Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b49562-f157-4382-998e-8f934e71767c/1/v5ZId9BqenRt2gfr7-4LZQ1xaAg.roa
File: v5ZId9BqenRt2gfr7-4LZQ1xaAg.roa (raw, json)
Hash identifier: /siDf5LjPFiuaCN+f1Bd2vbQCLvnrB4gCH8KijbNllU=
Subject key identifier: BF:96:48:77:D0:6A:7A:74:6D:DA:07:EB:EF:EE:0B:65:0D:71:68:08
Certificate issuer: /CN=46947c5c3d4c2fc4c4a4a7428b622a7fef392e29
Certificate serial: 0188522F33135B9C01DABBC190569F39D0EE
Authority key identifier: 46:94:7C:5C:3D:4C:2F:C4:C4:A4:A7:42:8B:62:2A:7F:EF:39:2E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RpR8XD1ML8TEpKdCi2Iqf-85Lik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b49562-f157-4382-998e-8f934e71767c/1/v5ZId9BqenRt2gfr7-4LZQ1xaAg.roa
Signing time: Thu 25 May 2023 09:13:24 +0000
ROA not before: Thu 25 May 2023 09:13:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205499
IP address blocks: 185.135.116.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:2f:33:13:5b:9c:01:da:bb:c1:90:56:9f:39:d0:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46947c5c3d4c2fc4c4a4a7428b622a7fef392e29
Validity
Not Before: May 25 09:13:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf964877d06a7a746dda07ebefee0b650d716808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f3:bc:c0:eb:df:dd:b0:4b:4c:7d:c1:c7:e0:
56:79:ab:4b:54:6e:c6:ed:ef:8c:b3:3e:37:1c:82:
26:03:e4:6a:45:d1:af:29:43:d1:13:d8:98:50:e5:
2c:fe:79:2a:1f:5b:30:2f:9c:92:f2:98:82:60:fb:
1d:32:43:8b:eb:4b:12:ec:8e:b1:a5:e5:02:6e:a8:
32:58:c0:88:a7:2a:a3:b2:dc:dc:ea:7b:f0:6d:64:
0e:3c:58:01:2a:8d:21:dd:c4:a3:89:8b:a3:c4:94:
f0:08:72:46:ae:82:f9:de:05:cb:36:b9:1a:58:85:
c7:cd:91:88:71:38:fe:ba:6a:28:02:a9:b5:d8:ed:
a8:25:47:45:81:f8:a4:68:62:0e:23:7a:93:ed:3d:
a4:5c:53:fb:3c:bc:f0:de:0a:e1:30:ee:5c:a7:06:
eb:88:a1:ec:c6:1b:80:cc:83:35:89:59:c1:d6:f6:
7c:0c:76:7b:d6:3f:24:21:60:db:52:3d:73:c9:8b:
0c:c7:20:22:2a:4f:42:5f:a4:cf:16:3f:e3:20:69:
4a:21:40:22:e3:ab:e0:67:e8:69:63:72:b3:ed:2b:
e2:61:b9:b6:2b:6a:f0:fd:4b:69:20:61:d7:cb:a6:
fb:1d:8c:1c:a4:93:e8:4a:b0:c5:d1:37:74:13:ea:
fd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:96:48:77:D0:6A:7A:74:6D:DA:07:EB:EF:EE:0B:65:0D:71:68:08
X509v3 Authority Key Identifier:
keyid:46:94:7C:5C:3D:4C:2F:C4:C4:A4:A7:42:8B:62:2A:7F:EF:39:2E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RpR8XD1ML8TEpKdCi2Iqf-85Lik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b49562-f157-4382-998e-8f934e71767c/1/v5ZId9BqenRt2gfr7-4LZQ1xaAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b49562-f157-4382-998e-8f934e71767c/1/RpR8XD1ML8TEpKdCi2Iqf-85Lik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.116.0/22
