Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5MGvcCEQprFwknxb_pG0V-NvYa0.roa
File: 5MGvcCEQprFwknxb_pG0V-NvYa0.roa (raw, json)
Hash identifier: ZprJRxJ2jwfvXYae1djlc22s7W5ozgYZCF1rBjvKq04=
Subject key identifier: E4:C1:AF:70:21:10:A6:B1:70:92:7C:5B:FE:91:B4:57:E3:6F:61:AD
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01870D844BC42748A7C00D33A6D870193385
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5MGvcCEQprFwknxb_pG0V-NvYa0.roa
Signing time: Thu 23 Mar 2023 08:09:46 +0000
ROA not before: Thu 23 Mar 2023 08:09:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 194.116.162.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:84:4b:c4:27:48:a7:c0:0d:33:a6:d8:70:19:33:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 23 08:09:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4c1af702110a6b170927c5bfe91b457e36f61ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:41:2b:67:d9:c0:9d:43:23:bf:f3:b6:30:53:
ed:f9:8c:25:e7:86:5c:a8:99:e2:6c:1a:af:f0:04:
76:b3:42:81:ab:1f:96:83:8c:fd:b6:9b:7f:09:68:
19:39:7b:62:b2:6a:37:10:b0:d2:84:ed:80:f0:3e:
e5:71:50:88:cb:58:af:ec:e7:ff:af:67:a0:d5:b8:
2a:20:5d:95:78:6a:4d:ad:cd:bf:0e:ac:8b:94:18:
24:26:c6:7a:dc:03:a4:ad:18:a3:56:af:73:cb:ba:
0c:bc:d7:ca:01:07:af:44:28:55:fa:74:ed:92:09:
44:d8:58:80:5f:12:df:19:b8:53:1b:7b:90:de:20:
4f:19:96:67:0c:36:c9:a1:64:2e:53:bd:68:5e:6d:
70:ac:e7:d3:eb:e6:6a:8c:9b:b4:06:71:28:1f:d8:
39:99:d6:b8:17:e1:4b:fa:6e:cf:67:0c:a2:ee:2b:
95:65:5e:d0:5f:e2:9d:9d:f5:89:26:cf:a2:2d:40:
c4:d6:38:1d:ed:f1:3f:c5:d9:4a:a4:3b:0b:3a:e3:
40:21:78:dc:ac:bf:14:63:9b:ff:5a:81:c4:58:f3:
ea:9d:58:e2:e4:71:5f:ad:be:ce:26:ea:b9:4c:7e:
b5:bd:e8:b4:97:8f:29:e8:ce:18:98:c2:a5:b2:73:
3b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C1:AF:70:21:10:A6:B1:70:92:7C:5B:FE:91:B4:57:E3:6F:61:AD
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5MGvcCEQprFwknxb_pG0V-NvYa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.185.0/24
194.116.162.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:19:76:f4:15:03:b6:9e:fb:f8:43:94:5b:db:9b:20:26:c2:
2f:98:4f:d3:b9:dc:27:ae:2f:bc:d2:36:3a:bd:67:13:e6:f0:
82:58:73:3b:f1:4f:05:c0:c6:a9:32:10:db:11:fa:26:87:22:
c9:ff:4a:df:4f:01:6e:aa:4b:c4:21:32:eb:31:ff:e7:8e:aa:
ed:0b:d7:86:d7:b5:02:2f:68:be:13:a0:4b:31:c1:95:5c:a2:
fd:cb:91:0c:cd:78:07:36:16:26:49:63:3f:b9:5d:0f:89:29:
c7:f7:fe:f2:e0:04:77:b8:26:26:9f:fc:c3:2e:e6:b6:ed:83:
d8:fe:56:c3:b7:42:7b:ed:af:ae:dc:42:7e:fc:99:81:d6:1f:
c5:69:d2:63:81:96:fe:cc:32:08:63:df:40:87:33:3d:07:7d:
94:30:bd:09:a7:9f:f4:0e:9f:3f:b4:ae:8b:43:6b:09:88:df:
71:53:ea:27:b2:5f:af:72:73:6c:46:00:c9:88:14:8f:43:b0:
c2:c7:62:70:52:87:e0:55:0b:c3:87:b0:1b:41:82:7d:d8:69:
cd:67:ef:1a:0d:bb:6e:26:88:a2:76:8b:4a:5e:d5:17:bd:ba:
3a:1f:64:20:0c:b8:23:fa:2b:a0:5a:74:80:86:c2:0e:f2:2b:
be:0e:49:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcNhEvEJ0inwA0zpthwGTOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzIzMDgwOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGMxYWY3MDIxMTBhNmIxNzA5MjdjNWJmZTkxYjQ1N2UzNmY2MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEErZ9nAnUMjv/O2MFPt+Ywl54Zc
qJnibBqv8AR2s0KBqx+Wg4z9tpt/CWgZOXtismo3ELDShO2A8D7lcVCIy1iv7Of/
r2eg1bgqIF2VeGpNrc2/DqyLlBgkJsZ63AOkrRijVq9zy7oMvNfKAQevRChV+nTt
kglE2FiAXxLfGbhTG3uQ3iBPGZZnDDbJoWQuU71oXm1wrOfT6+ZqjJu0BnEoH9g5
mda4F+FL+m7PZwyi7iuVZV7QX+KdnfWJJs+iLUDE1jgd7fE/xdlKpDsLOuNAIXjc
rL8UY5v/WoHEWPPqnVji5HFfrb7OJuq5TH61vei0l48p6M4YmMKlsnM71QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOTBr3AhEKaxcJJ8W/6RtFfjb2GtMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvNU1HdmNDRVFwckZ3a254Yl9wRzBWLU52WWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufe5AwQA
wnSiMA0GCSqGSIb3DQEBCwUAA4IBAQCdGXb0FQO2nvv4Q5Rb25sgJsIvmE/Tudwn
ri+80jY6vWcT5vCCWHM78U8FwMapMhDbEfomhyLJ/0rfTwFuqkvEITLrMf/njqrt
C9eG17UCL2i+E6BLMcGVXKL9y5EMzXgHNhYmSWM/uV0PiSnH9/7y4AR3uCYmn/zD
Lua27YPY/lbDt0J77a+u3EJ+/JmB1h/FadJjgZb+zDIIY99AhzM9B32UML0Jp5/0
Dp8/tK6LQ2sJiN9xU+onsl+vcnNsRgDJiBSPQ7DCx2JwUofgVQvDh7AbQYJ92GnN
Z+8aDbtuJoiidotKXtUXvbo6H2QgDLgj+iugWnSAhsIO8iu+DknM
-----END CERTIFICATE-----
Generated at Thu May 8 05:10:55 2025 by rpki-client