Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/aRNk15vJM0hBI42r6gmxEcDmm38.roa
File: aRNk15vJM0hBI42r6gmxEcDmm38.roa (raw, json)
Hash identifier: heKSQ7BF/QxN5jgYn9mmuHSTk0RjL8QF3yPiDlZHmHI=
Subject key identifier: 69:13:64:D7:9B:C9:33:48:41:23:8D:AB:EA:09:B1:11:C0:E6:9B:7F
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 01854E2D7C4355A7506B50CD7B528128E315
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/aRNk15vJM0hBI42r6gmxEcDmm38.roa
Signing time: Mon 26 Dec 2022 11:24:41 +0000
ROA not before: Mon 26 Dec 2022 11:24:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 185.244.51.0/24 maxlen: 24
185.250.44.0/23 maxlen: 23
185.250.46.0/23 maxlen: 23
193.39.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4e:2d:7c:43:55:a7:50:6b:50:cd:7b:52:81:28:e3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Dec 26 11:24:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=691364d79bc9334841238dabea09b111c0e69b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d7:6a:d4:2b:6e:5c:79:37:52:77:30:a1:7e:
60:a4:63:9c:2a:14:8d:d0:c6:7c:83:30:8e:a7:53:
dc:34:79:08:1f:65:0e:6b:85:b4:58:bc:ad:40:06:
de:e0:aa:17:44:f8:bb:40:32:ec:87:5c:79:b4:fc:
f9:43:94:14:78:e0:b3:26:c4:b0:69:14:bb:71:06:
4b:ca:f0:c7:25:f5:62:9c:21:88:4e:12:1c:dc:46:
b2:58:93:ee:5e:3a:a0:7c:ae:36:41:61:e3:61:77:
0b:9a:9d:9a:7a:dc:9f:58:f1:04:3a:1f:bb:70:96:
7a:fc:bc:94:df:9e:ae:bc:75:0e:49:50:aa:a5:16:
4c:b0:d6:bb:2b:91:cf:07:4b:ca:2e:c0:02:57:92:
8d:aa:96:1c:b7:f8:5a:82:2d:f4:c2:ee:5c:73:93:
b1:57:ae:16:17:f3:59:b2:9b:15:1b:5a:89:71:19:
ba:13:5d:f6:b4:cd:61:ea:8e:ff:f1:e0:b3:a2:27:
ef:0d:5c:f4:76:46:ed:f4:7f:07:c3:d4:c0:1d:39:
04:bd:8c:25:29:ce:59:56:72:0c:b5:6e:a0:66:96:
d3:02:9a:4d:f1:ed:e3:fe:75:19:ce:82:56:cc:ed:
be:24:b9:7a:9f:6b:95:3d:f3:13:ef:59:b9:0b:21:
fa:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:13:64:D7:9B:C9:33:48:41:23:8D:AB:EA:09:B1:11:C0:E6:9B:7F
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/aRNk15vJM0hBI42r6gmxEcDmm38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.51.0/24
185.250.44.0/22
193.39.171.0/24
Signature Algorithm: sha256WithRSAEncryption
05:e8:7e:59:cc:70:52:46:99:86:c6:13:57:2e:98:03:f7:44:
dd:ce:f9:9f:7f:0f:25:5e:1e:5e:ce:38:0f:12:f1:ef:13:53:
1b:2e:cb:a8:6c:d6:b5:bb:26:78:d6:08:84:bd:0a:38:e8:3e:
08:5c:f0:c6:c6:61:96:c7:94:f0:5f:38:52:0f:0f:22:d2:e2:
72:7b:59:85:8f:51:4c:92:a0:0d:5a:96:96:a0:a5:cc:e5:8d:
bd:07:19:8a:12:ff:7b:af:7a:97:81:32:ff:e6:9f:b3:61:c8:
8b:02:71:7f:2e:44:4a:6f:b3:73:6a:dc:af:d6:05:79:b4:42:
e2:ed:50:8e:de:59:80:97:c6:29:95:cb:2c:c1:e6:42:a1:0b:
e4:ed:4d:ce:f4:78:66:0d:02:f6:90:b6:a5:c6:7f:69:29:43:
3f:eb:73:45:b1:4a:e6:51:a9:75:75:4f:e1:73:76:97:76:77:
70:23:ba:5d:f8:ef:98:aa:9e:07:41:76:6a:f3:03:8e:ca:ef:
64:80:d3:e0:0b:87:ba:4f:db:90:0c:c9:82:3a:b5:24:9f:9e:
df:ec:fc:35:e2:46:8c:80:c1:de:ee:f9:bf:43:0f:cc:05:c8:
92:6b:ab:5e:5c:b4:b8:8a:a8:54:0c:f7:8e:01:7a:5f:f8:98:
3d:c8:d9:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVOLXxDVadQa1DNe1KBKOMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjIxMjI2MTEyNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTEzNjRkNzliYzkzMzQ4NDEyMzhkYWJlYTA5YjExMWMwZTY5YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktdq1CtuXHk3UncwoX5gpGOcKhSN
0MZ8gzCOp1PcNHkIH2UOa4W0WLytQAbe4KoXRPi7QDLsh1x5tPz5Q5QUeOCzJsSw
aRS7cQZLyvDHJfVinCGIThIc3EayWJPuXjqgfK42QWHjYXcLmp2aetyfWPEEOh+7
cJZ6/LyU356uvHUOSVCqpRZMsNa7K5HPB0vKLsACV5KNqpYct/hagi30wu5cc5Ox
V64WF/NZspsVG1qJcRm6E132tM1h6o7/8eCzoifvDVz0dkbt9H8Hw9TAHTkEvYwl
Kc5ZVnIMtW6gZpbTAppN8e3j/nUZzoJWzO2+JLl6n2uVPfMT71m5CyH6awIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGkTZNebyTNIQSONq+oJsRHA5pt/MB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvYVJOazE1dkpNMGhCSTQycjZnbXhFY0RtbTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAufQzAwQC
ufosAwQAwSerMA0GCSqGSIb3DQEBCwUAA4IBAQAF6H5ZzHBSRpmGxhNXLpgD90Td
zvmffw8lXh5ezjgPEvHvE1MbLsuobNa1uyZ41giEvQo46D4IXPDGxmGWx5TwXzhS
Dw8i0uJye1mFj1FMkqANWpaWoKXM5Y29BxmKEv97r3qXgTL/5p+zYciLAnF/LkRK
b7Nzatyv1gV5tELi7VCO3lmAl8YplcssweZCoQvk7U3O9HhmDQL2kLalxn9pKUM/
63NFsUrmUal1dU/hc3aXdndwI7pd+O+Yqp4HQXZq8wOOyu9kgNPgC4e6T9uQDMmC
OrUkn57f7Pw14kaMgMHe7vm/Qw/MBciSa6teXLS4iqhUDPeOAXpf+Jg9yNk8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org