Signature Algorithm: sha256WithRSAEncryption
32:6c:1a:88:95:79:62:23:52:e8:f5:1e:94:5c:82:c0:03:ad:
2d:c3:d9:ac:67:84:c0:3f:b3:ca:fa:03:b7:5c:bd:e5:76:ef:
9b:80:74:ab:02:2c:a1:02:e1:99:8b:d7:f5:32:68:e3:2f:ac:
89:9c:06:e3:9f:a5:f9:ff:78:9a:d8:00:fb:57:46:9a:50:5c:
a3:19:81:dc:dc:1f:a7:98:db:71:09:30:55:25:4a:b5:22:ce:
38:d2:b0:60:3b:0f:43:fc:9e:3c:61:d9:ad:ce:b6:75:16:0c:
b1:f7:91:21:1e:7a:16:2c:8f:17:01:5f:c3:5a:19:90:21:32:
96:9d:1e:5b:5c:11:24:55:09:d7:e9:3d:71:b1:a3:16:43:fc:
ae:93:cb:45:bd:db:28:3d:ad:2c:36:70:54:b2:13:77:ba:9c:
46:ed:86:b5:ea:05:8d:4a:a9:e8:0e:3c:b4:ff:1c:a2:94:3c:
b2:54:0c:64:c9:79:41:17:d4:38:ad:94:f8:c9:23:c6:b5:d9:
eb:0b:9b:ae:4e:df:df:0b:73:6d:a2:dc:75:17:a4:6e:da:39:
ea:76:9f:5e:f6:d5:3e:99:ba:86:69:00:fb:61:cf:d3:6a:83:
e0:00:76:ab:06:66:49:ed:b1:42:a4:b8:c0:d9:aa:62:59:1b:
a8:f4:77:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhSLzMTW5wB2rvBkFafOdDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OTQ3YzVjM2Q0YzJmYzRjNGE0YTc0MjhiNjIyYTdmZWYz
OTJlMjkwHhcNMjMwNTI1MDkxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjk2NDg3N2QwNmE3YTc0NmRkYTA3ZWJlZmVlMGI2NTBkNzE2ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvO8wOvf3bBLTH3Bx+BWeatLVG7G
7e+Msz43HIImA+RqRdGvKUPRE9iYUOUs/nkqH1swL5yS8piCYPsdMkOL60sS7I6x
peUCbqgyWMCIpyqjstzc6nvwbWQOPFgBKo0h3cSjiYujxJTwCHJGroL53gXLNrka
WIXHzZGIcTj+umooAqm12O2oJUdFgfikaGIOI3qT7T2kXFP7PLzw3grhMO5cpwbr
iKHsxhuAzIM1iVnB1vZ8DHZ71j8kIWDbUj1zyYsMxyAiKk9CX6TPFj/jIGlKIUAi
46vgZ+hpY3Kz7SviYbm2K2rw/UtpIGHXy6b7HYwcpJPoSrDF0Td0E+r9LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+WSHfQanp0bdoH6+/uC2UNcWgIMB8GA1UdIwQY
MBaAFEaUfFw9TC/ExKSnQotiKn/vOS4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnBSOFhEMU1MOFRFcEtkQ2kySXFmLTg1TGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iNDk1NjItZjE1Ny00MzgyLTk5OGUt
OGY5MzRlNzE3NjdjLzEvdjVaSWQ5QnFlblJ0MmdmcjctNExaUTF4YUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9iNDk1NjItZjE1Ny00MzgyLTk5OGUtOGY5MzRlNzE3Njdj
LzEvUnBSOFhEMU1MOFRFcEtkQ2kySXFmLTg1TGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYd0MA0G
CSqGSIb3DQEBCwUAA4IBAQAybBqIlXliI1Lo9R6UXILAA60tw9msZ4TAP7PK+gO3
XL3ldu+bgHSrAiyhAuGZi9f1MmjjL6yJnAbjn6X5/3ia2AD7V0aaUFyjGYHc3B+n
mNtxCTBVJUq1Is440rBgOw9D/J48YdmtzrZ1Fgyx95EhHnoWLI8XAV/DWhmQITKW
nR5bXBEkVQnX6T1xsaMWQ/yuk8tFvdsoPa0sNnBUshN3upxG7Ya16gWNSqnoDjy0
/xyilDyyVAxkyXlBF9Q4rZT4ySPGtdnrC5uuTt/fC3Ntotx1F6Ru2jnqdp9e9tU+
mbqGaQD7Yc/TaoPgAHarBmZJ7bFCpLjA2apiWRuo9HeN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:34 2025 by rpki-client