Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/jABMuAL-4osZMMvzDMtjZl05WuU.roa
File: jABMuAL-4osZMMvzDMtjZl05WuU.roa (raw, json)
Hash identifier: NwggJAaUOT2Q1IZRu93QsYxpWe+5edR4lSm13CnVzjY=
Subject key identifier: 8C:00:4C:B8:02:FE:E2:8B:19:30:CB:F3:0C:CB:63:66:5D:39:5A:E5
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018572E833CE2C899B2C08EF90E0EF566AB0
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/jABMuAL-4osZMMvzDMtjZl05WuU.roa
Signing time: Mon 02 Jan 2023 14:34:58 +0000
ROA not before: Mon 02 Jan 2023 14:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 185.244.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:33:ce:2c:89:9b:2c:08:ef:90:e0:ef:56:6a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Jan 2 14:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c004cb802fee28b1930cbf30ccb63665d395ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:42:55:d6:5a:30:16:1b:54:a2:38:d5:f7:96:
c4:75:2b:6d:49:78:fc:8b:cb:7d:64:88:8c:10:22:
51:99:5e:ef:99:6e:d3:12:56:4d:90:3f:d2:fb:48:
ca:b4:32:44:cd:10:23:32:4c:ad:de:af:70:93:bf:
00:d5:84:40:c7:65:5f:a2:69:8f:6a:2e:a4:05:80:
56:b5:8a:31:a0:84:f7:98:1e:17:5d:17:a6:10:2a:
6b:d5:9f:a0:50:1b:03:7c:0c:68:af:de:28:a6:93:
d9:12:58:2a:9e:ef:2e:c7:ad:56:5c:76:7e:99:2f:
42:b9:a3:fb:c6:05:44:f9:aa:76:4f:3b:a4:a9:a1:
43:4a:3c:31:f1:07:df:78:20:95:da:63:4a:a4:ab:
8a:f4:ae:de:51:3a:65:ab:f6:66:e6:63:7f:f9:85:
ee:1b:a6:26:b1:6c:4b:ff:85:7b:cd:dc:5a:1b:96:
da:1b:e8:49:18:ec:28:81:dd:ed:5d:30:4e:28:81:
0c:f9:d5:22:16:aa:e8:4e:a7:91:74:88:d0:42:a1:
57:f5:53:95:d5:c5:b0:8c:98:70:b6:99:25:56:5d:
41:b4:08:4f:a8:05:51:0c:e7:49:05:32:1c:35:fb:
ae:ab:05:87:03:a8:39:b9:9f:3b:9d:35:9b:fb:68:
a7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:00:4C:B8:02:FE:E2:8B:19:30:CB:F3:0C:CB:63:66:5D:39:5A:E5
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/jABMuAL-4osZMMvzDMtjZl05WuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.49.0/24
Signature Algorithm: sha256WithRSAEncryption
99:c3:4b:14:ad:47:2d:78:2c:45:f6:9f:f0:77:c0:c3:ea:d3:
a7:96:b5:88:8d:5b:ea:03:34:79:43:38:17:f9:c0:4d:2d:0a:
f6:91:9c:92:a4:6a:21:2c:27:5c:35:18:69:74:28:2d:1a:e4:
57:70:db:7e:e1:47:89:cd:70:c3:9a:b4:b3:1f:51:04:33:42:
65:57:dc:0a:9b:da:7a:46:93:98:10:d9:55:ec:49:1a:c6:05:
22:95:1d:c3:67:da:77:6d:c7:fd:1c:8f:48:cc:9a:a1:15:7d:
0f:2e:60:97:22:2c:28:ad:9d:01:51:63:03:d4:8a:ea:d6:b2:
86:c4:f6:46:92:f6:52:20:d9:c0:78:91:a8:8c:8e:ef:e2:4d:
50:9a:ce:5a:ab:3c:2c:4f:df:5e:d6:b4:6e:8f:66:3f:82:46:
1b:c3:57:8c:a6:af:7e:f7:11:6a:42:f8:30:d6:0a:77:d6:6a:
38:e3:9a:6b:4f:ab:00:54:20:21:99:b3:ed:2a:d9:8b:45:b4:
9a:d2:8b:60:68:e7:67:0d:f2:6e:0a:6f:93:0e:fc:06:13:0f:
89:27:9c:ab:32:57:77:7a:f3:dc:ae:50:42:2e:76:67:12:e5:
54:dd:0a:35:4d:3b:06:89:01:20:a1:56:9a:65:71:b5:c0:3f:
0e:2b:96:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy6DPOLImbLAjvkODvVmqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMTAyMTQzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzAwNGNiODAyZmVlMjhiMTkzMGNiZjMwY2NiNjM2NjVkMzk1YWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkJV1lowFhtUojjV95bEdSttSXj8
i8t9ZIiMECJRmV7vmW7TElZNkD/S+0jKtDJEzRAjMkyt3q9wk78A1YRAx2VfommP
ai6kBYBWtYoxoIT3mB4XXRemECpr1Z+gUBsDfAxor94oppPZElgqnu8ux61WXHZ+
mS9CuaP7xgVE+ap2TzukqaFDSjwx8QffeCCV2mNKpKuK9K7eUTplq/Zm5mN/+YXu
G6YmsWxL/4V7zdxaG5baG+hJGOwogd3tXTBOKIEM+dUiFqroTqeRdIjQQqFX9VOV
1cWwjJhwtpklVl1BtAhPqAVRDOdJBTIcNfuuqwWHA6g5uZ87nTWb+2inHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwATLgC/uKLGTDL8wzLY2ZdOVrlMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvakFCTXVBTC00b3NaTU12ekRNdGpabDA1V3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufQxMA0G
CSqGSIb3DQEBCwUAA4IBAQCZw0sUrUcteCxF9p/wd8DD6tOnlrWIjVvqAzR5QzgX
+cBNLQr2kZySpGohLCdcNRhpdCgtGuRXcNt+4UeJzXDDmrSzH1EEM0JlV9wKm9p6
RpOYENlV7EkaxgUilR3DZ9p3bcf9HI9IzJqhFX0PLmCXIiworZ0BUWMD1Irq1rKG
xPZGkvZSINnAeJGojI7v4k1Qms5aqzwsT99e1rRuj2Y/gkYbw1eMpq9+9xFqQvgw
1gp31mo445prT6sAVCAhmbPtKtmLRbSa0otgaOdnDfJuCm+TDvwGEw+JJ5yrMld3
evPcrlBCLnZnEuVU3Qo1TTsGiQEgoVaaZXG1wD8OK5ZX
-----END CERTIFICATE-----
Generated at Mon Oct 30 14:25:48 2023 by rpki-client on console-fra.rpki-client.org