Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/djFuJaYk52UT2Joh1ZHpk6P7bwU.roa
File: djFuJaYk52UT2Joh1ZHpk6P7bwU.roa (raw, json)
Hash identifier: 5FCqKqv6w7vZwcxkHBL1U9cJtr/sKju769UoeuAbGD8=
Subject key identifier: 76:31:6E:25:A6:24:E7:65:13:D8:9A:21:D5:91:E9:93:A3:FB:6F:05
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 0185A00374666F22605029EDE97DCAF59876
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/djFuJaYk52UT2Joh1ZHpk6P7bwU.roa
Signing time: Wed 11 Jan 2023 08:47:39 +0000
ROA not before: Wed 11 Jan 2023 08:47:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395800
IP address blocks: 185.244.50.0/24 maxlen: 24
193.39.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:03:74:66:6f:22:60:50:29:ed:e9:7d:ca:f5:98:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Jan 11 08:47:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76316e25a624e76513d89a21d591e993a3fb6f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e0:ff:ac:69:42:4e:f7:58:7e:26:69:a0:fb:
3e:08:55:fb:37:6d:7d:2b:98:22:4e:e6:e5:12:0e:
fa:51:7f:f9:11:bd:5c:0a:86:06:63:d1:28:fe:9f:
84:7c:75:29:00:da:85:1b:cc:f0:53:a2:09:ff:37:
3c:8d:0e:ad:20:e2:e0:d3:88:3c:07:b6:8e:80:0c:
37:73:5b:64:8f:00:ba:85:0c:9b:87:55:cb:5f:55:
e4:68:ed:58:5f:01:20:fd:82:e0:cf:59:5f:74:58:
42:aa:7b:35:b8:2e:b7:ea:fc:2b:c9:e0:a9:13:b7:
da:c3:56:d1:a8:73:bb:8a:23:01:75:24:2c:3c:d3:
37:c2:1a:8c:b0:c1:7c:c7:b2:08:82:f3:4c:85:6d:
47:ae:f3:e6:5a:69:6d:36:5e:4f:90:00:c0:8f:b3:
2a:a6:5d:a9:6b:11:2c:b8:0b:93:db:7f:ff:80:8f:
c1:40:9a:c9:5e:97:4e:44:e9:ff:91:d7:44:67:a2:
66:12:c7:67:c4:f7:2b:4e:d5:ae:06:28:6d:d3:f5:
cc:65:27:04:ca:02:e1:de:4a:bd:4d:af:a0:0f:62:
7d:0e:75:63:01:d5:d3:97:18:1a:20:ae:95:78:80:
12:95:af:b8:23:ce:21:dc:26:a0:38:73:90:5a:bc:
6d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:31:6E:25:A6:24:E7:65:13:D8:9A:21:D5:91:E9:93:A3:FB:6F:05
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/djFuJaYk52UT2Joh1ZHpk6P7bwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.50.0/24
193.39.170.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:07:38:d7:6e:6f:b1:a4:8f:42:64:53:80:04:f7:fe:71:c4:
10:d1:1e:95:15:17:d0:64:9a:ce:ad:3c:4e:62:f0:01:96:d4:
38:3d:6b:1d:29:ef:a5:7a:b3:c7:1a:7f:cd:f1:38:6f:d3:f0:
c8:ea:63:12:e6:c6:72:c5:83:0d:8a:cd:33:e2:3b:90:d3:a7:
8d:31:7c:a9:78:1e:d8:61:21:f2:a3:2b:92:71:53:f9:a1:0b:
b2:6d:33:a5:c2:68:8c:8b:3e:89:92:0f:b5:cf:cd:24:73:96:
0f:c2:b7:ba:7a:e8:47:1a:64:43:b2:4c:5b:15:af:ad:e2:93:
a2:04:73:0c:34:e2:0f:4f:55:47:f0:48:53:c5:35:82:29:a0:
82:ec:2f:1d:a6:55:b5:a5:8b:af:8d:20:d3:79:f4:bc:6d:27:
13:f8:51:cd:3d:d0:8f:33:1b:58:e1:66:1f:c3:26:9c:4f:f0:
48:95:91:d8:3f:78:cf:d8:51:4e:3b:e1:7b:cd:02:17:5f:b7:
2a:db:75:d0:13:d9:3c:66:c5:12:2f:60:39:4c:e6:d5:c6:1e:
e8:78:43:7e:7b:11:fb:f8:e6:7d:76:9b:df:b4:e6:76:5f:8b:
2d:7f:e1:cf:c1:e4:c7:6b:20:45:04:6a:e9:73:42:2d:9b:db:
6b:ae:6c:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWgA3RmbyJgUCnt6X3K9Zh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMTExMDg0NzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjMxNmUyNWE2MjRlNzY1MTNkODlhMjFkNTkxZTk5M2EzZmI2ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieD/rGlCTvdYfiZpoPs+CFX7N219
K5giTublEg76UX/5Eb1cCoYGY9Eo/p+EfHUpANqFG8zwU6IJ/zc8jQ6tIOLg04g8
B7aOgAw3c1tkjwC6hQybh1XLX1XkaO1YXwEg/YLgz1lfdFhCqns1uC636vwryeCp
E7faw1bRqHO7iiMBdSQsPNM3whqMsMF8x7IIgvNMhW1HrvPmWmltNl5PkADAj7Mq
pl2paxEsuAuT23//gI/BQJrJXpdOROn/kddEZ6JmEsdnxPcrTtWuBiht0/XMZScE
ygLh3kq9Ta+gD2J9DnVjAdXTlxgaIK6VeIASla+4I84h3CagOHOQWrxtTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHYxbiWmJOdlE9iaIdWR6ZOj+28FMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvZGpGdUphWWs1MlVUMkpvaDFaSHBrNlA3YndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufQyAwQA
wSeqMA0GCSqGSIb3DQEBCwUAA4IBAQAtBzjXbm+xpI9CZFOABPf+ccQQ0R6VFRfQ
ZJrOrTxOYvABltQ4PWsdKe+lerPHGn/N8Thv0/DI6mMS5sZyxYMNis0z4juQ06eN
MXypeB7YYSHyoyuScVP5oQuybTOlwmiMiz6Jkg+1z80kc5YPwre6euhHGmRDskxb
Fa+t4pOiBHMMNOIPT1VH8EhTxTWCKaCC7C8dplW1pYuvjSDTefS8bScT+FHNPdCP
MxtY4WYfwyacT/BIlZHYP3jP2FFOO+F7zQIXX7cq23XQE9k8ZsUSL2A5TObVxh7o
eEN+exH7+OZ9dpvftOZ2X4stf+HPweTHayBFBGrpc0Itm9trrmxC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org