Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/5S-dWLWuf9ZrGa9bcsQ5YK0gpvs.roa
File: 5S-dWLWuf9ZrGa9bcsQ5YK0gpvs.roa (raw, json)
Hash identifier: /rA3TcveRi0lGxSnJDPlLC/3Pil3CcVDVjbECYVktRg=
Subject key identifier: E5:2F:9D:58:B5:AE:7F:D6:6B:19:AF:5B:72:C4:39:60:AD:20:A6:FB
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 01856D2F30F4B7D80A85E3DCB2FF92F0F683
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/5S-dWLWuf9ZrGa9bcsQ5YK0gpvs.roa
Signing time: Sun 01 Jan 2023 11:54:47 +0000
ROA not before: Sun 01 Jan 2023 11:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42745
IP address blocks: 185.160.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:30:f4:b7:d8:0a:85:e3:dc:b2:ff:92:f0:f6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jan 1 11:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e52f9d58b5ae7fd66b19af5b72c43960ad20a6fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a4:70:0e:2f:a7:b4:fc:3f:17:6e:40:48:b6:
28:9e:7e:a6:e0:51:b3:e6:71:38:2f:e8:9c:86:60:
71:97:90:ff:1b:f9:84:68:e9:44:01:e7:24:47:0a:
6e:fc:a4:12:1c:48:50:4e:82:3e:7f:61:a8:e7:f9:
34:63:31:e6:fc:ef:1b:e5:a1:c4:73:94:e2:14:99:
19:a3:e4:74:c7:da:65:d7:99:6e:f1:95:ab:d7:f0:
ed:f3:f7:ac:93:de:f8:62:b5:9d:94:bc:4f:8e:61:
36:15:17:74:e2:92:4e:ed:af:68:fa:3f:c1:dc:09:
12:2e:b5:99:fa:57:6d:23:8f:30:78:5c:34:22:7f:
b3:05:cb:89:35:d3:3b:79:60:00:aa:62:05:21:fb:
c9:79:21:83:d8:8e:cc:80:14:36:1a:87:76:a1:75:
9a:ac:41:59:97:d7:87:51:19:84:ed:9d:9e:8a:18:
5b:aa:03:de:d3:67:79:6b:42:cf:d6:38:e1:57:24:
d5:03:ee:60:9d:45:1b:13:51:a2:02:7d:b1:9f:c1:
b6:d5:22:b9:8c:7d:2b:e9:25:cc:8f:de:79:23:84:
65:bb:28:df:b2:bc:eb:4e:cb:28:a0:7e:75:af:4b:
8e:27:99:c9:1d:45:99:45:25:1f:f8:62:f6:94:56:
6f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:2F:9D:58:B5:AE:7F:D6:6B:19:AF:5B:72:C4:39:60:AD:20:A6:FB
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/5S-dWLWuf9ZrGa9bcsQ5YK0gpvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.192.0/24
Signature Algorithm: sha256WithRSAEncryption
47:be:3c:86:91:96:bf:7c:8d:78:f8:ba:cd:4f:2c:80:fe:ed:
8e:d1:76:b6:15:40:cd:f6:58:57:d7:61:69:56:79:98:d7:ca:
a6:7b:0c:66:90:c7:ac:b4:c1:cf:03:6b:96:6e:4e:35:c5:fc:
bd:63:73:79:66:42:15:3e:0d:5e:25:9e:38:ef:0b:61:7d:eb:
a7:80:0e:f9:bf:8e:93:1b:4f:06:c8:13:07:f0:56:d0:af:f5:
cb:6a:fe:5c:dd:b6:09:57:36:27:bd:79:34:6b:e9:a2:24:a6:
7e:54:5d:41:c5:e3:fa:09:ca:ea:30:79:a6:4d:cf:51:c5:74:
8b:68:f8:f0:5d:c9:66:52:fd:8a:cf:b7:db:c9:9d:ee:42:af:
de:fe:1e:d9:31:05:c8:1e:37:11:5d:e3:c0:b3:6e:54:da:cc:
1b:74:3a:97:b7:70:45:04:6f:7b:d2:a8:4a:b9:a1:58:c5:a9:
3c:fa:b0:96:59:3b:97:37:5a:a0:e0:ab:0f:5c:14:6e:83:50:
1c:30:10:ce:87:98:3f:bf:e3:b8:07:e2:c1:bc:0d:41:f9:16:
15:9f:52:5d:a9:ac:af:79:a8:5c:01:cd:cb:bc:32:55:65:9a:
97:15:51:02:0c:0b:da:4a:61:4c:0c:7e:a4:5f:96:6d:51:dc:
10:8f:e2:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLzD0t9gKhePcsv+S8PaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMTAxMTE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTJmOWQ1OGI1YWU3ZmQ2NmIxOWFmNWI3MmM0Mzk2MGFkMjBhNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6RwDi+ntPw/F25ASLYonn6m4FGz
5nE4L+ichmBxl5D/G/mEaOlEAeckRwpu/KQSHEhQToI+f2Go5/k0YzHm/O8b5aHE
c5TiFJkZo+R0x9pl15lu8ZWr1/Dt8/esk974YrWdlLxPjmE2FRd04pJO7a9o+j/B
3AkSLrWZ+ldtI48weFw0In+zBcuJNdM7eWAAqmIFIfvJeSGD2I7MgBQ2God2oXWa
rEFZl9eHURmE7Z2eihhbqgPe02d5a0LP1jjhVyTVA+5gnUUbE1GiAn2xn8G21SK5
jH0r6SXMj955I4RluyjfsrzrTssooH51r0uOJ5nJHUWZRSUf+GL2lFZvxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOUvnVi1rn/WaxmvW3LEOWCtIKb7MB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvNVMtZFdMV3VmOVpyR2E5YmNzUTVZSzBncHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaDAMA0G
CSqGSIb3DQEBCwUAA4IBAQBHvjyGkZa/fI14+LrNTyyA/u2O0Xa2FUDN9lhX12Fp
VnmY18qmewxmkMestMHPA2uWbk41xfy9Y3N5ZkIVPg1eJZ447wthfeungA75v46T
G08GyBMH8FbQr/XLav5c3bYJVzYnvXk0a+miJKZ+VF1BxeP6CcrqMHmmTc9RxXSL
aPjwXclmUv2Kz7fbyZ3uQq/e/h7ZMQXIHjcRXePAs25U2swbdDqXt3BFBG970qhK
uaFYxak8+rCWWTuXN1qg4KsPXBRug1AcMBDOh5g/v+O4B+LBvA1B+RYVn1Jdqayv
eahcAc3LvDJVZZqXFVECDAvaSmFMDH6kX5ZtUdwQj+LI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:09 2025 by rpki-client