Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/wJ30J7OdHJdgl8TUSzzxMhqlEsc.roa
File: wJ30J7OdHJdgl8TUSzzxMhqlEsc.roa (raw, json)
Hash identifier: 3cYs1o22kom+t4PdJktAGs+fcNlTTXJhci8Q3dW5wMo=
Subject key identifier: C0:9D:F4:27:B3:9D:1C:97:60:97:C4:D4:4B:3C:F1:32:1A:A5:12:C7
Certificate issuer: /CN=fc55e0533efaa5624f538b92ed1a973feff89751
Certificate serial: 03BACA84
Authority key identifier: FC:55:E0:53:3E:FA:A5:62:4F:53:8B:92:ED:1A:97:3F:EF:F8:97:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FXgUz76pWJPU4uS7RqXP-_4l1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/wJ30J7OdHJdgl8TUSzzxMhqlEsc.roa
Signing time: Mon 04 Jul 2022 06:20:25 +0000
ROA not before: Mon 04 Jul 2022 06:20:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39144
IP address blocks: 185.132.188.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62573188 (0x3baca84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc55e0533efaa5624f538b92ed1a973feff89751
Validity
Not Before: Jul 4 06:20:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c09df427b39d1c976097c4d44b3cf1321aa512c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:72:93:c4:e9:7f:14:16:63:32:ce:8d:65:60:
af:08:08:d5:93:62:73:ce:df:06:ed:90:93:34:50:
8f:a5:02:40:8a:e7:2d:4d:1e:2b:32:b0:e5:6d:4e:
77:7e:b3:80:3d:88:52:4f:04:d1:03:6d:6a:55:a5:
f8:e8:96:d7:18:56:ca:68:3e:53:d6:ca:4b:83:14:
11:d8:3d:3b:75:68:a8:5c:e1:7e:f5:c8:96:a2:9b:
8c:7c:ee:8f:42:2e:6d:87:27:01:9b:36:93:2e:5f:
b8:dc:a7:d7:07:44:c7:cf:af:23:e8:3d:9d:19:31:
1f:da:84:4f:0d:e0:d3:ed:8c:ac:c1:5d:70:1d:83:
06:f6:9a:63:df:f7:50:91:62:51:c7:41:33:0c:da:
b8:4d:1f:70:a1:2f:d5:92:38:6b:95:a7:f9:bf:66:
d5:96:b6:37:6c:d7:00:9b:ec:ed:f6:cc:bb:6f:44:
fd:9a:75:10:d5:bd:a0:a6:44:39:1b:4e:14:61:9d:
4f:95:56:4e:83:9f:13:d6:8c:c0:bc:0f:8b:13:f4:
61:d6:31:76:4f:be:27:59:76:41:a6:94:94:d7:84:
10:d4:39:e2:85:1a:a4:fe:7c:05:d4:7f:db:6e:af:
3f:6c:28:82:fb:81:3f:1e:0f:4d:9b:34:5d:d1:03:
2b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9D:F4:27:B3:9D:1C:97:60:97:C4:D4:4B:3C:F1:32:1A:A5:12:C7
X509v3 Authority Key Identifier:
keyid:FC:55:E0:53:3E:FA:A5:62:4F:53:8B:92:ED:1A:97:3F:EF:F8:97:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FXgUz76pWJPU4uS7RqXP-_4l1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/wJ30J7OdHJdgl8TUSzzxMhqlEsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/_FXgUz76pWJPU4uS7RqXP-_4l1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:fa:c1:76:ae:5c:c2:b3:fa:5f:34:3a:3f:2a:2c:91:fc:69:
