Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/HD-MM8IaHN8tziXeVkkVjqjDQTw.roa
File: HD-MM8IaHN8tziXeVkkVjqjDQTw.roa (raw, json)
Hash identifier: oZ6r+sg8XElWRe2ecjAZjbTJZjXZsGHlb7Z3abTk/H4=
Subject key identifier: 1C:3F:8C:33:C2:1A:1C:DF:2D:CE:25:DE:56:49:15:8E:A8:C3:41:3C
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 17054BE8
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/HD-MM8IaHN8tziXeVkkVjqjDQTw.roa
Signing time: Wed 09 Mar 2022 20:48:45 +0000
ROA not before: Wed 09 Mar 2022 20:48:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28716
IP address blocks: 185.61.12.0/22 maxlen: 24
185.41.212.0/22 maxlen: 22
2a02:5ca0::/32 maxlen: 56
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 386223080 (0x17054be8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Mar 9 20:48:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c3f8c33c21a1cdf2dce25de5649158ea8c3413c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2e:47:4c:57:8e:cb:1f:59:c0:a9:3d:af:80:
ff:fc:3b:e3:a6:75:5f:e6:7f:ae:3c:80:72:ec:d9:
d7:2f:a0:ab:a6:0d:03:ee:4f:a1:3f:c3:64:98:a6:
48:08:f0:d7:36:a5:f6:67:0e:3c:b2:de:48:8b:20:
ab:17:ea:78:8a:1a:8d:a2:07:28:50:cb:72:0c:13:
b7:d4:74:fc:ae:8b:d1:7a:67:ae:b5:12:a8:1a:23:
d8:a4:da:a9:95:2b:09:7a:4c:be:b6:fe:7f:b0:5f:
41:6a:cd:16:c6:df:c2:f6:0b:93:08:c3:b8:87:a0:
fe:3c:6e:31:e6:e6:f5:12:2d:83:ec:ff:43:0c:23:
c5:ae:82:71:07:30:ae:fb:71:2f:d3:3f:10:6a:e9:
d5:a2:a0:d4:da:d6:61:73:1e:38:19:40:16:6d:45:
cd:9d:8a:e5:8d:0b:a3:c5:c7:c2:fb:75:84:86:51:
32:58:cc:1c:ef:ff:91:84:37:90:53:56:85:5f:51:
89:bf:dd:a9:2f:5a:20:50:8f:39:15:b3:e9:3f:61:
4c:1b:08:33:0b:37:73:36:b6:4a:0d:e1:6a:80:9f:
89:c2:98:f7:2b:be:a4:c8:38:88:5e:10:10:a3:0c:
31:4c:1e:a0:f5:05:ce:61:fb:c0:9e:80:48:a1:25:
df:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3F:8C:33:C2:1A:1C:DF:2D:CE:25:DE:56:49:15:8E:A8:C3:41:3C
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/HD-MM8IaHN8tziXeVkkVjqjDQTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.212.0/22
185.61.12.0/22
IPv6:
2a02:5ca0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:84:c9:77:ab:e9:29:74:f4:07:02:21:6e:cc:e6:ab:cb:c2:
7a:cd:b6:79:ad:77:c3:1a:5c:81:09:bb:7e:ec:ae:0a:fd:12:
81:29:1e:e2:6b:78:48:9c:68:a0:72:b6:90:91:8e:dd:35:bf:
23:36:30:ff:41:6f:05:df:d6:1e:c6:2b:4d:25:08:1c:a0:0c:
45:11:d2:7d:2a:81:82:dc:c1:b7:cb:1e:34:af:b6:7c:84:aa:
f3:f3:12:0d:a3:dd:0d:ba:23:71:35:e5:92:31:47:06:42:1c:
1b:88:4e:d1:13:9d:ba:26:7d:f8:fd:5b:60:48:25:10:4f:12:
e0:9e:bc:e3:8e:22:f4:20:01:c7:76:67:94:47:c2:99:bb:72:
b5:d9:e8:42:5b:8a:0a:ba:af:fc:c1:11:4f:ab:4c:2f:20:97:
f8:5d:6f:b8:c8:1b:17:9c:28:0b:46:27:cc:b6:2c:51:9d:6d:
d8:bf:8e:27:c8:2e:dc:df:02:44:3e:49:dc:36:77:19:ad:5e:
dd:a5:e3:3d:ad:0b:08:09:ae:a9:09:9a:23:f0:ed:b8:24:b0:
d2:81:c4:90:da:46:c3:c0:88:fd:e7:36:e7:9f:75:25:e6:f1:
de:3c:4c:eb:f9:30:55:d7:e2:be:d4:29:f7:f5:ae:a6:3c:63:
3c:3d:1e:97
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEFwVL6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzdjYzMzNGY1MWQyYjZlYjRlMjdkNmQ1NmI5YmNlM2U4NTU2MGNjMB4XDTIyMDMw
OTIwNDg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMzZjhjMzNjMjFh
MWNkZjJkY2UyNWRlNTY0OTE1OGVhOGMzNDEzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAuR0xXjssfWcCpPa+A//w746Z1X+Z/rjyAcuzZ1y+gq6YN
A+5PoT/DZJimSAjw1zal9mcOPLLeSIsgqxfqeIoajaIHKFDLcgwTt9R0/K6L0Xpn
rrUSqBoj2KTaqZUrCXpMvrb+f7BfQWrNFsbfwvYLkwjDuIeg/jxuMebm9RItg+z/
Qwwjxa6CcQcwrvtxL9M/EGrp1aKg1NrWYXMeOBlAFm1FzZ2K5Y0Lo8XHwvt1hIZR
MljMHO//kYQ3kFNWhV9Rib/dqS9aIFCPORWz6T9hTBsIMws3cza2Sg3haoCficKY
9yu+pMg4iF4QEKMMMUweoPUFzmH7wJ6ASKEl36sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQcP4wzwhoc3y3OJd5WSRWOqMNBPDAfBgNVHSMEGDAWgBSsfMM09R0rbrTi
fW1Wubzj6FVgzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JIekROUFVkSzI2MDRuMXRWcm04NC1oVllNdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvZGQ1NWU4LWZlYmQtNDlkMC1hNWE3LTFjZjE1YjJiYTdiZS8x
L0hELU1NOElhSE44dHppWGVWa2tWanFqRFFUdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
ZGQ1NWU4LWZlYmQtNDlkMC1hNWE3LTFjZjE1YjJiYTdiZS8xL3JIekROUFVkSzI2
MDRuMXRWcm04NC1oVllNdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkp1AMEArk9DDANBAIAAjAHAwUA
KgJcoDANBgkqhkiG9w0BAQsFAAOCAQEASoTJd6vpKXT0BwIhbszmq8vCes22ea13
wxpcgQm7fuyuCv0SgSke4mt4SJxooHK2kJGO3TW/IzYw/0FvBd/WHsYrTSUIHKAM
RRHSfSqBgtzBt8seNK+2fISq8/MSDaPdDbojcTXlkjFHBkIcG4hO0ROduiZ9+P1b
YEglEE8S4J68444i9CABx3ZnlEfCmbtytdnoQluKCrqv/MERT6tMLyCX+F1vuMgb
F5woC0YnzLYsUZ1t2L+OJ8gu3N8CRD5J3DZ3Ga1e3aXjPa0LCAmuqQmaI/DtuCSw
0oHEkNpGw8CI/ec25591Jebx3jxM6/kwVdfivtQp9/WupjxjPD0elw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:14 2024 by rpki-client on console-fra.rpki-client.org