Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5LXgLtvdAyMOSwSkNDTa-t_zRxI.roa
File: 5LXgLtvdAyMOSwSkNDTa-t_zRxI.roa (raw, json)
Hash identifier: vur9d8JEKvOR/Ay+2eequX7ZbDdfRqBQU0ria8oOzBo=
Subject key identifier: E4:B5:E0:2E:DB:DD:03:23:0E:4B:04:A4:34:34:DA:FA:DF:F3:47:12
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188FC395DCC6761CA75561082521D3485E3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5LXgLtvdAyMOSwSkNDTa-t_zRxI.roa
Signing time: Tue 27 Jun 2023 09:39:57 +0000
ROA not before: Tue 27 Jun 2023 09:39:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.103.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:39:5d:cc:67:61:ca:75:56:10:82:52:1d:34:85:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 27 09:39:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4b5e02edbdd03230e4b04a43434dafadff34712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6c:d0:77:b0:73:f5:6e:94:44:f9:a9:fe:80:
17:53:da:9d:d4:60:81:bb:d0:bb:b0:be:1f:67:21:
83:84:51:89:6d:45:a8:8a:1a:14:af:0a:b1:b0:23:
8b:ec:e4:c3:83:c5:08:f6:93:81:b9:0a:6f:fe:78:
55:64:c7:46:0a:88:09:ac:a4:f2:6e:4e:48:cd:b9:
fa:c7:3b:7a:ba:24:e4:7d:60:3b:f5:9b:ed:10:48:
59:19:e0:4c:75:b4:0f:15:d4:59:25:24:53:fc:11:
3f:d0:22:5e:04:76:ef:6c:5b:7e:01:ec:de:04:9c:
69:20:b6:bd:e7:b0:bd:3b:14:47:22:f2:06:7c:68:
7c:99:9b:bd:00:7c:f1:8e:f2:e4:34:3e:d0:b0:e1:
86:7b:2b:17:ca:d6:9f:4c:cb:16:b7:67:a5:4e:e9:
38:2d:1d:4b:ff:6c:e4:f6:da:11:c8:0f:b9:6e:b6:
35:96:b6:38:8f:83:ab:1a:e4:fe:23:6e:97:d5:40:
76:d1:f6:4a:5a:41:77:39:2c:06:6a:17:5b:83:97:
7a:96:9a:05:6e:77:7a:b1:6f:ee:dd:1a:16:b3:d6:
f4:c1:40:bc:08:8e:36:56:d7:9b:c8:56:2f:a0:a7:
79:da:57:4b:5e:2e:cf:bf:e3:bf:d4:21:c8:f0:85:
bf:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B5:E0:2E:DB:DD:03:23:0E:4B:04:A4:34:34:DA:FA:DF:F3:47:12
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5LXgLtvdAyMOSwSkNDTa-t_zRxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.74.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:7c:23:3f:7c:c8:31:7c:62:b4:51:62:82:df:73:92:2e:e7:
b3:77:98:67:dc:f6:1c:38:a7:cb:ba:b8:da:b7:33:47:77:b0:
5a:1b:9f:40:a2:58:31:59:8f:39:8f:57:97:87:24:ad:a6:6e:
5f:65:4e:be:18:e6:86:6c:9f:1d:fb:8a:95:05:03:58:d3:5e:
07:ca:7c:45:8b:1c:59:7a:11:5f:38:8a:55:51:61:ba:06:81:
aa:f6:4d:72:c6:28:c2:7e:c6:86:3f:b7:fd:e5:56:13:f0:be:
6e:af:c5:6d:ed:6c:f0:fb:44:8c:21:8f:c0:01:de:c7:07:29:
85:d2:4b:8b:6a:5b:63:4c:a6:f9:45:bf:ef:b5:ff:76:31:27:
f4:e6:58:4f:5b:fd:9f:ae:02:c1:24:18:cb:8a:ba:0f:aa:b7:
db:58:58:54:39:ae:f1:83:ce:91:f5:18:8b:a7:d1:c4:f1:65:
74:26:7f:15:ec:fc:51:27:45:55:f0:43:c6:dc:29:ff:01:3c:
af:5f:62:64:25:2f:05:c4:5f:a8:3f:bb:97:4c:dc:f6:7b:28:
3a:c6:0f:b9:77:5b:2c:5c:15:10:2f:4b:28:79:48:ae:28:e3:
17:38:f8:1d:ad:0b:f5:21:8e:76:32:ea:62:31:09:6d:a2:61:
0a:b1:3a:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYj8OV3MZ2HKdVYQglIdNIXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjI3MDkzOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI1ZTAyZWRiZGQwMzIzMGU0YjA0YTQzNDM0ZGFmYWRmZjM0NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGzQd7Bz9W6URPmp/oAXU9qd1GCB
u9C7sL4fZyGDhFGJbUWoihoUrwqxsCOL7OTDg8UI9pOBuQpv/nhVZMdGCogJrKTy
bk5Izbn6xzt6uiTkfWA79ZvtEEhZGeBMdbQPFdRZJSRT/BE/0CJeBHbvbFt+Aeze
BJxpILa957C9OxRHIvIGfGh8mZu9AHzxjvLkND7QsOGGeysXytafTMsWt2elTuk4
LR1L/2zk9toRyA+5brY1lrY4j4OrGuT+I26X1UB20fZKWkF3OSwGahdbg5d6lpoF
bnd6sW/u3RoWs9b0wUC8CI42VtebyFYvoKd52ldLXi7Pv+O/1CHI8IW/OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOS14C7b3QMjDksEpDQ02vrf80cSMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNUxYZ0x0dmRBeU1PU3dTa05EVGEtdF96UnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWdKMA0G
CSqGSIb3DQEBCwUAA4IBAQCOfCM/fMgxfGK0UWKC33OSLuezd5hn3PYcOKfLurja
tzNHd7BaG59AolgxWY85j1eXhyStpm5fZU6+GOaGbJ8d+4qVBQNY014HynxFixxZ
ehFfOIpVUWG6BoGq9k1yxijCfsaGP7f95VYT8L5ur8Vt7Wzw+0SMIY/AAd7HBymF
0kuLaltjTKb5Rb/vtf92MSf05lhPW/2frgLBJBjLiroPqrfbWFhUOa7xg86R9RiL
p9HE8WV0Jn8V7PxRJ0VV8EPG3Cn/ATyvX2JkJS8FxF+oP7uXTNz2eyg6xg+5d1ss
XBUQL0soeUiuKOMXOPgdrQv1IY52MupiMQltomEKsToj
-----END CERTIFICATE-----
Generated at Wed May 14 02:21:01 2025 by rpki-client