Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/VQsGww_PVjffC9OnPx2eqtCWdCE.roa
File: VQsGww_PVjffC9OnPx2eqtCWdCE.roa (raw, json)
Hash identifier: VMdihdDqrfdCMAJrMnxxnkCV8vJKZvt0GUDeQpGMygU=
Subject key identifier: 55:0B:06:C3:0F:CF:56:37:DF:0B:D3:A7:3F:1D:9E:AA:D0:96:74:21
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 0189401650BCC4C1AC6152EC476E3BFA2A2C
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/VQsGww_PVjffC9OnPx2eqtCWdCE.roa
Signing time: Mon 10 Jul 2023 13:55:51 +0000
ROA not before: Mon 10 Jul 2023 13:55:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62455
IP address blocks: 185.182.72.0/22 maxlen: 24
185.233.176.0/22 maxlen: 24
185.205.229.0/24 maxlen: 24
185.205.228.0/24 maxlen: 24
185.205.228.0/22 maxlen: 24
185.205.230.0/24 maxlen: 24
2a0b:bc0::/29 maxlen: 29
2a0a:e780::/29 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:16:50:bc:c4:c1:ac:61:52:ec:47:6e:3b:fa:2a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jul 10 13:55:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=550b06c30fcf5637df0bd3a73f1d9eaad0967421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:93:ab:e0:b4:e5:ce:c0:28:f5:b5:6c:01:
39:2f:82:27:4d:05:bd:64:b8:4c:88:7e:13:ba:fe:
00:36:c4:84:ab:52:48:b7:c1:e9:20:47:89:3d:ae:
8b:49:15:74:4e:31:bb:ca:05:14:f0:50:ba:8e:f4:
60:40:49:cb:6a:f6:50:6d:82:a2:a6:87:f4:bc:e8:
b0:4e:ed:18:60:9e:de:40:e8:4e:77:75:8f:91:a0:
12:3e:1c:69:8c:fa:99:30:ec:cf:58:24:33:73:09:
96:ef:10:b9:a2:7a:5d:1f:53:01:cd:3f:0e:c7:03:
17:dd:b1:23:da:ff:4b:82:47:ed:b5:26:7a:7c:b6:
3b:a2:39:1d:f9:3e:e2:b7:28:85:14:f5:b6:19:fc:
0d:c2:53:31:29:c9:72:59:a0:be:c1:28:82:80:7a:
c6:00:ba:0d:39:88:b3:d7:b7:4c:2f:81:ce:68:20:
66:81:33:3c:90:ef:18:29:36:58:34:55:0e:b9:68:
17:b7:b8:44:4e:d0:95:ce:90:19:80:f6:12:d4:47:
41:10:be:de:4f:de:30:16:25:90:f7:74:b8:c7:48:
16:76:08:30:b5:b3:29:92:39:88:1f:70:cd:27:c4:
a1:a7:ca:14:09:17:59:3a:40:ab:d7:37:8c:28:4b:
43:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:0B:06:C3:0F:CF:56:37:DF:0B:D3:A7:3F:1D:9E:AA:D0:96:74:21
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/VQsGww_PVjffC9OnPx2eqtCWdCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
IPv6:
2a0a:e780::/29
2a0b:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:55:20:e9:1b:65:5a:84:92:07:f0:f5:e6:3b:89:6a:70:44:
c0:12:5a:ea:54:77:45:3d:04:60:c4:f5:dd:87:77:b4:fc:95:
77:58:16:af:c7:09:19:fa:f7:53:7b:36:3b:83:c2:e5:76:f7:
ad:49:e8:57:c4:44:8c:dc:77:2f:2e:98:3c:5a:bd:f7:6b:88:
35:e9:3c:cd:ea:0b:f5:9f:c8:99:67:ae:0b:16:9b:34:2b:a8:
40:b0:c7:7c:33:33:2c:28:bf:00:8a:20:e0:c2:68:af:ee:93:
c9:89:6b:e1:7c:2c:5f:b7:b0:7c:d6:73:c1:19:62:61:28:ce:
30:26:70:c3:41:f3:0c:b6:1d:12:2e:15:68:ab:2e:ab:34:af:
b3:01:46:77:7c:87:2b:06:e1:14:ce:88:68:7c:20:78:ec:27:
6e:ab:88:4b:88:b7:8f:02:a5:0d:2b:72:25:5b:c9:2d:75:d9:
fe:76:a7:45:06:96:be:4c:ce:2d:71:a0:cf:e2:6b:af:53:d8:
79:a1:4c:09:a9:b6:54:a9:0d:b2:1b:0d:33:14:a0:e0:f9:64:
82:d0:27:d7:8e:28:c6:c0:b0:11:67:87:c2:ac:d2:31:92:77:
1f:b8:25:65:83:f0:ef:08:bd:7b:b6:04:92:12:b7:36:f6:c8:
fa:51:91:2c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYlAFlC8xMGsYVLsR247+iosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwNzEwMTM1NTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTBiMDZjMzBmY2Y1NjM3ZGYwYmQzYTczZjFkOWVhYWQwOTY3NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs2Tq+C05c7AKPW1bAE5L4InTQW9
ZLhMiH4Tuv4ANsSEq1JIt8HpIEeJPa6LSRV0TjG7ygUU8FC6jvRgQEnLavZQbYKi
pof0vOiwTu0YYJ7eQOhOd3WPkaASPhxpjPqZMOzPWCQzcwmW7xC5onpdH1MBzT8O
xwMX3bEj2v9LgkfttSZ6fLY7ojkd+T7ityiFFPW2GfwNwlMxKclyWaC+wSiCgHrG
ALoNOYiz17dML4HOaCBmgTM8kO8YKTZYNFUOuWgXt7hETtCVzpAZgPYS1EdBEL7e
T94wFiWQ93S4x0gWdggwtbMpkjmIH3DNJ8Shp8oUCRdZOkCr1zeMKEtD9wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFULBsMPz1Y33wvTpz8dnqrQlnQhMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvVlFzR3d3X1BWamZmQzlPblB4MmVxdENXZENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCubZIAwQC
uc3kAwQCuemwMBQEAgACMA4DBQMqCueAAwUDKgsLwDANBgkqhkiG9w0BAQsFAAOC
AQEASlUg6RtlWoSSB/D15juJanBEwBJa6lR3RT0EYMT13Yd3tPyVd1gWr8cJGfr3
U3s2O4PC5Xb3rUnoV8REjNx3Ly6YPFq992uINek8zeoL9Z/ImWeuCxabNCuoQLDH
fDMzLCi/AIog4MJor+6TyYlr4XwsX7ewfNZzwRliYSjOMCZww0HzDLYdEi4VaKsu
qzSvswFGd3yHKwbhFM6IaHwgeOwnbquIS4i3jwKlDStyJVvJLXXZ/nanRQaWvkzO
LXGgz+Jrr1PYeaFMCam2VKkNshsNMxSg4PlkgtAn144oxsCwEWeHwqzSMZJ3H7gl
ZYPw7wi9e7YEkhK3NvbI+lGRLA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:34 2025 by rpki-client