bd:23:b4:a2:41:7e:8c:08:8f:1b:a1:08:01:1a:fc:af:3c:89:
99:06:a0:e9:a5:80:f0:2f:e6:ae:5d:aa:70:66:d8:61:f5:cd:
b8:74:87:8e:0a:60:fb:67:b1:e0:84:9f:b0:5d:33:47:93:59:
c4:41:8e:00:d0:8e:2c:01:8d:0d:31:61:be:7e:55:66:ee:40:
91:8e:e2:29:7f:63:3f:86:bc:e5:05:f7:8f:01:24:ae:67:29:
4c:bd:01:76:61:02:08:93:d0:83:a1:ec:96:e4:81:b0:3e:28:
0c:78:69:51:29:dc:58:33:3c:b3:30:81:fa:a8:b1:de:d5:8a:
89:94:d8:34:37:39:5f:42:80:76:05:a8:44:f6:c1:12:3c:5f:
2f:25:73:c9:a6:7a:da:ad:86:a2:4d:ca:4d:0c:d4:f2:d6:68:
7e:38:a3:55:94:fc:02:c2:c4:3c:50:df:4b:c4:cc:ef:0f:52:
1b:0b:35:0d:2b:1f:08:21:e8:a9:df:8c:86:44:fb:76:25:78:
e5:56:d5:12:a4:3e:8d:f6:47:8f:0b:7d:fd:3d:dd:19:7f:36:
78:bc:33:70:ed:28:d0:1b:6c:be:26:15:9d:e5:b9:e2:1a:8f:
23:5c:32:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7rKhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzU1ZTA1MzNlZmFhNTYyNGY1MzhiOTJlZDFhOTczZmVmZjg5NzUxMB4XDTIyMDcw
NDA2MjAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzA5ZGY0MjdiMzlk
MWM5NzYwOTdjNGQ0NGIzY2YxMzIxYWE1MTJjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIpyk8TpfxQWYzLOjWVgrwgI1ZNic87fBu2QkzRQj6UCQIrn
LU0eKzKw5W1Od36zgD2IUk8E0QNtalWl+OiW1xhWymg+U9bKS4MUEdg9O3VoqFzh
fvXIlqKbjHzuj0IubYcnAZs2ky5fuNyn1wdEx8+vI+g9nRkxH9qETw3g0+2MrMFd
cB2DBvaaY9/3UJFiUcdBMwzauE0fcKEv1ZI4a5Wn+b9m1Za2N2zXAJvs7fbMu29E
/Zp1ENW9oKZEORtOFGGdT5VWToOfE9aMwLwPixP0YdYxdk++J1l2QaaUlNeEENQ5
4oUapP58BdR/226vP2wogvuBPx4PTZs0XdEDK5kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTAnfQns50cl2CXxNRLPPEyGqUSxzAfBgNVHSMEGDAWgBT8VeBTPvqlYk9T
i5LtGpc/7/iXUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19GWGdVejc2cFdKUFU0dVM3UnFYUC1fNGwxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvNWU3NTNkLWMzM2QtNDdhMy04ZTgyLWE1Mjg2MmI0NDU2My8x
L3dKMzBKN09kSEpkZ2w4VFVTenp4TWhxbEVzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
NWU3NTNkLWMzM2QtNDdhMy04ZTgyLWE1Mjg2MmI0NDU2My8xL19GWGdVejc2cFdK
UFU0dVM3UnFYUC1fNGwxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmEvDANBgkqhkiG9w0BAQsFAAOC
AQEAavrBdq5cwrP6XzQ6PyoskfxpvSO0okF+jAiPG6EIARr8rzyJmQag6aWA8C/m
rl2qcGbYYfXNuHSHjgpg+2ex4ISfsF0zR5NZxEGOANCOLAGNDTFhvn5VZu5AkY7i
KX9jP4a85QX3jwEkrmcpTL0BdmECCJPQg6HsluSBsD4oDHhpUSncWDM8szCB+qix
3tWKiZTYNDc5X0KAdgWoRPbBEjxfLyVzyaZ62q2Gok3KTQzU8tZofjijVZT8AsLE
PFDfS8TM7w9SGws1DSsfCCHoqd+MhkT7diV45VbVEqQ+jfZHjwt9/T3dGX82eLwz
cO0o0BtsviYVneW54hqPI1wylA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:31:46 2025 by rpki-client