Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/v2PLQcppTbJ037a28gayqblIAKA.roa
File: v2PLQcppTbJ037a28gayqblIAKA.roa (raw, json)
Hash identifier: LiegkYVy6ZQBuQzfPbnZgRNmkmtf8O8mQR9r9QrlqY4=
Subject key identifier: BF:63:CB:41:CA:69:4D:B2:74:DF:B6:B6:F2:06:B2:A9:B9:48:00:A0
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 07857A75
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/v2PLQcppTbJ037a28gayqblIAKA.roa
Signing time: Fri 27 May 2022 04:58:13 +0000
ROA not before: Fri 27 May 2022 04:58:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61204
IP address blocks: 185.145.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126188149 (0x7857a75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: May 27 04:58:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf63cb41ca694db274dfb6b6f206b2a9b94800a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4c:19:50:59:21:f0:10:d6:af:48:58:fd:d2:
12:c0:22:03:42:25:1d:08:31:7b:a6:7e:eb:da:79:
75:02:6d:a5:2e:d8:4b:29:f4:d8:f4:a7:01:e9:23:
f4:04:da:de:ed:bb:f7:38:18:29:51:55:35:3d:04:
48:17:85:70:89:65:d1:58:4e:69:69:92:f0:71:b9:
a2:d1:2d:5b:19:06:e1:dc:fb:f5:cc:22:13:32:7e:
d6:4d:de:d5:68:c0:20:af:5c:43:c5:69:c6:9a:59:
d9:cb:ca:20:6d:e8:25:d5:a0:6c:d4:ce:65:1b:cc:
5d:7f:3f:7e:ca:0a:9a:0e:13:dd:a8:3f:f0:c9:c7:
e9:49:8e:12:6d:c9:af:b9:93:f7:f9:85:75:91:1d:
73:16:db:cf:3e:c5:41:66:e0:4e:6d:82:a0:25:0f:
9c:3b:62:60:fa:8a:a1:94:83:08:6a:e1:cf:f5:1b:
51:3e:63:7a:a5:ca:c9:25:92:99:75:a9:91:e9:84:
5c:29:bd:69:3c:9a:bb:98:e5:05:50:1d:0a:32:72:
44:e0:36:ef:24:1f:07:9c:bb:aa:3f:db:fe:8d:6d:
51:93:5e:83:4d:c8:90:c2:e4:7a:ec:00:17:ae:c7:
20:df:3c:f6:0f:ad:65:2b:76:fa:d9:b5:28:0e:4c:
b3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:63:CB:41:CA:69:4D:B2:74:DF:B6:B6:F2:06:B2:A9:B9:48:00:A0
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/v2PLQcppTbJ037a28gayqblIAKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.113.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:7a:b5:c1:38:68:6f:43:8f:5c:9f:b5:fc:e7:a0:3d:e1:3d:
d3:e2:e1:e9:23:45:68:86:fb:7d:a6:91:2d:6e:bf:93:b8:c7:
7d:0c:03:d3:c8:dc:0c:9c:7f:6f:06:9e:f8:0c:e9:d1:cc:9d:
88:75:ae:d0:fe:71:e1:c3:a5:46:9c:fa:21:08:a3:f9:c4:fd:
98:98:ae:db:ff:7e:4b:06:3e:1c:f1:b8:44:e8:64:03:fc:4b:
ca:11:19:71:8d:94:6f:4a:06:ce:db:2c:c9:c0:c5:11:58:bb:
a2:1e:32:b0:8d:84:e1:61:57:02:c6:f6:43:54:02:40:b3:67:
5b:f7:22:9f:68:59:cc:d8:b5:34:23:a0:02:2c:da:df:98:d2:
ec:bc:6a:01:8b:05:b2:67:d5:3b:93:53:72:42:d8:4b:e7:bc:
08:1c:81:8b:cf:ba:2d:07:e3:cd:e6:9c:5f:eb:8e:f3:81:68:
a5:d1:3e:f7:0d:78:fc:01:ef:96:ec:aa:ad:ed:ed:08:28:f5:
98:19:a6:86:cc:42:a7:a1:39:c1:a1:25:13:5e:5e:1c:ea:3c:
29:04:6c:9a:c8:ff:4e:36:b0:d6:cd:b9:3e:d4:ff:aa:5a:2e:
fd:03:e8:a4:ac:06:9f:24:25:89:aa:d1:48:5f:92:8b:f8:6a:
12:2e:96:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB4V6dTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDUyMTEyOGNmNjM0YWE2YWZhN2VmNTJkNTMxZjNmY2Q1NTYyOGY5MB4XDTIyMDUy
NzA0NTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY2M2NiNDFjYTY5
NGRiMjc0ZGZiNmI2ZjIwNmIyYTliOTQ4MDBhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdMGVBZIfAQ1q9IWP3SEsAiA0IlHQgxe6Z+69p5dQJtpS7Y
Syn02PSnAekj9ATa3u279zgYKVFVNT0ESBeFcIll0VhOaWmS8HG5otEtWxkG4dz7
9cwiEzJ+1k3e1WjAIK9cQ8VpxppZ2cvKIG3oJdWgbNTOZRvMXX8/fsoKmg4T3ag/
8MnH6UmOEm3Jr7mT9/mFdZEdcxbbzz7FQWbgTm2CoCUPnDtiYPqKoZSDCGrhz/Ub
UT5jeqXKySWSmXWpkemEXCm9aTyau5jlBVAdCjJyROA27yQfB5y7qj/b/o1tUZNe
g03IkMLkeuwAF67HIN889g+tZSt2+tm1KA5Ms2UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/Y8tBymlNsnTftrbyBrKpuUgAoDAfBgNVHSMEGDAWgBTwUhEoz2NKpq+n
71LVMfP81VYo+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhGSVJLTTlqU3FhdnAtOVMxVEh6X05WV0tQay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYjRiMTUwLWRiYjgtNDY1Zi04MTU1LWU0NDE5YjY0MjEyZS8x
L3YyUExRY3BwVGJKMDM3YTI4Z2F5cWJsSUFLQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
YjRiMTUwLWRiYjgtNDY1Zi04MTU1LWU0NDE5YjY0MjEyZS8xLzhGSVJLTTlqU3Fh
dnAtOVMxVEh6X05WV0tQay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmRcTANBgkqhkiG9w0BAQsFAAOC
AQEAjHq1wThob0OPXJ+1/OegPeE90+Lh6SNFaIb7faaRLW6/k7jHfQwD08jcDJx/
bwae+Azp0cydiHWu0P5x4cOlRpz6IQij+cT9mJiu2/9+SwY+HPG4ROhkA/xLyhEZ
cY2Ub0oGztssycDFEVi7oh4ysI2E4WFXAsb2Q1QCQLNnW/cin2hZzNi1NCOgAiza
35jS7LxqAYsFsmfVO5NTckLYS+e8CByBi8+6LQfjzeacX+uO84FopdE+9w14/AHv
luyqre3tCCj1mBmmhsxCp6E5waElE15eHOo8KQRsmsj/Tjaw1s25PtT/qlou/QPo
pKwGnyQliarRSF+Si/hqEi6Wng==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:53 2025 by rpki-client