Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/23d_-C6ZdRXdw4kXjOwAQlyUSsM.roa
File: 23d_-C6ZdRXdw4kXjOwAQlyUSsM.roa (raw, json)
Hash identifier: PVlBMDq5hLTFsS39tV7qUY436wPmhB94hipC9hR2/WQ=
Subject key identifier: DB:77:7F:F8:2E:99:75:15:DD:C3:89:17:8C:EC:00:42:5C:94:4A:C3
Certificate issuer: /CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Certificate serial: 019424B3F9D0AA47ECACD3373EFE2036F892
Authority key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/23d_-C6ZdRXdw4kXjOwAQlyUSsM.roa
Signing time: Thu 02 Jan 2025 01:49:22 +0000
ROA not before: Thu 02 Jan 2025 01:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204791
IP address blocks: 185.135.182.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f9:d0:aa:47:ec:ac:d3:37:3e:fe:20:36:f8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Validity
Not Before: Jan 2 01:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db777ff82e997515ddc389178cec00425c944ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:19:0c:db:2c:c3:19:cc:7e:0d:3c:b4:4a:6c:
1b:27:02:d8:a3:21:4d:7d:4f:d2:4f:76:d8:11:91:
e6:1c:ac:e6:d6:2c:a9:15:60:c8:12:35:30:21:2d:
5d:bb:03:11:b2:87:30:c4:f1:f9:28:67:90:b7:24:
41:49:78:6b:7a:89:5e:93:73:0b:84:66:09:2c:25:
04:bc:23:09:da:7d:09:ea:51:57:f4:7b:a0:0e:92:
79:44:a8:1a:7d:fc:d6:2e:e7:60:47:7d:94:9a:b6:
ac:25:08:c5:5a:a4:ae:d2:ae:08:cd:66:6b:89:61:
84:f3:5b:66:78:f9:e6:65:66:00:85:6b:8d:c5:71:
7a:cb:09:ce:69:e4:c7:b7:25:ae:d4:21:5f:85:f4:
7e:35:d0:ac:c3:e4:d5:b5:85:22:c4:8c:aa:1f:6d:
f0:e6:a3:c8:14:21:02:64:03:28:0a:b9:e4:fa:58:
c0:20:e5:77:5f:e7:97:a4:91:00:0f:ff:fa:3f:9d:
d1:b2:f7:0d:4e:3b:33:5d:c5:e9:f6:61:89:d1:c4:
ce:93:e4:59:b3:c2:93:a6:fc:c6:25:50:70:1a:8b:
fd:ca:e5:20:17:f5:82:9e:9e:fe:a8:2f:a0:72:f4:
e4:83:9a:a9:9d:f9:1b:b8:92:b1:ca:b0:1d:ea:e9:
05:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:77:7F:F8:2E:99:75:15:DD:C3:89:17:8C:EC:00:42:5C:94:4A:C3
X509v3 Authority Key Identifier:
keyid:85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/23d_-C6ZdRXdw4kXjOwAQlyUSsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.182.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:eb:5d:92:16:49:dd:7f:80:3a:8e:82:04:5b:9b:3e:f8:32:
64:2c:c2:f3:17:93:e1:93:26:9e:44:d6:27:1c:dd:1e:e3:60:
23:2a:1e:96:7d:96:05:3a:8f:f9:80:0d:9c:7b:99:73:64:f7:
c5:8c:7a:86:61:3c:4b:ad:a7:b8:32:28:d4:11:2f:72:54:87:
8d:32:c9:a2:84:29:08:cb:28:5b:ec:1b:14:01:8e:2e:c8:d9:
ea:d1:44:bb:d3:c3:9b:71:b2:52:94:0e:a8:3a:08:f9:63:6d:
d0:04:b3:9e:a2:88:b9:af:9e:27:18:df:45:07:72:a6:03:77:
f3:90:6e:fd:a1:2a:a2:3f:7e:5d:dc:8b:05:c7:dc:4f:6a:3d:
32:cf:f4:6d:ff:56:0f:d3:c8:43:24:69:31:02:3b:9a:24:3f:
73:4e:19:ba:b8:13:18:71:d5:5e:ca:67:a9:a2:87:ad:76:f1:
38:b8:2e:58:1a:7a:a8:ad:76:ec:f2:be:80:20:07:30:b5:9d:
26:c3:91:9c:78:44:46:e1:af:b5:75:c9:ea:b6:1f:aa:3c:14:
47:46:aa:3c:40:d7:95:bf:9f:cf:08:37:7b:af:8a:12:92:cb:
87:90:de:c5:68:c1:c0:58:f2:96:3d:fc:ad:28:d3:46:5b:64:
bd:93:7b:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks/nQqkfsrNM3Pv4gNviSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MmVjZTljOWEzMjRkNDVjMzVmOTU1OWYzMjlkODg2OWRh
YjUzYmEwHhcNMjUwMTAyMDE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc3N2ZmODJlOTk3NTE1ZGRjMzg5MTc4Y2VjMDA0MjVjOTQ0YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRkM2yzDGcx+DTy0SmwbJwLYoyFN
fU/ST3bYEZHmHKzm1iypFWDIEjUwIS1duwMRsocwxPH5KGeQtyRBSXhreolek3ML
hGYJLCUEvCMJ2n0J6lFX9HugDpJ5RKgaffzWLudgR32UmrasJQjFWqSu0q4IzWZr
iWGE81tmePnmZWYAhWuNxXF6ywnOaeTHtyWu1CFfhfR+NdCsw+TVtYUixIyqH23w
5qPIFCECZAMoCrnk+ljAIOV3X+eXpJEAD//6P53RsvcNTjszXcXp9mGJ0cTOk+RZ
s8KTpvzGJVBwGov9yuUgF/WCnp7+qC+gcvTkg5qpnfkbuJKxyrAd6ukFSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNt3f/gumXUV3cOJF4zsAEJclErDMB8GA1UdIwQY
MBaAFIUuzpyaMk1Fw1+VWfMp2Iadq1O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYt
ZWIyNDExZDIxMmFiLzEvMjNkXy1DNlpkUlhkdzRrWGpPd0FRbHlVU3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYtZWIyNDExZDIxMmFi
LzEvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYe2MA0G
CSqGSIb3DQEBCwUAA4IBAQBO612SFkndf4A6joIEW5s++DJkLMLzF5PhkyaeRNYn
HN0e42AjKh6WfZYFOo/5gA2ce5lzZPfFjHqGYTxLrae4MijUES9yVIeNMsmihCkI
yyhb7BsUAY4uyNnq0US708ObcbJSlA6oOgj5Y23QBLOeooi5r54nGN9FB3KmA3fz
kG79oSqiP35d3IsFx9xPaj0yz/Rt/1YP08hDJGkxAjuaJD9zThm6uBMYcdVeymep
ooetdvE4uC5YGnqorXbs8r6AIAcwtZ0mw5GceERG4a+1dcnqth+qPBRHRqo8QNeV
v5/PCDd7r4oSksuHkN7FaMHAWPKWPfytKNNGW2S9k3sC
-----END CERTIFICATE-----
Generated at Mon Apr 28 05:20:59 2025 by rpki-client