Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/iyetdThi7hHRr3gQ9eSTMde8M4E.roa
File: iyetdThi7hHRr3gQ9eSTMde8M4E.roa (raw, json)
Hash identifier: TtA+7toNfMQBv+HsP5VLe8wcozPw0iA/bWrbxx/o5xM=
Subject key identifier: 8B:27:AD:75:38:62:EE:11:D1:AF:78:10:F5:E4:93:31:D7:BC:33:81
Certificate issuer: /CN=7de98f48e988790d0e0793537941b413d2e60306
Certificate serial: 0185722812D72FE24A02FFD386D4402FB3C6
Authority key identifier: 7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/iyetdThi7hHRr3gQ9eSTMde8M4E.roa
Signing time: Mon 02 Jan 2023 11:05:06 +0000
ROA not before: Mon 02 Jan 2023 11:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44092
IP address blocks: 185.178.252.0/22 maxlen: 24
185.178.252.0/24 maxlen: 24
185.178.253.0/24 maxlen: 24
185.178.255.0/24 maxlen: 24
185.178.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:12:d7:2f:e2:4a:02:ff:d3:86:d4:40:2f:b3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7de98f48e988790d0e0793537941b413d2e60306
Validity
Not Before: Jan 2 11:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b27ad753862ee11d1af7810f5e49331d7bc3381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:26:1f:e5:e0:7e:68:31:fa:55:f6:8e:e0:5d:
07:e2:f7:2e:86:cf:41:02:6f:f2:4b:ab:3e:3c:37:
c9:00:94:da:0a:cb:7e:f5:91:db:59:d2:8b:dc:31:
f6:2a:50:0c:8e:06:ab:57:31:59:23:17:15:a4:5a:
c0:3e:50:f1:37:64:34:04:22:06:e3:c7:ed:af:d5:
4b:15:56:52:4c:00:0a:3c:fa:39:c3:2b:d7:2f:b4:
00:d4:f8:65:f8:5a:b7:2b:a6:0c:c5:37:97:14:7e:
ba:66:ab:04:2c:6b:2a:5c:b1:c9:c1:4f:bf:7d:c6:
34:0e:e7:9a:01:05:1c:50:33:96:b7:2d:41:5b:ad:
bf:11:62:d0:d6:d1:a2:4b:a0:b9:5d:55:50:97:fc:
7d:89:ae:10:4c:b6:90:a3:cc:2f:38:d5:e0:11:14:
83:45:d5:09:aa:b8:48:27:db:f3:ca:f0:f4:57:f7:
ec:a1:92:8d:ad:1a:70:52:0d:8a:4d:aa:79:60:78:
7f:e8:57:7c:9c:a0:2c:00:98:ab:f7:5b:3a:a7:07:
aa:41:89:55:a4:8b:2d:50:85:0b:f5:20:8d:bf:12:
a4:96:28:06:9d:a0:39:fe:32:dd:6f:ec:b9:15:fe:
27:a0:1d:11:a2:a2:fe:06:54:3a:90:06:9b:b8:c1:
6d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:27:AD:75:38:62:EE:11:D1:AF:78:10:F5:E4:93:31:D7:BC:33:81
X509v3 Authority Key Identifier:
keyid:7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/iyetdThi7hHRr3gQ9eSTMde8M4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:2d:7c:68:13:9a:43:62:6e:99:c8:74:b6:48:20:90:c8:63:
e8:dd:e4:83:cb:82:03:20:13:8b:a2:fa:ae:34:cd:da:7b:fd:
