Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/gCxOsBdZv6_CFUJs6AuL9LhqfnE.roa
File: gCxOsBdZv6_CFUJs6AuL9LhqfnE.roa (raw, json)
Hash identifier: A4maojSPx/TFkt6Rp9a0swjBUYzSJahJX9d1RzA8V10=
Subject key identifier: 80:2C:4E:B0:17:59:BF:AF:C2:15:42:6C:E8:0B:8B:F4:B8:6A:7E:71
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 01856E78CCACBE1B7DEE93CA434770100132
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/gCxOsBdZv6_CFUJs6AuL9LhqfnE.roa
Signing time: Sun 01 Jan 2023 17:54:48 +0000
ROA not before: Sun 01 Jan 2023 17:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203510
IP address blocks: 185.9.185.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:cc:ac:be:1b:7d:ee:93:ca:43:47:70:10:01:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Jan 1 17:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=802c4eb01759bfafc215426ce80b8bf4b86a7e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:83:ea:53:92:f7:d1:51:56:98:3d:95:7c:23:
15:9c:c9:d8:aa:0a:97:e0:7c:65:63:8c:91:aa:1b:
06:a4:e3:bd:a1:f0:8c:92:4e:eb:3f:20:ca:05:d1:
ee:b5:af:99:60:dc:c4:88:23:78:32:ad:6f:e7:91:
c1:5f:ae:cf:16:2d:5d:e3:41:87:95:05:91:f0:47:
5a:16:13:c3:aa:af:9e:95:a1:91:18:c0:ee:cc:1f:
c6:9f:fd:55:43:aa:bd:ec:3b:6f:0b:01:82:c6:0b:
5b:cb:76:2f:47:cd:15:3d:f1:cf:97:72:76:d2:52:
9e:9d:68:92:a3:d6:e5:9f:36:46:ac:2c:94:ce:5b:
f0:e9:5b:2d:81:bb:e3:b8:60:11:f4:80:0f:1c:b5:
d1:ec:6a:f9:b9:9f:db:64:e4:30:6d:ce:5e:b6:11:
47:4b:8d:c8:fb:a9:da:6c:96:b8:25:f0:27:3f:42:
8b:d2:d6:32:f5:f5:9c:e6:4c:2d:b5:b9:43:a2:b1:
c3:d6:c2:f7:41:a3:87:a0:a8:1d:d6:c1:0b:a6:07:
ea:64:eb:06:11:4b:2b:f2:91:20:2e:eb:04:14:e3:
9e:ed:f4:ec:70:0e:74:60:2e:0e:2b:94:10:eb:e7:
dc:20:f2:5c:55:99:18:67:20:4b:01:5d:8c:39:33:
0e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2C:4E:B0:17:59:BF:AF:C2:15:42:6C:E8:0B:8B:F4:B8:6A:7E:71
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/gCxOsBdZv6_CFUJs6AuL9LhqfnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.185.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c0:ad:52:1b:ac:56:86:43:a9:d7:79:17:c4:ba:4f:11:fe:
22:52:05:1c:1f:be:f5:af:78:0f:9b:09:1b:2c:02:55:1f:dc:
41:e9:3a:96:19:0f:f9:8d:ef:8a:4d:16:ad:4c:48:ce:fa:d3:
ac:48:27:f9:31:56:cc:6f:3f:04:bd:71:e9:1c:e6:53:db:7d:
d6:ad:e6:61:6c:29:56:37:64:6e:23:5b:78:ac:de:88:71:7e:
67:7c:b0:93:88:f1:ad:62:c3:d1:74:cd:b4:ba:2f:d4:5e:d6:
ba:b6:5d:e6:dc:66:35:0c:88:cd:e9:d5:46:35:62:af:18:44:
4d:cc:16:d9:6f:24:a5:48:8e:87:66:b4:47:e9:53:bb:09:df:
22:58:21:1e:0e:ae:59:16:f1:b6:42:a1:8b:5c:8c:20:08:d2:
f2:fd:fa:17:99:f6:89:c8:88:24:82:cb:13:a9:70:08:b0:c7:
ee:54:7d:59:2e:73:8c:0f:16:23:ac:37:bf:83:d9:e1:6c:5c:
23:44:a9:9d:d8:b7:fb:ca:a7:64:54:dc:c0:48:87:8f:0d:ed:
6f:a4:33:7d:e0:2c:e6:86:66:c9:8c:79:72:7b:75:82:c4:f9:
08:2d:f0:8d:63:65:99:4b:cb:36:f8:08:c6:a7:0c:d3:46:9a:
77:14:83:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueMysvht97pPKQ0dwEAEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjMwMTAxMTc1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDJjNGViMDE3NTliZmFmYzIxNTQyNmNlODBiOGJmNGI4NmE3ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIPqU5L30VFWmD2VfCMVnMnYqgqX
4HxlY4yRqhsGpOO9ofCMkk7rPyDKBdHuta+ZYNzEiCN4Mq1v55HBX67PFi1d40GH
lQWR8EdaFhPDqq+elaGRGMDuzB/Gn/1VQ6q97DtvCwGCxgtby3YvR80VPfHPl3J2
0lKenWiSo9blnzZGrCyUzlvw6VstgbvjuGAR9IAPHLXR7Gr5uZ/bZOQwbc5ethFH
S43I+6nabJa4JfAnP0KL0tYy9fWc5kwttblDorHD1sL3QaOHoKgd1sELpgfqZOsG
EUsr8pEgLusEFOOe7fTscA50YC4OK5QQ6+fcIPJcVZkYZyBLAV2MOTMOKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAsTrAXWb+vwhVCbOgLi/S4an5xMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvZ0N4T3NCZFp2Nl9DRlVKczZBdUw5TGhxZm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQm5MA0G
CSqGSIb3DQEBCwUAA4IBAQAVwK1SG6xWhkOp13kXxLpPEf4iUgUcH771r3gPmwkb
LAJVH9xB6TqWGQ/5je+KTRatTEjO+tOsSCf5MVbMbz8EvXHpHOZT233WreZhbClW
N2RuI1t4rN6IcX5nfLCTiPGtYsPRdM20ui/UXta6tl3m3GY1DIjN6dVGNWKvGERN
zBbZbySlSI6HZrRH6VO7Cd8iWCEeDq5ZFvG2QqGLXIwgCNLy/foXmfaJyIgkgssT
qXAIsMfuVH1ZLnOMDxYjrDe/g9nhbFwjRKmd2Lf7yqdkVNzASIePDe1vpDN94Czm
hmbJjHlye3WCxPkILfCNY2WZS8s2+AjGpwzTRpp3FIMm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org