Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/78ywD80-MR5TATwDSYK5jqE16S8.roa
File: 78ywD80-MR5TATwDSYK5jqE16S8.roa (raw, json)
Hash identifier: 0ZR4XiuiR1ByyTt2He4LPr+BFo124yvPRCWNnb7zSz8=
Subject key identifier: EF:CC:B0:0F:CD:3E:31:1E:53:01:3C:03:49:82:B9:8E:A1:35:E9:2F
Certificate issuer: /CN=f12465bd246f22311ce9b05eeb49f7b7914b2a0a
Certificate serial: 12B63B67
Authority key identifier: F1:24:65:BD:24:6F:22:31:1C:E9:B0:5E:EB:49:F7:B7:91:4B:2A:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8SRlvSRvIjEc6bBe60n3t5FLKgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/78ywD80-MR5TATwDSYK5jqE16S8.roa
Signing time: Sat 01 Jan 2022 07:53:49 +0000
ROA not before: Sat 01 Jan 2022 07:53:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204056
IP address blocks: 185.141.217.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
185.141.219.0/24 maxlen: 24
185.141.218.0/24 maxlen: 24
2a07:2700::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 313932647 (0x12b63b67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f12465bd246f22311ce9b05eeb49f7b7914b2a0a
Validity
Not Before: Jan 1 07:53:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=efccb00fcd3e311e53013c034982b98ea135e92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:89:94:8b:46:18:98:5c:7d:47:dd:4e:ea:de:
69:41:e0:86:7a:b0:13:5c:c7:f4:89:82:39:ff:50:
99:f6:57:48:09:9c:e3:83:a9:a1:ad:93:37:f0:92:
ed:cb:88:25:14:74:89:6b:70:cf:05:4c:94:9e:1c:
c7:89:88:15:fc:c5:1c:ab:e9:60:ed:41:92:1b:6d:
be:b1:34:c2:a1:33:5c:83:cb:74:51:59:b3:0b:8b:
d8:d3:03:e3:f2:89:9a:02:89:62:66:40:3e:27:b5:
c9:e7:4c:d5:95:d1:e3:6e:15:ed:af:cc:64:28:fa:
be:0a:46:00:b2:17:09:7d:0f:4e:61:e0:30:e4:95:
63:f9:57:fa:4e:9b:4a:10:91:d7:8c:f4:aa:ea:2e:
af:71:14:fe:34:e9:3b:18:a8:66:6d:12:0b:98:76:
c5:7b:e2:d3:47:38:db:c7:0f:56:aa:a3:11:c2:49:
06:07:30:bc:8b:85:df:32:95:23:2a:9d:0e:f0:c6:
f4:c3:0e:e2:22:7f:29:55:bf:35:c3:47:51:f8:ed:
ab:7f:a0:fc:af:20:8f:c3:fe:3b:da:5b:30:29:ed:
48:9d:3f:2b:75:a2:f0:f7:71:e5:22:db:ce:51:70:
60:f2:18:7f:95:27:bf:62:89:ac:38:c8:01:82:1b:
1f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CC:B0:0F:CD:3E:31:1E:53:01:3C:03:49:82:B9:8E:A1:35:E9:2F
X509v3 Authority Key Identifier:
keyid:F1:24:65:BD:24:6F:22:31:1C:E9:B0:5E:EB:49:F7:B7:91:4B:2A:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8SRlvSRvIjEc6bBe60n3t5FLKgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/78ywD80-MR5TATwDSYK5jqE16S8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/8SRlvSRvIjEc6bBe60n3t5FLKgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.216.0/22
