f8:2b:b4:4b:24:09:18:73:38:fe:ec:54:
c3:c3:78:4a:2c:a6:8c:a4:4e:ad:96:69:f8:25:d0:6b:53:c5:
76:f3:96:e1:0e:b4:81:ab:0b:2b:0a:41:dd:8d:4d:fe:b2:39:
d8:5b:63:f3:f1:d4:5c:fe:a7:ff:38:11:c2:07:2c:e4:b1:10:
57:39:73:25:2e:12:f4:53:28:c4:4a:ea:98:32:0d:f8:d5:57:
de:ea:de:47:92:b5:8f:9c:c9:2d:02:6f:ed:cd:fd:57:1c:6b:
92:b2:9f:d9:75:54:c9:f5:f3:9d:45:fb:3b:c5:97:05:42:34:
47:a7:72:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbrIMNNLs0Bh93nMupR9srqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjMwMzE2MTU1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzc1ZTQ5MTM3NzU0N2IyOTU1ZjkwNzUwMGM3NDI0MGFhOTg1MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAJbhdlCS1684IOCRA4uRvZ7W1XD
Y+pvwuCeKKlwGnChBTIEwk+xe4FfMkO2y1oZy6JrCie2dIysCuQhOfTUVCWfPOv6
O/JrFYE542FRugY5txAhxviiAimPJhgqIzjU1UHghw2y741lYAlpS7j+9tOhzdwL
wc1ySueJHw6Jd4d7bw2wojZJog+GLBAf36ytd+Vj4kSCzQQTKr2ZZ3xF4i8ACpMe
pw7oKLwOUmf7YCl7ScHfKfNYZrDv9sHoUoUKc2EFJBMbSJZUc348APUVsxJfPpBT
TloBxUGvOILouvnTH8BTBU52SCrrJpHWAoYZkhbcmHmLAUMERYMKvKAovQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIx15JE3dUeylV+QdQDHQkCqmFIPMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvakhYa2tUZDFSN0tWWDVCMUFNZENRS3FZVWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbVYMA0G
CSqGSIb3DQEBCwUAA4IBAQBrbCyuz07duZHJ7gQql+qaM6A26akSiKMq5fsg7DNE
H+FnMjF3xReQZ9HN3aBYXTbN/i4YYTSgGTXIIb89B/GI9QbD85Np3EWHCSNUcoXz
fxaUub0PU++uUkofXU10VR88GgpR0ihPqHS9CrUAHoMKSY2+t5pGQ+aRgV8V9yvS
fDaf4gr4K7RLJAkYczj+7FTDw3hKLKaMpE6tlmn4JdBrU8V285bhDrSBqwsrCkHd
jU3+sjnYW2Pz8dRc/qf/OBHCByzksRBXOXMlLhL0UyjESuqYMg341Vfe6t5HkrWP
nMktAm/tzf1XHGuSsp/ZdVTJ9fOdRfs7xZcFQjRHp3Ln
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:23 2025 by rpki-client