Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/4Z-r7-zvDDIigtwf_rvoiN4pJDU.roa
File: 4Z-r7-zvDDIigtwf_rvoiN4pJDU.roa (raw, json)
Hash identifier: C37eXlTkNk2RSGQ5eSYU9ISI3xnYO5uX/Y09sTAN4lo=
Subject key identifier: E1:9F:AB:EF:EC:EF:0C:32:22:82:DC:1F:FE:BB:E8:88:DE:29:24:35
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 01856FCB8CB12B52229EF1F1421DF6F9CD75
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/4Z-r7-zvDDIigtwf_rvoiN4pJDU.roa
Signing time: Mon 02 Jan 2023 00:04:48 +0000
ROA not before: Mon 02 Jan 2023 00:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212988
IP address blocks: 185.230.144.0/24 maxlen: 24
185.230.145.0/24 maxlen: 24
185.230.146.0/23 maxlen: 23
185.232.133.0/24 maxlen: 24
185.232.134.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:8c:b1:2b:52:22:9e:f1:f1:42:1d:f6:f9:cd:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jan 2 00:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e19fabefecef0c322282dc1ffebbe888de292435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a9:4e:b5:fa:da:08:89:81:43:45:f4:1e:76:
d3:65:ff:5c:65:63:6e:e4:81:be:9a:74:ff:ef:58:
c3:89:8b:78:ca:77:1e:33:96:f0:ef:fd:6d:cc:ea:
31:7c:78:f9:81:69:a2:fe:d6:f7:4f:80:c4:51:86:
f0:2a:ce:87:7a:36:05:78:52:b6:37:c6:1e:5d:9c:
c0:d5:53:1d:f2:91:bd:ac:cc:7b:64:d7:49:a0:74:
3e:12:4a:b5:36:e1:cd:cd:07:b0:43:b1:23:42:0c:
f8:16:14:4f:55:82:9c:78:21:44:52:0e:50:54:be:
f8:99:0a:8e:40:ac:9e:05:8a:ba:3b:a7:1e:b6:c0:
97:e8:67:5b:00:85:ff:44:c7:d1:94:ed:8f:d3:18:
ec:f7:3b:0b:52:2d:14:75:78:a7:c0:33:3d:cc:a9:
b6:9b:fd:76:15:18:96:7b:92:2f:27:bd:f5:f4:f3:
3b:d8:31:4d:31:8d:bd:02:21:ea:6d:ed:b0:95:39:
fa:bc:d8:1b:bd:74:c7:92:1e:94:3e:73:d6:b9:fd:
9a:3b:cf:12:32:7e:fb:34:a5:e4:33:2f:13:13:99:
89:78:ea:0d:ee:52:69:dc:51:e8:b6:ee:96:8d:b1:
f0:99:6b:1d:52:d5:60:1c:f5:3d:48:4e:50:d1:77:
28:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9F:AB:EF:EC:EF:0C:32:22:82:DC:1F:FE:BB:E8:88:DE:29:24:35
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/4Z-r7-zvDDIigtwf_rvoiN4pJDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.144.0/22
185.232.133.0-185.232.134.255
Signature Algorithm: sha256WithRSAEncryption
58:2d:4f:b1:16:4a:7d:47:e2:38:08:12:cd:dd:e1:b5:1f:07:
63:5f:e6:ea:7d:72:69:22:43:ee:b5:f8:95:a8:53:8e:da:32:
8f:c5:c9:2a:96:13:d7:37:8a:d1:ac:ff:4c:3f:f6:18:71:b1:
65:d9:aa:1b:21:10:82:37:fa:6f:19:ca:dc:16:65:ad:4a:39:
6c:a6:3e:6c:61:d0:85:60:0f:03:16:fe:81:1f:35:0d:97:5d:
93:51:f0:6a:36:ce:b2:19:75:93:d0:55:38:fc:14:3a:8d:32:
d9:98:77:ec:3e:f3:60:14:97:eb:84:dc:1f:b9:22:ab:f7:ea:
37:ce:40:ad:19:32:7c:05:16:55:86:e3:b3:4e:a7:3b:93:bb:
20:14:0d:2e:65:06:42:68:41:b7:04:d0:ab:7e:5c:8f:53:d9:
35:5c:88:04:0f:48:7f:21:99:58:3c:05:76:7c:89:27:53:67:
7a:d1:a3:aa:66:46:b5:08:98:4f:2d:ce:39:05:e2:fe:04:bd:
fc:e6:86:31:a6:4a:46:e0:a8:58:35:06:08:7e:8e:fb:87:72:
d4:1b:81:66:48:e1:6d:a6:6a:59:c8:be:97:70:20:0c:f5:fd:
cb:52:dc:88:d8:6b:66:40:82:94:cd:d1:0a:f0:1d:b8:12:db:
98:9b:39:1e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvy4yxK1IinvHxQh32+c11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwMTAyMDAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTlmYWJlZmVjZWYwYzMyMjI4MmRjMWZmZWJiZTg4OGRlMjkyNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxalOtfraCImBQ0X0HnbTZf9cZWNu
5IG+mnT/71jDiYt4ynceM5bw7/1tzOoxfHj5gWmi/tb3T4DEUYbwKs6HejYFeFK2
N8YeXZzA1VMd8pG9rMx7ZNdJoHQ+Ekq1NuHNzQewQ7EjQgz4FhRPVYKceCFEUg5Q
VL74mQqOQKyeBYq6O6cetsCX6GdbAIX/RMfRlO2P0xjs9zsLUi0UdXinwDM9zKm2
m/12FRiWe5IvJ7319PM72DFNMY29AiHqbe2wlTn6vNgbvXTHkh6UPnPWuf2aO88S
Mn77NKXkMy8TE5mJeOoN7lJp3FHotu6WjbHwmWsdUtVgHPU9SE5Q0XcoNQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOGfq+/s7wwyIoLcH/676IjeKSQ1MB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvNFotcjctenZERElpZ3R3Zl9ydm9pTjRwSkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCueaQMAwD
BAC56IUDBAC56IYwDQYJKoZIhvcNAQELBQADggEBAFgtT7EWSn1H4jgIEs3d4bUf
B2Nf5up9cmkiQ+61+JWoU47aMo/FySqWE9c3itGs/0w/9hhxsWXZqhshEII3+m8Z
ytwWZa1KOWymPmxh0IVgDwMW/oEfNQ2XXZNR8Go2zrIZdZPQVTj8FDqNMtmYd+w+
82AUl+uE3B+5Iqv36jfOQK0ZMnwFFlWG47NOpzuTuyAUDS5lBkJoQbcE0Kt+XI9T
2TVciAQPSH8hmVg8BXZ8iSdTZ3rRo6pmRrUImE8tzjkF4v4EvfzmhjGmSkbgqFg1
Bgh+jvuHctQbgWZI4W2malnIvpdwIAz1/ctS3IjYa2ZAgpTN0QrwHbgS25ibOR4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org