Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/8suiJ3ECNSuLRkv_sYUBSUg5Fxo.roa
File: 8suiJ3ECNSuLRkv_sYUBSUg5Fxo.roa (raw, json)
Hash identifier: /H1QDkjpBIoTGjEtLjY6c78HchxAZwGkVyBgJiEuHx0=
Subject key identifier: F2:CB:A2:27:71:02:35:2B:8B:46:4B:FF:B1:85:01:49:48:39:17:1A
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 0190B858EF60184D09FFCDEFBF87337B1E64
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/8suiJ3ECNSuLRkv_sYUBSUg5Fxo.roa
Signing time: Mon 15 Jul 2024 21:42:34 +0000
ROA not before: Mon 15 Jul 2024 21:42:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209371
IP address blocks: 185.161.65.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b8:58:ef:60:18:4d:09:ff:cd:ef:bf:87:33:7b:1e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Jul 15 21:42:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2cba2277102352b8b464bffb18501494839171a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c7:f0:59:7b:e8:67:0c:98:c4:ed:99:fa:50:
6d:f4:d2:fb:dd:6d:fc:17:0d:1e:d1:fb:25:56:4c:
8b:60:98:b6:5d:e7:42:65:da:ca:97:2c:bb:73:7b:
ea:60:36:cc:75:bb:9d:16:ef:23:1c:7a:b0:c0:26:
5d:fc:82:3c:c8:e1:d9:1c:dd:5d:63:18:07:3a:a2:
a6:0f:e6:61:d2:af:c6:5c:3d:72:29:b8:b7:7d:87:
39:be:87:f8:56:7a:84:46:85:3c:1f:66:47:35:34:
29:9a:20:2d:f8:8a:40:d1:75:05:c9:66:16:47:e3:
8f:4e:7f:5d:d5:85:11:41:40:0c:0b:af:de:0f:59:
34:12:e8:b5:1a:78:d5:2c:ef:4e:10:2b:0d:c6:6b:
df:b6:98:f9:34:8d:c4:74:90:a4:5e:27:2c:6c:70:
9b:f8:83:37:0d:8e:c9:b7:2e:8c:ae:34:c1:a7:d8:
49:7e:54:dd:20:05:69:65:a0:12:3c:41:e0:86:27:
1d:92:3b:9a:6a:f8:6d:80:a3:ff:fe:a4:ae:3b:28:
6d:da:c4:72:d0:86:12:e0:08:1f:d1:93:24:6b:8c:
00:cc:73:e8:d2:d5:b5:aa:81:c1:65:58:19:69:65:
ea:1c:75:9f:c8:42:8c:7d:13:9e:a7:51:fb:e7:65:
c4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CB:A2:27:71:02:35:2B:8B:46:4B:FF:B1:85:01:49:48:39:17:1A
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/8suiJ3ECNSuLRkv_sYUBSUg5Fxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.65.0/24
Signature Algorithm: sha256WithRSAEncryption
26:3a:3c:57:41:60:02:d7:f2:05:94:6d:5b:ca:a1:13:d4:48:
31:19:5b:b7:40:95:24:32:e4:72:78:50:99:53:4b:1b:95:80:
30:67:ec:41:c1:97:46:c1:04:8f:d3:f8:ce:0c:84:15:54:1e:
10:58:77:cd:bd:82:24:89:34:f6:2a:3d:0e:76:89:dc:36:49:
18:6c:46:71:53:f6:28:54:06:98:ba:3a:ce:8b:89:82:40:d0:
7f:33:49:aa:4a:98:0a:2b:62:83:b6:8a:08:65:3d:16:9d:3b:
ab:34:2c:ab:5f:f1:ff:5a:3f:cd:44:33:e3:ef:ec:23:d3:a9:
40:01:ec:d6:ab:2a:40:6d:76:62:dc:75:cd:11:33:03:73:b2:
6b:f6:0e:2c:09:c5:a9:46:e5:e1:51:cb:a4:30:cf:21:11:0e:
d3:45:7e:b1:6d:3b:60:35:00:24:bd:37:db:13:e3:75:e4:16:
be:27:15:ea:5d:4d:8f:43:a7:8a:01:63:40:43:11:7b:7c:ff:
21:71:18:b0:c2:9f:81:98:59:c0:8e:e1:79:97:4e:ac:75:6c:
65:3b:71:7b:7e:7c:9a:c6:31:90:ab:2b:ec:ae:68:4b:31:65:
b2:50:a1:bb:b3:90:72:ac:a0:0a:34:66:d7:59:39:59:27:7c:
46:87:01:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC4WO9gGE0J/83vv4czex5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMGMzY2YzZGM1M2NhNTQ5YzAzZTRmNWY0NmQ5MWNlOTBi
OGUwNzAwHhcNMjQwNzE1MjE0MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmNiYTIyNzcxMDIzNTJiOGI0NjRiZmZiMTg1MDE0OTQ4MzkxNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cfwWXvoZwyYxO2Z+lBt9NL73W38
Fw0e0fslVkyLYJi2XedCZdrKlyy7c3vqYDbMdbudFu8jHHqwwCZd/II8yOHZHN1d
YxgHOqKmD+Zh0q/GXD1yKbi3fYc5vof4VnqERoU8H2ZHNTQpmiAt+IpA0XUFyWYW
R+OPTn9d1YURQUAMC6/eD1k0Eui1GnjVLO9OECsNxmvftpj5NI3EdJCkXicsbHCb
+IM3DY7Jty6MrjTBp9hJflTdIAVpZaASPEHghicdkjuaavhtgKP//qSuOyht2sRy
0IYS4Agf0ZMka4wAzHPo0tW1qoHBZVgZaWXqHHWfyEKMfROep1H752XESwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPLLoidxAjUri0ZL/7GFAUlIORcaMB8GA1UdIwQY
MBaAFLEMPPPcU8pUnAPk9fRtkc6QuOBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMt
MzZmODJiZDM3OWJkLzEvOHN1aUozRUNOU3VMUmt2X3NZVUJTVWc1RnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMtMzZmODJiZDM3OWJk
LzEvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaFBMA0G
CSqGSIb3DQEBCwUAA4IBAQAmOjxXQWAC1/IFlG1byqET1EgxGVu3QJUkMuRyeFCZ
U0sblYAwZ+xBwZdGwQSP0/jODIQVVB4QWHfNvYIkiTT2Kj0OdoncNkkYbEZxU/Yo
VAaYujrOi4mCQNB/M0mqSpgKK2KDtooIZT0WnTurNCyrX/H/Wj/NRDPj7+wj06lA
AezWqypAbXZi3HXNETMDc7Jr9g4sCcWpRuXhUcukMM8hEQ7TRX6xbTtgNQAkvTfb
E+N15Ba+JxXqXU2PQ6eKAWNAQxF7fP8hcRiwwp+BmFnAjuF5l06sdWxlO3F7fnya
xjGQqyvsrmhLMWWyUKG7s5ByrKAKNGbXWTlZJ3xGhwFG
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:07:45 2025 by rpki-client