Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c309ec-3254-4200-9a5e-ab42b4c93ed9/1/uqGgHIi9Bd1HidoVqQV-18PGuk0.roa
File: uqGgHIi9Bd1HidoVqQV-18PGuk0.roa (raw, json)
Hash identifier: OuhEMKZl0Pq5wmxHoQhSmYRX4UbdH4FTfYxkC1TlJhc=
Subject key identifier: BA:A1:A0:1C:88:BD:05:DD:47:89:DA:15:A9:05:7E:D7:C3:C6:BA:4D
Certificate issuer: /CN=d20542a6135524142194caa708e7db2cca6b4e63
Certificate serial: 7E26A5
Authority key identifier: D2:05:42:A6:13:55:24:14:21:94:CA:A7:08:E7:DB:2C:CA:6B:4E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0gVCphNVJBQhlMqnCOfbLMprTmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/c309ec-3254-4200-9a5e-ab42b4c93ed9/1/uqGgHIi9Bd1HidoVqQV-18PGuk0.roa
Signing time: Sat 01 Jan 2022 01:01:12 +0000
ROA not before: Sat 01 Jan 2022 01:01:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204565
IP address blocks: 185.242.38.0/24 maxlen: 24
185.242.37.0/24 maxlen: 24
185.242.36.0/24 maxlen: 24
185.242.39.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8267429 (0x7e26a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d20542a6135524142194caa708e7db2cca6b4e63
Validity
Not Before: Jan 1 01:01:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=baa1a01c88bd05dd4789da15a9057ed7c3c6ba4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2f:b3:ec:90:8e:e6:d0:ad:96:4f:e2:e1:fa:
52:41:e4:af:d1:a9:c6:26:d2:ea:4b:e3:6e:94:96:
9d:da:9b:a4:80:0a:29:1f:d7:57:76:fc:a4:fa:ed:
b4:03:2b:12:8a:ec:d3:9b:f0:6a:f2:fe:11:d5:90:
3e:3c:de:98:1d:69:72:67:3b:ce:01:e0:88:ba:b2:
cd:d0:9e:20:68:dd:2e:70:5f:5c:05:a9:70:d0:85:
56:4f:33:58:d4:c3:c8:de:7a:19:6b:51:f6:ee:65:
6f:3f:77:3a:de:22:e0:93:6f:b6:cf:1b:f3:75:7d:
df:49:a6:28:91:3c:f4:7e:94:b3:39:47:3a:0a:d2:
2d:8e:18:8f:e0:34:74:b0:bb:e8:c9:45:6b:eb:1d:
c2:6d:a8:83:df:1f:39:30:f4:c0:de:13:7a:6c:8e:
5e:d3:1a:f2:e2:d8:51:7b:93:65:51:c6:d5:40:c0:
de:17:04:2b:d7:70:28:32:52:86:75:f3:91:1b:d1:
66:b6:60:07:06:34:01:99:61:3b:ad:66:62:45:b2:
2f:64:73:1e:b0:c9:26:2a:79:ab:58:5e:4c:1d:71:
8a:cf:c3:28:39:38:4a:9b:4a:a5:56:77:3f:6f:88:
09:96:71:0d:ef:86:af:1c:64:75:db:ec:fa:06:7a:
40:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A1:A0:1C:88:BD:05:DD:47:89:DA:15:A9:05:7E:D7:C3:C6:BA:4D
X509v3 Authority Key Identifier:
keyid:D2:05:42:A6:13:55:24:14:21:94:CA:A7:08:E7:DB:2C:CA:6B:4E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gVCphNVJBQhlMqnCOfbLMprTmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c309ec-3254-4200-9a5e-ab42b4c93ed9/1/uqGgHIi9Bd1HidoVqQV-18PGuk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c309ec-3254-4200-9a5e-ab42b4c93ed9/1/0gVCphNVJBQhlMqnCOfbLMprTmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.36.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:5e:ff:51:f6:5f:36:b7:8e:2e:53:ad:4c:7a:a6:54:65:96:
