Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Fy7hiGQZbI2DtwWtjT7v_O9qHgM.roa
File: Fy7hiGQZbI2DtwWtjT7v_O9qHgM.roa (raw, json)
Hash identifier: 47WzHUdR1rJMjKv27eRSi/m5ey0SdO4UzBBHSlMvhUo=
Subject key identifier: 17:2E:E1:88:64:19:6C:8D:83:B7:05:AD:8D:3E:EF:FC:EF:6A:1E:03
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A2C93691FBF5AFB24ACE4F414B89C
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Fy7hiGQZbI2DtwWtjT7v_O9qHgM.roa
Signing time: Mon 02 Jan 2023 12:34:47 +0000
ROA not before: Mon 02 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.151.236.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:2c:93:69:1f:bf:5a:fb:24:ac:e4:f4:14:b8:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=172ee18864196c8d83b705ad8d3eeffcef6a1e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:11:94:3f:0f:df:be:36:d1:72:9f:fd:68:08:
a4:6f:f7:65:f4:68:b2:fb:c8:f1:21:74:4b:81:1f:
25:e9:41:87:fe:3a:bc:b1:bc:8a:6c:1e:cc:23:f5:
7e:cb:2b:ab:c7:8c:c7:f2:7c:82:e2:55:83:ed:83:
c4:63:63:33:bc:27:5b:62:11:9a:c7:6e:3b:8e:35:
d5:61:e0:2c:89:8f:63:4e:2d:23:20:c4:f3:dc:9d:
ad:b2:06:39:88:7f:c5:23:74:8c:06:66:40:ad:39:
2c:7e:87:89:c1:68:a8:83:d0:5e:b7:b0:e4:c9:76:
4b:55:d1:35:14:c9:c3:1b:cf:b9:dc:97:66:5f:2f:
2c:c9:d2:96:9a:fc:e2:60:15:bc:4c:84:a0:a5:c8:
52:76:b4:73:9b:02:5c:20:80:44:25:e7:29:d9:07:
7a:f0:b4:7a:53:53:50:22:52:d9:b6:ac:d1:d8:f7:
8c:b5:9a:92:6f:4c:9a:02:bb:59:a1:a5:0b:bf:c2:
14:f7:06:44:7c:39:f4:93:be:0f:6a:15:c5:91:8a:
60:3b:9c:71:bb:be:e6:c8:6c:81:2b:1d:7e:2d:f3:
5b:de:b1:9e:20:8e:60:07:88:6a:3f:a0:12:b2:23:
13:ce:24:76:08:cc:07:35:0e:27:4d:b8:0e:92:37:
2f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2E:E1:88:64:19:6C:8D:83:B7:05:AD:8D:3E:EF:FC:EF:6A:1E:03
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Fy7hiGQZbI2DtwWtjT7v_O9qHgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.236.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:28:b2:dc:2b:60:1d:d7:50:d8:6a:fa:7d:f4:a0:28:e1:00:
5a:08:d4:ea:3f:10:7f:15:1b:9c:da:36:87:4f:6b:5d:82:2d:
3a:80:ff:0a:1a:33:8f:0e:b3:5d:7a:eb:14:ca:af:71:17:2c:
bd:ee:eb:dc:3a:e5:4e:ec:9b:18:b2:52:6c:ee:2d:79:8b:01:
f2:f2:88:da:41:1a:35:5c:5f:99:18:08:eb:cd:40:f0:da:a4:
06:06:63:a7:d7:8e:15:15:46:a0:37:5f:5c:6f:83:e7:6a:89:
52:e9:e4:cc:fb:a0:30:e9:64:e4:53:bc:9d:0b:99:9a:fd:73:
b2:ef:6b:27:ee:96:30:a4:f9:60:c1:dc:f9:1b:89:eb:f7:47:
7a:cb:b2:21:26:85:96:98:5b:27:2a:6b:f7:5b:89:82:59:d2:
fd:bb:90:e6:69:36:d7:73:60:40:5f:77:16:38:e6:02:47:bf:
ad:26:12:cd:39:d2:59:b4:c9:97:0f:f3:01:39:75:56:ba:84:
8a:ac:8f:e1:83:0e:42:a7:29:c5:0c:da:2b:fa:83:52:7b:ab:
3c:27:26:8e:7b:46:5f:4d:56:8e:eb:ea:68:1f:f1:3e:c0:42:
c6:85:9b:9f:71:2e:ca:2a:f3:e4:5e:c8:68:8e:de:cf:40:17:
a6:ea:78:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyeiyTaR+/WvskrOT0FLicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzJlZTE4ODY0MTk2YzhkODNiNzA1YWQ4ZDNlZWZmY2VmNmExZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxGUPw/fvjbRcp/9aAikb/dl9Giy
+8jxIXRLgR8l6UGH/jq8sbyKbB7MI/V+yyurx4zH8nyC4lWD7YPEY2MzvCdbYhGa
x247jjXVYeAsiY9jTi0jIMTz3J2tsgY5iH/FI3SMBmZArTksfoeJwWiog9Bet7Dk
yXZLVdE1FMnDG8+53JdmXy8sydKWmvziYBW8TISgpchSdrRzmwJcIIBEJecp2Qd6
8LR6U1NQIlLZtqzR2PeMtZqSb0yaArtZoaULv8IU9wZEfDn0k74PahXFkYpgO5xx
u77myGyBKx1+LfNb3rGeII5gB4hqP6ASsiMTziR2CMwHNQ4nTbgOkjcvzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBcu4YhkGWyNg7cFrY0+7/zvah4DMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvRnk3aGlHUVpiSTJEdHdXdGpUN3ZfTzlxSGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZfsMA0G
CSqGSIb3DQEBCwUAA4IBAQB8KLLcK2Ad11DYavp99KAo4QBaCNTqPxB/FRuc2jaH
T2tdgi06gP8KGjOPDrNdeusUyq9xFyy97uvcOuVO7JsYslJs7i15iwHy8ojaQRo1
XF+ZGAjrzUDw2qQGBmOn144VFUagN19cb4PnaolS6eTM+6Aw6WTkU7ydC5ma/XOy
72sn7pYwpPlgwdz5G4nr90d6y7IhJoWWmFsnKmv3W4mCWdL9u5DmaTbXc2BAX3cW
OOYCR7+tJhLNOdJZtMmXD/MBOXVWuoSKrI/hgw5CpynFDNor+oNSe6s8JyaOe0Zf
TVaO6+poH/E+wELGhZufcS7KKvPkXshojt7PQBem6nhf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org