Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/_Xx1MMhc6MMOSHrMEf_IbsvwI24.roa
File: _Xx1MMhc6MMOSHrMEf_IbsvwI24.roa (raw, json)
Hash identifier: snyPEd5h8U4AyYdDTRBLVZ/8Qi7wPHurxheoCGY02hw=
Subject key identifier: FD:7C:75:30:C8:5C:E8:C3:0E:48:7A:CC:11:FF:C8:6E:CB:F0:23:6E
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 0185732815B2CEF92E6C17C2C3936C61FF4C
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/_Xx1MMhc6MMOSHrMEf_IbsvwI24.roa
Signing time: Mon 02 Jan 2023 15:44:44 +0000
ROA not before: Mon 02 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61204
IP address blocks: 185.145.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:15:b2:ce:f9:2e:6c:17:c2:c3:93:6c:61:ff:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 2 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd7c7530c85ce8c30e487acc11ffc86ecbf0236e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6d:91:c4:ee:14:31:5b:e4:6b:1f:38:c0:93:
74:af:bd:2c:aa:ed:23:c9:bb:09:91:47:e3:66:ba:
96:a9:c6:ff:6a:e4:54:c7:71:9a:75:f9:27:38:24:
94:19:e6:3c:41:89:ba:ed:5b:cb:8f:96:87:a3:84:
3f:e7:c6:98:62:17:4f:17:c7:16:55:53:63:1e:ec:
19:bd:2e:c4:32:1c:54:16:68:9e:f0:d3:a8:ae:3b:
6f:df:fd:26:d4:c8:f8:85:17:22:46:82:32:2c:6e:
af:8f:bc:da:26:b9:98:41:f9:1a:89:46:b4:9d:7e:
b4:4b:54:35:72:45:48:c4:07:fe:b1:87:44:11:a4:
19:32:dd:f1:4c:34:e1:98:d3:db:61:85:e2:47:07:
3f:dd:6e:24:e6:d8:ab:0e:e3:30:2a:fa:d8:75:b5:
9c:e4:4b:69:6d:2a:c9:cc:34:8c:36:2e:e1:27:fb:
1e:50:53:0b:5f:ad:c9:6c:fa:9f:e6:48:83:0e:ce:
60:a9:76:ce:07:15:28:d6:bc:53:d9:82:19:30:c4:
fe:13:71:3c:8c:23:fb:ac:1a:83:2c:52:34:7f:ec:
9b:99:2e:5f:58:09:87:e7:b8:15:fe:de:27:f6:07:
c0:02:a1:61:c9:91:49:59:a8:66:b9:51:5f:17:bc:
b4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7C:75:30:C8:5C:E8:C3:0E:48:7A:CC:11:FF:C8:6E:CB:F0:23:6E
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/_Xx1MMhc6MMOSHrMEf_IbsvwI24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.113.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:9a:86:f6:fb:e2:29:c5:8e:e5:1d:98:72:db:fd:9b:fc:c4:
45:bf:b0:0b:00:d7:1a:de:2e:12:65:ec:c5:04:a5:9d:47:e3:
4f:d9:a3:77:b3:9b:35:3b:3c:c1:ef:93:24:67:45:e9:34:05:
2b:8c:78:3a:18:8f:cd:40:0f:d5:59:66:5f:3d:5e:e2:f3:51:
8a:4f:c4:01:48:f9:5e:2a:7d:bd:ab:9e:b3:1d:c9:98:f2:d4:
3a:67:35:d9:a5:f3:14:72:b4:04:80:5e:02:38:46:95:e3:83:
34:ab:57:af:07:2b:f0:c5:05:30:e6:d0:93:67:40:8c:fd:14:
3b:a0:c1:40:34:90:6a:66:b2:a9:1f:6f:a4:38:3b:88:b5:42:
c8:a6:ef:9b:38:04:9b:94:df:17:53:31:8f:15:06:8a:15:e0:
96:f8:4d:8d:06:b2:65:e8:4d:1e:d7:96:10:6a:e3:79:f8:d5:
33:7a:82:45:e3:af:3f:34:97:0c:c2:19:39:0b:94:8d:40:f4:
b4:cf:bb:e3:58:f1:8a:d9:2e:82:6e:56:7a:af:85:4a:a7:5d:
3c:6e:2c:6f:ed:82:52:68:d5:0f:7c:31:15:6c:d7:f5:cc:e1:
26:10:d0:e3:f6:2b:0b:53:c4:36:da:83:3b:30:31:b0:dd:0d:
b2:60:1b:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzKBWyzvkubBfCw5NsYf9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjMwMTAyMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdjNzUzMGM4NWNlOGMzMGU0ODdhY2MxMWZmYzg2ZWNiZjAyMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm2RxO4UMVvkax84wJN0r70squ0j
ybsJkUfjZrqWqcb/auRUx3GadfknOCSUGeY8QYm67VvLj5aHo4Q/58aYYhdPF8cW
VVNjHuwZvS7EMhxUFmie8NOorjtv3/0m1Mj4hRciRoIyLG6vj7zaJrmYQfkaiUa0
nX60S1Q1ckVIxAf+sYdEEaQZMt3xTDThmNPbYYXiRwc/3W4k5tirDuMwKvrYdbWc
5EtpbSrJzDSMNi7hJ/seUFMLX63JbPqf5kiDDs5gqXbOBxUo1rxT2YIZMMT+E3E8
jCP7rBqDLFI0f+ybmS5fWAmH57gV/t4n9gfAAqFhyZFJWahmuVFfF7y0QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP18dTDIXOjDDkh6zBH/yG7L8CNuMB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvX1h4MU1NaGM2TU1PU0hyTUVmX0lic3Z3STI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZFxMA0G
CSqGSIb3DQEBCwUAA4IBAQAPmob2++IpxY7lHZhy2/2b/MRFv7ALANca3i4SZezF
BKWdR+NP2aN3s5s1OzzB75MkZ0XpNAUrjHg6GI/NQA/VWWZfPV7i81GKT8QBSPle
Kn29q56zHcmY8tQ6ZzXZpfMUcrQEgF4COEaV44M0q1evByvwxQUw5tCTZ0CM/RQ7
oMFANJBqZrKpH2+kODuItULIpu+bOASblN8XUzGPFQaKFeCW+E2NBrJl6E0e15YQ
auN5+NUzeoJF468/NJcMwhk5C5SNQPS0z7vjWPGK2S6CblZ6r4VKp108bixv7YJS
aNUPfDEVbNf1zOEmENDj9isLU8Q22oM7MDGw3Q2yYBtE
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:11 2025 by rpki-client