Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/NHEHndkqAWoRbyPfUfPyWgjaA98.roa
File: NHEHndkqAWoRbyPfUfPyWgjaA98.roa (raw, json)
Hash identifier: uaPGCN9+FYeawIzEePDwa0aApzlDBXvSfNpBNFK25/A=
Subject key identifier: 34:71:07:9D:D9:2A:01:6A:11:6F:23:DF:51:F3:F2:5A:08:DA:03:DF
Certificate issuer: /CN=6987d47935e1137d544426db5288e12a9c025ac2
Certificate serial: 021984
Authority key identifier: 69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/NHEHndkqAWoRbyPfUfPyWgjaA98.roa
Signing time: Fri 11 Feb 2022 10:24:43 +0000
ROA not before: Fri 11 Feb 2022 10:24:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.44.176.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137604 (0x21984)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6987d47935e1137d544426db5288e12a9c025ac2
Validity
Not Before: Feb 11 10:24:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3471079dd92a016a116f23df51f3f25a08da03df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a3:0f:ad:c5:f0:d6:89:d9:06:e0:03:bf:b5:
43:7f:c7:f7:bb:7f:48:e0:94:20:09:b9:5f:4b:cc:
d1:4a:4c:28:40:e3:84:33:2a:a6:84:1b:9a:15:61:
54:a2:55:b8:cb:44:26:b7:f6:9f:a7:83:76:ab:af:
f1:b5:a8:25:bc:5a:73:7c:f3:3e:64:da:76:b2:5e:
07:92:c4:d9:47:4a:fd:bc:94:09:63:52:32:10:cf:
e1:34:22:86:04:3a:d3:f3:68:42:72:33:83:ea:12:
fa:42:41:79:a1:b0:b3:a3:a2:4d:04:aa:22:93:51:
5d:a6:9c:84:c6:eb:b0:73:c9:81:ae:5e:5e:32:0d:
29:bd:1c:c9:5f:b7:24:e8:71:f1:ab:93:7c:13:f3:
c5:6e:5e:ad:86:ed:8d:f1:cc:f2:70:b4:e7:b3:f5:
d0:e0:bd:51:26:74:5b:5e:76:f3:a4:72:5f:5b:39:
17:27:84:cc:23:50:23:4c:a4:3d:d6:be:1e:4b:0c:
31:99:f6:45:4f:2e:93:c3:25:32:67:d8:15:74:32:
35:19:de:75:47:0c:0d:67:a9:67:41:e6:b0:8e:82:
4c:f6:cb:d3:81:9b:5a:08:54:73:aa:65:e0:68:d8:
17:cc:ad:cc:e9:c8:67:2c:28:12:eb:4c:7d:36:ab:
ca:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:71:07:9D:D9:2A:01:6A:11:6F:23:DF:51:F3:F2:5A:08:DA:03:DF
X509v3 Authority Key Identifier:
keyid:69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/NHEHndkqAWoRbyPfUfPyWgjaA98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.176.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:6d:05:84:9f:57:8f:be:61:c9:90:ec:d0:b3:c4:34:2b:6a:
0e:b4:76:47:34:a8:3d:c8:22:cc:24:f2:a9:49:5c:06:5a:ae:
c3:83:b4:aa:6d:07:20:77:a0:54:c1:76:91:21:5f:2b:a6:da:
b6:f3:77:54:d8:39:37:45:19:44:3a:67:0f:ec:76:a8:6b:cd:
c7:76:7a:85:d6:7c:15:5d:fb:2b:f8:0e:55:c7:7b:96:e6:eb:
cb:8b:38:dc:a3:cc:51:e3:c0:82:fc:ac:ba:ff:32:81:af:9b:
27:6a:9a:75:7d:15:d2:e9:d8:e7:35:b6:3e:01:33:4b:e2:f4:
6a:1a:4e:6f:a9:94:1f:3e:a4:5c:1a:b4:5e:9f:bd:3d:23:a6:
55:f4:0f:6b:74:11:e0:75:55:01:1a:0c:05:f7:f5:da:78:2a:
40:9e:76:9f:fb:c3:46:ff:38:d8:55:da:d4:f0:a1:3f:40:c3:
b7:64:e6:15:0f:fe:74:c3:83:91:3f:09:06:db:61:87:e0:aa:
d1:a7:f8:11:75:0d:db:7e:e3:d7:21:ef:60:d6:ba:67:16:0f:
3e:35:9a:87:a9:32:76:87:21:8b:67:b4:e7:5e:84:59:98:e4:
cc:f3:4a:79:90:b1:00:02:13:77:e9:44:3f:12:ce:45:c1:19:
75:23:6f:7a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAhmEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY5
ODdkNDc5MzVlMTEzN2Q1NDQ0MjZkYjUyODhlMTJhOWMwMjVhYzIwHhcNMjIwMjEx
MTAyNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNDcxMDc5ZGQ5MmEw
MTZhMTE2ZjIzZGY1MWYzZjI1YTA4ZGEwM2RmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApaMPrcXw1onZBuADv7VDf8f3u39I4JQgCblfS8zRSkwoQOOE
MyqmhBuaFWFUolW4y0Qmt/afp4N2q6/xtaglvFpzfPM+ZNp2sl4HksTZR0r9vJQJ
Y1IyEM/hNCKGBDrT82hCcjOD6hL6QkF5obCzo6JNBKoik1FdppyExuuwc8mBrl5e
Mg0pvRzJX7ck6HHxq5N8E/PFbl6thu2N8czycLTns/XQ4L1RJnRbXnbzpHJfWzkX
J4TMI1AjTKQ91r4eSwwxmfZFTy6TwyUyZ9gVdDI1Gd51RwwNZ6lnQeawjoJM9svT
gZtaCFRzqmXgaNgXzK3M6chnLCgS60x9NqvK5wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDRxB53ZKgFqEW8j31Hz8loI2gPfMB8GA1UdIwQYMBaAFGmH1Hk14RN9VEQm
21KI4SqcAlrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1ZjgtOWM5NTM1OTRkNmIxLzEv
TkhFSG5ka3FBV29SYnlQZlVmUHlXZ2phQTk4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8z
MmQ3YWQtOGJmOS00Mjc0LTk1ZjgtOWM5NTM1OTRkNmIxLzEvYVlmVWVUWGhFMzFV
UkNiYlVvamhLcHdDV3NJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSywMA0GCSqGSIb3DQEBCwUAA4IB
AQBMbQWEn1ePvmHJkOzQs8Q0K2oOtHZHNKg9yCLMJPKpSVwGWq7Dg7SqbQcgd6BU
wXaRIV8rptq283dU2Dk3RRlEOmcP7Haoa83HdnqF1nwVXfsr+A5Vx3uW5uvLizjc
o8xR48CC/Ky6/zKBr5snapp1fRXS6djnNbY+ATNL4vRqGk5vqZQfPqRcGrRen709
I6ZV9A9rdBHgdVUBGgwF9/XaeCpAnnaf+8NG/zjYVdrU8KE/QMO3ZOYVD/50w4OR
PwkG22GH4KrRp/gRdQ3bfuPXIe9g1rpnFg8+NZqHqTJ2hyGLZ7TnXoRZmOTM80p5
kLEAAhN36UQ/Es5FwRl1I296
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:27 2025 by rpki-client