f5:e8:ae:9a:06:98:49:c6:35:e9:d8:fe:6a:9a:70:70:31:a8:
b5:03:c6:e0:0d:fe:57:1a:98:67:57:05:8b:db:d6:83:fb:a0:
89:4c:22:5f:c0:76:61:05:6c:50:83:e0:9e:3e:00:d6:e8:fd:
8c:32:45:44:ca:33:ae:14:5d:e9:73:6b:b1:45:df:ab:ed:40:
4e:55:ba:c2:73:c2:2c:e2:a0:9b:f3:68:71:bc:8c:4a:2f:1c:
63:28:c9:12:12:9c:a5:56:b3:ff:c7:6f:d0:4f:30:23:67:1d:
0c:fd:ed:e0:44:f2:27:01:6b:c0:6b:32:1f:3e:39:16:f7:09:
65:85:64:18:49:73:8d:ab:2f:29:fa:0b:4f:30:80:3b:af:0c:
d1:af:62:10:9a:63:af:7b:36:77:8c:b0:b5:53:c4:6f:67:2e:
5c:ff:98:6c:b2:e6:54:68:36:9f:29:c0:16:75:a5:87:79:de:
e6:40:5c:54:31:ac:18:ef:c2:82:70:ae:65:4e:24:a6:68:42:
05:9e:90:f7:5d:1a:e3:94:86:e6:1c:03:99:a0:3d:aa:19:6d:
ac:3e:3f:42:c7:6e:11:24:6b:dc:39:cd:53:88:fc:91:97:16:
4f:cb:75:97
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDfialMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQy
MDU0MmE2MTM1NTI0MTQyMTk0Y2FhNzA4ZTdkYjJjY2E2YjRlNjMwHhcNMjIwMTAx
MDEwMTEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiYWExYTAxYzg4YmQw
NWRkNDc4OWRhMTVhOTA1N2VkN2MzYzZiYTRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAki+z7JCO5tCtlk/i4fpSQeSv0anGJtLqS+NulJad2pukgAop
H9dXdvyk+u20AysSiuzTm/Bq8v4R1ZA+PN6YHWlyZzvOAeCIurLN0J4gaN0ucF9c
Balw0IVWTzNY1MPI3noZa1H27mVvP3c63iLgk2+2zxvzdX3fSaYokTz0fpSzOUc6
CtItjhiP4DR0sLvoyUVr6x3CbaiD3x85MPTA3hN6bI5e0xry4thRe5NlUcbVQMDe
FwQr13AoMlKGdfORG9FmtmAHBjQBmWE7rWZiRbIvZHMesMkmKnmrWF5MHXGKz8Mo
OThKm0qlVnc/b4gJlnEN74avHGR12+z6BnpA+QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFLqhoByIvQXdR4naFakFftfDxrpNMB8GA1UdIwQYMBaAFNIFQqYTVSQUIZTK
pwjn2yzKa05jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MGdWQ3BoTlZKQlFobE1xbkNPZmJMTXByVG1NLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iMy9jMzA5ZWMtMzI1NC00MjAwLTlhNWUtYWI0MmI0YzkzZWQ5LzEv
dXFHZ0hJaTlCZDFIaWRvVnFRVi0xOFBHdWswLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9j
MzA5ZWMtMzI1NC00MjAwLTlhNWUtYWI0MmI0YzkzZWQ5LzEvMGdWQ3BoTlZKQlFo
bE1xbkNPZmJMTXByVG1NLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufIkMA0GCSqGSIb3DQEBCwUAA4IB
AQB+Xv9R9l82t44uU61MeqZUZZb16K6aBphJxjXp2P5qmnBwMai1A8bgDf5XGphn
VwWL29aD+6CJTCJfwHZhBWxQg+CePgDW6P2MMkVEyjOuFF3pc2uxRd+r7UBOVbrC
c8Is4qCb82hxvIxKLxxjKMkSEpylVrP/x2/QTzAjZx0M/e3gRPInAWvAazIfPjkW
9wllhWQYSXONqy8p+gtPMIA7rwzRr2IQmmOvezZ3jLC1U8RvZy5c/5hssuZUaDaf
KcAWdaWHed7mQFxUMawY78KCcK5lTiSmaEIFnpD3XRrjlIbmHAOZoD2qGW2sPj9C
x24RJGvcOc1TiPyRlxZPy3WX
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:43 2025 by rpki-client