Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/irqx4MvlvDNpIvuFAl6Ja70Obx8.roa
File: irqx4MvlvDNpIvuFAl6Ja70Obx8.roa (raw, json)
Hash identifier: FCYvnbCqsYdSFUSv9n5lLnoo4d7XEuvxHrklDpEryhI=
Subject key identifier: 8A:BA:B1:E0:CB:E5:BC:33:69:22:FB:85:02:5E:89:6B:BD:0E:6F:1F
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 01872D6F1CA6F7B01856F81F39D1CABA2902
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/irqx4MvlvDNpIvuFAl6Ja70Obx8.roa
Signing time: Wed 29 Mar 2023 12:54:29 +0000
ROA not before: Wed 29 Mar 2023 12:54:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30860
IP address blocks: 185.233.186.0/24 maxlen: 24
185.233.185.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:6f:1c:a6:f7:b0:18:56:f8:1f:39:d1:ca:ba:29:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Mar 29 12:54:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8abab1e0cbe5bc336922fb85025e896bbd0e6f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ec:1b:6f:6a:0d:7a:89:36:e3:70:2b:94:d2:
49:de:24:94:3b:f4:0c:e2:d6:59:6c:0b:b2:9f:c3:
14:37:b9:f7:9d:02:cc:ab:86:61:54:71:f9:cb:85:
26:12:c1:33:36:d6:78:61:9b:68:84:e8:68:ca:ec:
1c:fb:82:ca:26:09:9a:de:f2:4f:28:bb:88:71:37:
61:4f:f6:9f:95:d5:17:bf:db:e4:2f:94:58:ce:58:
29:02:46:ae:17:df:06:d3:f5:d2:00:28:65:7e:7b:
81:af:9e:35:75:2c:3e:6b:e4:f3:91:b6:90:98:e7:
02:05:12:91:97:ad:4a:7e:90:b5:ee:ca:6f:7c:4f:
8b:2a:74:43:d3:67:d3:da:3a:08:00:2e:c0:34:50:
10:16:ff:cd:cd:6e:82:65:7a:1d:9e:5e:0d:9f:3b:
56:c5:05:e0:17:c2:74:d8:68:43:74:a2:54:45:41:
16:d5:6c:9a:a7:1e:28:2e:d4:b3:15:4c:f0:7a:5b:
b0:da:d4:d7:58:d3:25:3e:e0:3c:7c:f1:00:d1:4a:
c7:d1:96:7a:32:6f:aa:c2:53:bf:c7:df:0b:0a:d8:
1a:54:17:eb:5f:6b:c7:45:65:4b:d6:3b:0c:56:4a:
62:14:ad:23:89:ae:25:5b:cb:83:b2:ed:f6:72:c5:
c8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BA:B1:E0:CB:E5:BC:33:69:22:FB:85:02:5E:89:6B:BD:0E:6F:1F
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/irqx4MvlvDNpIvuFAl6Ja70Obx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.185.0-185.233.186.255
Signature Algorithm: sha256WithRSAEncryption
0c:b3:7c:75:cc:9e:d5:4e:02:b9:19:e3:33:30:3e:30:03:2f:
79:a6:82:0d:b4:dd:03:98:db:59:ed:0e:64:15:21:65:19:0d:
6b:21:7d:ae:8c:da:63:97:af:c8:c4:0c:a4:c5:f2:e4:52:92:
5f:e7:d8:de:3a:2c:4e:13:08:27:52:a9:a8:16:0e:f9:7d:2a:
ca:7b:f2:51:ba:4d:e6:10:84:d7:bf:00:17:99:a3:e4:cd:16:
6a:c4:f0:cb:11:d6:ce:6a:1e:78:93:0d:95:83:ca:4c:dd:e1:
5b:91:65:39:ad:54:47:a6:d4:4e:be:cc:1d:5c:e4:3e:55:e3:
a6:62:f6:de:48:73:f4:43:b8:c5:f4:44:75:2b:1b:e7:ca:82:
4e:99:b3:e5:ec:0a:89:07:44:25:90:ff:b7:43:39:45:05:85:
21:5d:94:d4:28:49:7d:ac:19:25:ba:9e:57:6d:f0:2a:13:e4:
98:15:74:f8:b8:94:d7:7f:93:60:fe:54:f6:5a:99:90:fc:10:
1d:b3:eb:69:dd:7f:8f:3c:0f:a7:e2:70:7c:a6:e4:4a:a6:0f:
d1:dd:5e:3b:e3:dc:4c:58:c3:49:47:ca:42:43:f0:11:4b:94:
d7:70:49:38:48:62:95:f9:6c:46:7d:03:2b:24:7d:38:92:ab:
13:4c:89:66
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYctbxym97AYVvgfOdHKuikCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMzI5MTI1NDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWJhYjFlMGNiZTViYzMzNjkyMmZiODUwMjVlODk2YmJkMGU2ZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlewbb2oNeok243ArlNJJ3iSUO/QM
4tZZbAuyn8MUN7n3nQLMq4ZhVHH5y4UmEsEzNtZ4YZtohOhoyuwc+4LKJgma3vJP
KLuIcTdhT/afldUXv9vkL5RYzlgpAkauF98G0/XSAChlfnuBr541dSw+a+TzkbaQ
mOcCBRKRl61KfpC17spvfE+LKnRD02fT2joIAC7ANFAQFv/NzW6CZXodnl4NnztW
xQXgF8J02GhDdKJURUEW1Wyapx4oLtSzFUzweluw2tTXWNMlPuA8fPEA0UrH0ZZ6
Mm+qwlO/x98LCtgaVBfrX2vHRWVL1jsMVkpiFK0jia4lW8uDsu32csXITQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIq6seDL5bwzaSL7hQJeiWu9Dm8fMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvaXJxeDRNdmx2RE5wSXZ1RkFsNkphNzBPYng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC56bkD
BAC56bowDQYJKoZIhvcNAQELBQADggEBAAyzfHXMntVOArkZ4zMwPjADL3mmgg20
3QOY21ntDmQVIWUZDWshfa6M2mOXr8jEDKTF8uRSkl/n2N46LE4TCCdSqagWDvl9
Ksp78lG6TeYQhNe/ABeZo+TNFmrE8MsR1s5qHniTDZWDykzd4VuRZTmtVEem1E6+
zB1c5D5V46Zi9t5Ic/RDuMX0RHUrG+fKgk6Zs+XsCokHRCWQ/7dDOUUFhSFdlNQo
SX2sGSW6nldt8CoT5JgVdPi4lNd/k2D+VPZamZD8EB2z62ndf488D6ficHym5Eqm
D9HdXjvj3ExYw0lHykJD8BFLlNdwSThIYpX5bEZ9AyskfTiSqxNMiWY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org