Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/9ZuUgGCn-h0jb2p3xd3icajkjyI.roa
File: 9ZuUgGCn-h0jb2p3xd3icajkjyI.roa (raw, json)
Hash identifier: r+7/vK2mmIVAPZhPTEPSCpb6ISMfKqnqWCkKdY+QpT4=
Subject key identifier: F5:9B:94:80:60:A7:FA:1D:23:6F:6A:77:C5:DD:E2:71:A8:E4:8F:22
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 078B04ED
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/9ZuUgGCn-h0jb2p3xd3icajkjyI.roa
Signing time: Sat 01 Jan 2022 15:00:24 +0000
ROA not before: Sat 01 Jan 2022 15:00:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210928
IP address blocks: 185.161.66.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126551277 (0x78b04ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Jan 1 15:00:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f59b948060a7fa1d236f6a77c5dde271a8e48f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:43:c4:53:74:22:15:a9:43:57:56:03:2f:af:
33:21:b2:94:a3:8b:77:b8:52:94:db:ff:8b:5f:08:
1a:4f:bb:39:9e:ff:02:40:2a:e0:24:3d:36:9d:52:
09:31:4d:2d:3c:a7:fa:75:42:8b:de:f5:99:73:86:
bd:cc:96:a1:bd:7b:97:b6:6c:e1:34:cc:17:05:3b:
30:13:f3:b7:20:7d:1c:d7:1a:ef:74:00:9c:eb:5b:
79:52:c9:86:a6:42:ab:71:f2:7f:6d:f5:39:f6:db:
f8:de:51:9a:a2:a7:dd:bd:c7:24:68:71:9f:1a:ee:
ae:d9:ae:d2:27:6d:0e:1a:a4:99:48:fd:26:7d:99:
27:96:0c:ce:82:dd:20:b9:c9:54:3a:11:f8:49:4f:
6c:25:1f:b6:50:ba:29:0e:0d:96:ef:f5:e9:03:22:
e9:30:4a:59:3a:47:01:de:bb:15:f6:0e:cd:82:a8:
74:64:d0:62:67:8a:37:b4:66:14:c8:f3:db:74:81:
e6:18:5e:d7:c3:d5:23:5b:ba:53:44:09:96:6f:8e:
12:15:f0:19:09:ba:91:fd:c2:42:bb:fb:f7:05:3f:
2f:78:e7:69:04:e1:c0:c0:2f:a6:cd:f5:6b:16:d1:
d4:6c:94:0a:35:c2:ed:12:4d:56:e5:06:51:52:33:
6f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9B:94:80:60:A7:FA:1D:23:6F:6A:77:C5:DD:E2:71:A8:E4:8F:22
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/9ZuUgGCn-h0jb2p3xd3icajkjyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.66.0/24
Signature Algorithm: sha256WithRSAEncryption
09:93:24:4e:34:83:10:cd:13:2a:58:ea:5d:1d:71:dd:38:7a:
5a:80:de:93:e4:e6:1c:19:d1:98:21:1d:f1:90:87:2f:12:c4:
4f:96:b6:0d:f3:c0:22:8d:e3:85:90:46:3d:f3:98:c1:1d:bb:
83:03:a1:f0:f9:6e:f6:cc:83:c6:73:7f:37:11:22:a7:25:f1:
57:76:fe:21:68:0e:76:38:43:c3:de:08:53:64:d1:ed:14:f3:
41:72:d8:84:11:e3:51:ee:cc:ee:d1:31:53:3e:5e:55:5b:68:
70:aa:14:fb:84:79:ed:fc:22:ec:28:5e:9d:14:40:85:cb:ae:
1a:5d:b6:45:8e:e7:b9:b7:c9:39:2d:d3:89:98:54:4d:de:d3:
ce:03:24:e7:32:02:58:50:3c:e6:a4:57:de:3a:b7:94:51:4f:
46:ec:99:bf:e5:06:35:50:12:79:3e:73:2b:82:d8:53:24:3d:
ce:ea:5d:37:11:ee:0f:d5:74:5b:09:dd:8c:f9:4e:af:1b:ab:
10:f7:50:a2:42:49:21:7d:41:03:d0:b5:b3:bc:da:39:97:4f:
7f:11:cc:7e:cb:4f:5b:2e:71:7f:1d:aa:2d:a8:4d:81:8d:2f:
7d:ac:b0:7b:ca:f7:58:ef:ae:8f:79:4d:6f:5b:fc:b8:ce:86:
d0:9f:5c:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB4sE7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTBjM2NmM2RjNTNjYTU0OWMwM2U0ZjVmNDZkOTFjZTkwYjhlMDcwMB4XDTIyMDEw
MTE1MDAyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU5Yjk0ODA2MGE3
ZmExZDIzNmY2YTc3YzVkZGUyNzFhOGU0OGYyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRDxFN0IhWpQ1dWAy+vMyGylKOLd7hSlNv/i18IGk+7OZ7/
AkAq4CQ9Np1SCTFNLTyn+nVCi971mXOGvcyWob17l7Zs4TTMFwU7MBPztyB9HNca
73QAnOtbeVLJhqZCq3Hyf231Ofbb+N5RmqKn3b3HJGhxnxrurtmu0idtDhqkmUj9
Jn2ZJ5YMzoLdILnJVDoR+ElPbCUftlC6KQ4Nlu/16QMi6TBKWTpHAd67FfYOzYKo
dGTQYmeKN7RmFMjz23SB5hhe18PVI1u6U0QJlm+OEhXwGQm6kf3CQrv79wU/L3jn
aQThwMAvps31axbR1GyUCjXC7RJNVuUGUVIzb5MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1m5SAYKf6HSNvanfF3eJxqOSPIjAfBgNVHSMEGDAWgBSxDDzz3FPKVJwD
5PX0bZHOkLjgcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NRdzg4OXhUeWxTY0EtVDE5RzJSenBDNDRIQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvMjVjZGI0LWU1MDgtNGIzNy04MWJjLTM2ZjgyYmQzNzliZC8x
LzladVVnR0NuLWgwamIycDN4ZDNpY2Fqa2p5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
MjVjZGI0LWU1MDgtNGIzNy04MWJjLTM2ZjgyYmQzNzliZC8xL3NRdzg4OXhUeWxT
Y0EtVDE5RzJSenBDNDRIQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmhQjANBgkqhkiG9w0BAQsFAAOC
AQEACZMkTjSDEM0TKljqXR1x3Th6WoDek+TmHBnRmCEd8ZCHLxLET5a2DfPAIo3j
hZBGPfOYwR27gwOh8Plu9syDxnN/NxEipyXxV3b+IWgOdjhDw94IU2TR7RTzQXLY
hBHjUe7M7tExUz5eVVtocKoU+4R57fwi7ChenRRAhcuuGl22RY7nubfJOS3TiZhU
Td7TzgMk5zICWFA85qRX3jq3lFFPRuyZv+UGNVASeT5zK4LYUyQ9zupdNxHuD9V0
WwndjPlOrxurEPdQokJJIX1BA9C1s7zaOZdPfxHMfstPWy5xfx2qLahNgY0vfayw
e8r3WO+uj3lNb1v8uM6G0J9cog==
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:26:01 2025 by rpki-client