Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/rtd1OlF4kLN23jrNn0K4cYKJ-LE.roa
File: rtd1OlF4kLN23jrNn0K4cYKJ-LE.roa (raw, json)
Hash identifier: dOGaoyG8poqV5JWklMyPIq1AevfYWG7vxLgDvZXP9rM=
Subject key identifier: AE:D7:75:3A:51:78:90:B3:76:DE:3A:CD:9F:42:B8:71:82:89:F8:B1
Certificate issuer: /CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
Certificate serial: 0EA68FC7
Authority key identifier: 8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/rtd1OlF4kLN23jrNn0K4cYKJ-LE.roa
Signing time: Thu 02 Jun 2022 13:34:20 +0000
ROA not before: Thu 02 Jun 2022 13:34:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200651
IP address blocks: 185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
2a06:1700:2::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245796807 (0xea68fc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
Validity
Not Before: Jun 2 13:34:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aed7753a517890b376de3acd9f42b8718289f8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:97:35:be:6a:b4:3a:14:83:cf:2c:d1:fd:2a:
c0:be:e6:70:1a:0e:73:22:7b:ce:f8:de:a1:d5:47:
22:d7:b2:ea:7b:a2:5f:ba:c1:4b:7c:fa:dc:6d:e8:
de:b7:ed:4b:e7:ab:09:51:49:e3:e3:55:65:39:3e:
1d:f9:46:97:40:46:39:9b:bf:b6:d7:4f:92:5a:12:
5b:35:89:fc:db:a1:79:10:dc:21:44:87:e5:83:83:
47:ae:e5:a2:cc:a4:93:0d:9c:fd:5f:6e:99:40:04:
f3:5c:6b:b8:88:50:0e:03:78:ac:d8:44:67:10:09:
cd:e7:f4:ce:43:c5:b0:6f:3a:7f:f8:f4:69:0a:91:
b2:79:57:9c:7f:3c:1e:24:3b:a0:45:d5:19:b0:19:
24:cb:e2:32:8e:e3:e7:da:10:21:1d:a4:fc:46:44:
3c:1e:18:7d:3d:a2:db:26:26:5a:f9:a7:80:01:7b:
fe:52:f6:37:fe:10:d1:23:31:b0:df:7d:14:8e:98:
9a:9c:3a:7b:6a:78:e0:26:a1:08:b8:ec:db:2c:f4:
0b:89:00:15:1c:f6:1f:45:65:84:4e:20:9c:12:ef:
6c:76:6c:83:75:d0:69:ee:c8:5b:d9:7a:30:46:c4:
58:d5:d1:f0:a7:2c:05:52:0a:85:b8:4c:2b:cc:5c:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D7:75:3A:51:78:90:B3:76:DE:3A:CD:9F:42:B8:71:82:89:F8:B1
X509v3 Authority Key Identifier:
keyid:8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/rtd1OlF4kLN23jrNn0K4cYKJ-LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.170.0/23
185.247.225.0-185.247.226.255
IPv6:
2a06:1700:2::/48
Signature Algorithm: sha256WithRSAEncryption
ba:02:5f:37:12:da:ef:49:14:91:c6:88:30:53:c3:fb:5b:7a:
a9:61:8e:b8:04:d0:00:a5:e4:06:3c:17:f2:15:ca:47:08:fb:
db:d8:12:69:18:fd:34:64:bd:50:04:6b:80:1f:c7:76:d6:42:
27:01:fa:24:35:60:8b:3b:ab:ec:79:57:22:68:6c:0b:17:29:
0c:b1:4b:50:6a:b3:99:36:f1:78:fe:69:02:d8:e6:f6:fc:0e:
df:24:04:c3:eb:ce:dd:a3:b5:85:8e:87:60:1c:cb:59:5c:ce:
2a:1b:f1:61:10:8e:58:4a:cb:27:98:d9:a3:68:7d:19:db:fa:
bf:36:87:2a:da:5a:4a:5b:79:9b:b8:fa:cd:5e:67:81:8b:04:
39:9f:65:e7:21:b7:ca:77:68:f5:1b:1d:e2:e7:f4:a3:d1:59:
c6:cf:64:99:9b:33:ae:bf:1e:9e:b2:d7:22:d3:a1:cf:e5:0d:
43:1f:6f:97:1a:0e:de:57:a9:7e:37:04:f1:fe:e9:da:f6:ae:
53:ef:08:04:f5:59:85:17:26:d6:80:70:66:dc:a5:e6:c9:a2:
b8:a6:76:af:05:7a:3b:5d:95:f8:fd:b0:cd:43:f1:2d:bf:aa:
95:d5:77:f4:b2:23:d4:28:95:1a:d7:ea:fe:9e:44:9c:40:c5:
be:ac:3b:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEDqaPxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YzNjY2Y5M2Y3YzgwN2RkZTA0MjBhZDU0ODZhZTI5ZWI1ZGM3NWY5MB4XDTIyMDYw
MjEzMzQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVkNzc1M2E1MTc4
OTBiMzc2ZGUzYWNkOWY0MmI4NzE4Mjg5ZjhiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2XNb5qtDoUg88s0f0qwL7mcBoOcyJ7zvjeodVHItey6nui
X7rBS3z63G3o3rftS+erCVFJ4+NVZTk+HflGl0BGOZu/ttdPkloSWzWJ/NuheRDc
IUSH5YODR67losykkw2c/V9umUAE81xruIhQDgN4rNhEZxAJzef0zkPFsG86f/j0
aQqRsnlXnH88HiQ7oEXVGbAZJMviMo7j59oQIR2k/EZEPB4YfT2i2yYmWvmngAF7
/lL2N/4Q0SMxsN99FI6Ympw6e2p44CahCLjs2yz0C4kAFRz2H0VlhE4gnBLvbHZs
g3XQae7IW9l6MEbEWNXR8KcsBVIKhbhMK8xcEksCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBSu13U6UXiQs3beOs2fQrhxgon4sTAfBgNVHSMEGDAWgBSMPM+T98gH3eBC
CtVIauKetdx1+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pEelBrX2ZJQjkzZ1FnclZTR3JpbnJYY2Rmay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvMTgzNGFjLTIwMzAtNDQxZi04MmUyLTY4MWRiZmY4NTE1ZS8x
L3J0ZDFPbEY0a0xOMjNqck5uMEs0Y1lLSi1MRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
MTgzNGFjLTIwMzAtNDQxZi04MmUyLTY4MWRiZmY4NTE1ZS8xL2pEelBrX2ZJQjkz
Z1FnclZTR3JpbnJYY2Rmay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFAMEAbmlqjAMAwQAuffhAwQAuffiMA8E
AgACMAkDBwAqBhcAAAIwDQYJKoZIhvcNAQELBQADggEBALoCXzcS2u9JFJHGiDBT
w/tbeqlhjrgE0ACl5AY8F/IVykcI+9vYEmkY/TRkvVAEa4Afx3bWQicB+iQ1YIs7
q+x5VyJobAsXKQyxS1Bqs5k28Xj+aQLY5vb8Dt8kBMPrzt2jtYWOh2Acy1lcziob
8WEQjlhKyyeY2aNofRnb+r82hyraWkpbeZu4+s1eZ4GLBDmfZecht8p3aPUbHeLn
9KPRWcbPZJmbM66/Hp6y1yLToc/lDUMfb5caDt5XqX43BPH+6dr2rlPvCAT1WYUX
JtaAcGbcpebJorimdq8Fejtdlfj9sM1D8S2/qpXVd/SyI9QolRrX6v6eRJxAxb6s
O3g=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:52:08 2025 by rpki-client