IPv6:
2a07:2700::/29
Signature Algorithm: sha256WithRSAEncryption
20:c8:f6:38:21:2d:05:f8:9b:8e:ab:58:d0:38:37:74:34:25:
b1:b5:65:7c:7a:aa:fc:68:5d:2b:95:25:3f:8a:1d:c3:f6:65:
22:75:25:40:55:a1:62:59:46:c6:fb:0e:17:47:a2:d7:52:1c:
1a:17:2d:7f:75:4b:cd:f9:b9:ba:5a:04:8e:0a:6f:ae:5c:5b:
78:1d:36:26:df:83:b0:2d:c1:51:e1:11:85:59:9d:2b:24:fb:
d2:cb:19:21:09:db:01:76:f9:d8:30:76:6b:bd:47:27:22:a3:
03:27:f3:86:9d:bc:be:6d:2f:47:e6:35:63:1c:ea:b8:96:28:
7b:d1:84:e8:0c:25:c8:6e:b0:0a:21:c9:ae:ce:e1:de:05:32:
dd:5f:9e:00:0d:93:90:e8:dc:b2:0a:09:68:64:8c:b2:a3:d0:
fb:d1:3e:3d:2b:51:72:cf:1a:08:e0:61:4a:ed:24:75:8d:ca:
c6:98:db:5e:e2:61:91:e7:65:4e:f4:39:67:e9:12:fc:ca:28:
4d:ea:d8:3b:63:95:87:7e:10:c7:6f:90:b1:39:32:70:19:cf:
09:c4:12:7f:ce:d3:28:fe:16:2b:5f:89:11:5d:5c:50:28:75:
a5:71:48:cd:7f:54:05:a0:d2:c9:12:0d:96:7f:04:7b:f6:a9:
62:bc:f3:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEErY7ZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTI0NjViZDI0NmYyMjMxMWNlOWIwNWVlYjQ5ZjdiNzkxNGIyYTBhMB4XDTIyMDEw
MTA3NTM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWZjY2IwMGZjZDNl
MzExZTUzMDEzYzAzNDk4MmI5OGVhMTM1ZTkyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOSJlItGGJhcfUfdTureaUHghnqwE1zH9ImCOf9QmfZXSAmc
44Opoa2TN/CS7cuIJRR0iWtwzwVMlJ4cx4mIFfzFHKvpYO1BkhttvrE0wqEzXIPL
dFFZswuL2NMD4/KJmgKJYmZAPie1yedM1ZXR424V7a/MZCj6vgpGALIXCX0PTmHg
MOSVY/lX+k6bShCR14z0quour3EU/jTpOxioZm0SC5h2xXvi00c428cPVqqjEcJJ
BgcwvIuF3zKVIyqdDvDG9MMO4iJ/KVW/NcNHUfjtq3+g/K8gj8P+O9pbMCntSJ0/
K3Wi8Pdx5SLbzlFwYPIYf5Unv2KJrDjIAYIbHxUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTvzLAPzT4xHlMBPANJgrmOoTXpLzAfBgNVHSMEGDAWgBTxJGW9JG8iMRzp
sF7rSfe3kUsqCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhTUmx2U1J2SWpFYzZiQmU2MG4zdDVGTEtnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvOTZmYTY4LWYyYjEtNGFhZi1iNTBmLTkxZTI3YjljZmJhNi8x
Lzc4eXdEODAtTVI1VEFUd0RTWUs1anFFMTZTOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
OTZmYTY4LWYyYjEtNGFhZi1iNTBmLTkxZTI3YjljZmJhNi8xLzhTUmx2U1J2SWpF
YzZiQmU2MG4zdDVGTEtnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmN2DANBAIAAjAHAwUDKgcnADAN
BgkqhkiG9w0BAQsFAAOCAQEAIMj2OCEtBfibjqtY0Dg3dDQlsbVlfHqq/GhdK5Ul
P4odw/ZlInUlQFWhYllGxvsOF0ei11IcGhctf3VLzfm5uloEjgpvrlxbeB02Jt+D
sC3BUeERhVmdKyT70ssZIQnbAXb52DB2a71HJyKjAyfzhp28vm0vR+Y1YxzquJYo
e9GE6AwlyG6wCiHJrs7h3gUy3V+eAA2TkOjcsgoJaGSMsqPQ+9E+PStRcs8aCOBh
Su0kdY3KxpjbXuJhkedlTvQ5Z+kS/MooTerYO2OVh34Qx2+QsTkycBnPCcQSf87T
KP4WK1+JEV1cUCh1pXFIzX9UBaDSyRINln8Ee/apYrzzmA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:15 2025 by rpki-client