Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ewKvm7suo6OGO4SwXzm1lICasQg.roa
File: ewKvm7suo6OGO4SwXzm1lICasQg.roa (raw, json)
Hash identifier: 9HSvP9XgcIcZ3DoC5AbwdLXPUbDla+f6AMSFxpbrnAE=
Subject key identifier: 7B:02:AF:9B:BB:2E:A3:A3:86:3B:84:B0:5F:39:B5:94:80:9A:B1:08
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018481E8E9EBF43331033562F7F6239C7946
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ewKvm7suo6OGO4SwXzm1lICasQg.roa
Signing time: Wed 16 Nov 2022 19:27:15 +0000
ROA not before: Wed 16 Nov 2022 19:27:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 185.244.51.0/24 maxlen: 24
185.239.48.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:81:e8:e9:eb:f4:33:31:03:35:62:f7:f6:23:9c:79:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Nov 16 19:27:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b02af9bbb2ea3a3863b84b05f39b594809ab108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fc:2f:86:18:1c:85:58:ba:ff:67:dd:ec:f8:
88:ac:6c:7d:15:2b:7d:be:d4:a4:90:ad:b7:27:46:
10:51:8f:83:91:ff:7a:2c:28:81:08:ba:32:ed:9a:
0b:12:b8:f7:b9:66:e8:b6:60:6f:68:0e:4c:e1:f1:
79:de:14:4d:c4:ef:04:67:ca:2a:de:78:0b:dc:c0:
43:4a:f7:17:f0:cd:8f:01:a9:44:4a:c4:16:53:0e:
e4:e3:65:d6:e5:99:6e:c9:c9:a1:fb:73:7e:05:d4:
6c:c6:07:80:4e:a9:0f:25:14:03:71:19:65:aa:ca:
28:37:84:78:62:86:25:1f:ed:f6:2b:5e:61:e8:7b:
36:63:81:6d:ee:1c:3e:34:70:57:77:1b:6b:f8:42:
ce:38:45:48:af:48:28:c2:da:b6:1c:c3:6f:8a:5b:
46:16:c7:16:fb:63:aa:3a:96:5e:99:cf:d2:27:2c:
93:06:71:44:69:b3:ce:bd:46:42:5f:e0:e0:d8:d7:
46:fe:08:4b:07:be:93:5e:77:62:d3:8b:66:f7:45:
a6:97:1b:2d:30:e8:bd:25:51:b7:11:32:7b:d8:bd:
51:08:c1:13:c9:29:d2:fb:15:a2:c2:dd:0a:69:5e:
06:b8:73:04:db:0f:4a:68:28:99:83:5c:ee:ce:a4:
72:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:02:AF:9B:BB:2E:A3:A3:86:3B:84:B0:5F:39:B5:94:80:9A:B1:08
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ewKvm7suo6OGO4SwXzm1lICasQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.48.0/24
185.244.51.0/24
Signature Algorithm: sha256WithRSAEncryption
32:1e:8f:b0:c2:f8:83:c1:16:01:cb:aa:e1:a3:49:ce:15:67:
a6:ea:24:f8:91:ed:86:5b:c5:8c:1a:bd:8c:17:6d:9f:fc:b4:
c3:01:dc:95:10:f9:22:54:46:d3:f3:e6:4d:26:f4:7a:94:39:
9d:d6:2f:a4:18:55:d1:d0:4e:7c:d3:d9:35:4d:80:49:d2:d0:
1c:55:23:5d:a1:74:d4:81:a2:0d:dc:59:be:df:bc:79:30:18:
f7:21:39:f0:db:c3:82:10:db:a0:52:3d:99:d5:d8:20:c1:cd:
da:f4:21:ef:fd:ac:22:a2:19:51:b3:5b:fc:2a:86:7c:c0:a9:
43:85:80:c1:ba:2d:1b:b2:01:27:b5:d0:2f:79:2e:70:8c:96:
f1:a3:c3:d8:cf:ce:4b:aa:80:f1:9b:1c:cf:33:8e:b6:ae:eb:
8c:55:3f:6c:3f:61:73:af:07:d7:0e:53:bb:25:70:6c:06:e9:
26:65:ea:fb:bb:e2:94:c2:e0:74:9c:4c:2c:d7:1f:94:a5:c3:
58:54:ef:ef:43:8b:e3:c0:44:c7:6a:8d:ae:d2:3a:cd:b2:6b:
3f:84:d8:ff:cf:65:94:fd:b7:14:ad:33:da:78:9c:00:57:33:
25:c0:2f:f8:9b:b9:09:3b:d8:53:3c:cc:a4:3b:43:22:63:3f:
23:38:61:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSB6Onr9DMxAzVi9/YjnHlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjIxMTE2MTkyNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjAyYWY5YmJiMmVhM2EzODYzYjg0YjA1ZjM5YjU5NDgwOWFiMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/wvhhgchVi6/2fd7PiIrGx9FSt9
vtSkkK23J0YQUY+Dkf96LCiBCLoy7ZoLErj3uWbotmBvaA5M4fF53hRNxO8EZ8oq
3ngL3MBDSvcX8M2PAalESsQWUw7k42XW5Zluycmh+3N+BdRsxgeATqkPJRQDcRll
qsooN4R4YoYlH+32K15h6Hs2Y4Ft7hw+NHBXdxtr+ELOOEVIr0gowtq2HMNviltG
FscW+2OqOpZemc/SJyyTBnFEabPOvUZCX+Dg2NdG/ghLB76TXndi04tm90Wmlxst
MOi9JVG3ETJ72L1RCMETySnS+xWiwt0KaV4GuHME2w9KaCiZg1zuzqRyVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHsCr5u7LqOjhjuEsF85tZSAmrEIMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvZXdLdm03c3VvNk9HTzRTd1h6bTFsSUNhc1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAue8wAwQA
ufQzMA0GCSqGSIb3DQEBCwUAA4IBAQAyHo+wwviDwRYBy6rho0nOFWem6iT4ke2G
W8WMGr2MF22f/LTDAdyVEPkiVEbT8+ZNJvR6lDmd1i+kGFXR0E5809k1TYBJ0tAc
VSNdoXTUgaIN3Fm+37x5MBj3ITnw28OCENugUj2Z1dggwc3a9CHv/awiohlRs1v8
KoZ8wKlDhYDBui0bsgEntdAveS5wjJbxo8PYz85LqoDxmxzPM462ruuMVT9sP2Fz
rwfXDlO7JXBsBukmZer7u+KUwuB0nEws1x+UpcNYVO/vQ4vjwETHao2u0jrNsms/
hNj/z2WU/bcUrTPaeJwAVzMlwC/4m7kJO9hTPMykO0MiYz8jOGHK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org