53:8a:70:e3:81:ea:67:2a:24:62:f1:d0:07:5b:5b:5e:b8:f5:
73:73:71:15:03:3f:55:7e:30:38:0c:60:67:f1:64:1c:d9:52:
01:80:2d:54:9c:ce:e9:3f:d6:7d:7a:75:de:a8:c5:f9:fd:28:
ec:bf:12:de:46:45:d9:4b:5a:c7:9f:0c:5a:1c:d6:45:f8:99:
ff:bf:26:90:2b:8a:42:fd:fa:65:1a:93:3e:d7:a1:a7:45:24:
b1:a1:fc:c4:e3:22:97:1d:f6:5d:d2:48:e9:27:83:e2:57:78:
e4:56:6a:49:12:0d:f6:8b:c6:b3:4e:23:57:78:cd:dc:62:bd:
e2:eb:3c:e8:9f:e0:8b:c3:d2:d2:77:9f:d2:8c:b7:39:a6:10:
f4:6b:9d:6d:f1:98:90:92:62:c7:bf:b7:85:10:b0:9d:83:ed:
36:4e:75:8f:df:3a:25:39:51:2a:4b:6a:e4:ef:16:d3:98:31:
ea:80:dd:d3:f1:70:72:76:fd:1c:bd:fe:b6:19:ea:e2:5c:e9:
3e:6e:e0:c1:01:d0:d1:ba:15:7a:cb:68:25:5f:2d:cd:01:0b:
9b:b8:8e:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyKBLXL+JKAv/ThtRAL7PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZTk4ZjQ4ZTk4ODc5MGQwZTA3OTM1Mzc5NDFiNDEzZDJl
NjAzMDYwHhcNMjMwMTAyMTEwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjI3YWQ3NTM4NjJlZTExZDFhZjc4MTBmNWU0OTMzMWQ3YmMzMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSYf5eB+aDH6VfaO4F0H4vcuhs9B
Am/yS6s+PDfJAJTaCst+9ZHbWdKL3DH2KlAMjgarVzFZIxcVpFrAPlDxN2Q0BCIG
48ftr9VLFVZSTAAKPPo5wyvXL7QA1Phl+Fq3K6YMxTeXFH66ZqsELGsqXLHJwU+/
fcY0DueaAQUcUDOWty1BW62/EWLQ1tGiS6C5XVVQl/x9ia4QTLaQo8wvONXgERSD
RdUJqrhIJ9vzyvD0V/fsoZKNrRpwUg2KTap5YHh/6Fd8nKAsAJir91s6pweqQYlV
pIstUIUL9SCNvxKkligGnaA5/jLdb+y5Ff4noB0RoqL+BlQ6kAabuMFtbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsnrXU4Yu4R0a94EPXkkzHXvDOBMB8GA1UdIwQY
MBaAFH3pj0jpiHkNDgeTU3lBtBPS5gMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmVtUFNPbUllUTBPQjVOVGVVRzBFOUxtQXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jMGZjMGEtMTVkNC00NmNjLWE4Yjkt
NDc2MzJjYjViODU0LzEvaXlldGRUaGk3aEhScjNnUTllU1RNZGU4TTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jMGZjMGEtMTVkNC00NmNjLWE4YjktNDc2MzJjYjViODU0
LzEvZmVtUFNPbUllUTBPQjVOVGVVRzBFOUxtQXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubL8MA0G
CSqGSIb3DQEBCwUAA4IBAQAdLXxoE5pDYm6ZyHS2SCCQyGPo3eSDy4IDIBOLovqu
NM3ae/1TinDjgepnKiRi8dAHW1teuPVzc3EVAz9VfjA4DGBn8WQc2VIBgC1UnM7p
P9Z9enXeqMX5/SjsvxLeRkXZS1rHnwxaHNZF+Jn/vyaQK4pC/fplGpM+16GnRSSx
ofzE4yKXHfZd0kjpJ4PiV3jkVmpJEg32i8azTiNXeM3cYr3i6zzon+CLw9LSd5/S
jLc5phD0a51t8ZiQkmLHv7eFELCdg+02TnWP3zolOVEqS2rk7xbTmDHqgN3T8XBy
dv0cvf62GeriXOk+buDBAdDRuhV6y2glXy3NAQubuI6n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org