Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/CDPX3u6amRIiDpqvtOVnIa9ZWHE.roa
File: CDPX3u6amRIiDpqvtOVnIa9ZWHE.roa (raw, json)
Hash identifier: RE5xmYX/rb5w+NfBJMHxJIfOhie8tWwsujcUJ+8jzFE=
Subject key identifier: 08:33:D7:DE:EE:9A:99:12:22:0E:9A:AF:B4:E5:67:21:AF:59:58:71
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0A2CAEA3
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/CDPX3u6amRIiDpqvtOVnIa9ZWHE.roa
Signing time: Tue 18 Jan 2022 18:10:57 +0000
ROA not before: Tue 18 Jan 2022 18:10:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212988
IP address blocks: 185.230.144.0/24 maxlen: 24
185.230.145.0/24 maxlen: 24
185.230.146.0/23 maxlen: 23
185.232.134.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170700451 (0xa2caea3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jan 18 18:10:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0833d7deee9a9912220e9aafb4e56721af595871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:94:c9:e6:04:59:94:74:4e:15:b3:a1:f9:33:
28:20:38:50:b6:13:41:0b:a1:56:c7:3c:0a:5d:d4:
a5:d6:e7:b4:1f:1b:d8:05:88:6b:9c:7a:8d:ac:c5:
97:32:46:65:8d:78:4f:00:fa:c9:ff:0d:2f:2e:17:
cd:8e:96:21:ec:6d:17:44:8c:1b:b8:11:7a:3d:03:
05:d5:cd:f1:ba:00:15:06:6b:80:d1:39:00:56:d1:
54:1f:a6:9e:30:d5:1c:ac:36:eb:71:ba:25:4a:ea:
c0:1e:f8:ba:33:e6:4a:a0:b6:a9:56:b0:eb:db:eb:
d4:37:1f:f1:90:50:f6:8b:9a:e2:20:f4:b8:b5:cd:
84:16:80:92:37:f8:20:e3:20:13:32:47:b6:70:cf:
8e:ee:e7:81:77:b4:16:bb:ef:a8:70:ec:67:1f:e9:
f6:8d:90:c6:9f:25:66:73:d4:ec:45:e1:02:e7:b6:
85:2a:cc:d5:ce:0e:6a:e0:4c:0b:9f:88:78:82:b4:
14:3b:19:4d:b1:33:75:d6:09:b7:fa:f6:74:2e:34:
61:b2:64:f4:b1:10:86:6a:c8:96:4e:62:98:e2:89:
d8:30:86:56:fe:fa:80:54:1f:e3:32:d7:bb:26:ba:
d4:f9:f6:e9:da:60:1c:91:3f:d0:0a:60:34:70:f1:
de:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:33:D7:DE:EE:9A:99:12:22:0E:9A:AF:B4:E5:67:21:AF:59:58:71
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/CDPX3u6amRIiDpqvtOVnIa9ZWHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.144.0/22
185.232.134.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:0b:7b:d2:ca:f0:44:ed:98:cd:01:78:e8:aa:e6:49:1c:d4:
d6:dd:1e:da:9c:2e:11:b7:bf:e9:21:c1:db:ff:3b:af:e5:24:
82:6b:e7:53:b8:f4:08:59:25:fb:c7:5c:4b:11:f9:f6:be:2e:
44:7d:70:ed:4d:34:d9:05:67:5a:c9:23:3c:17:7f:9a:39:58:
8b:78:f2:b8:2e:ef:fc:21:f8:61:6e:d5:e8:37:24:3e:c0:65:
03:5b:f3:39:06:8c:89:90:ac:15:5c:27:cb:d6:d4:94:31:d1:
84:08:44:d0:58:8d:8e:aa:07:37:81:d8:54:cd:e2:20:c2:ba:
c1:00:40:d1:cb:d7:d8:d3:aa:94:ed:d7:f4:25:a0:98:ae:dc:
ab:d0:00:21:90:38:fd:f7:d4:61:2e:dc:d5:46:1c:ec:7a:13:
76:76:17:35:06:b8:47:64:7c:c2:9e:fa:87:6e:b6:c5:14:a8:
c3:7b:0a:79:e9:1b:c0:22:cb:a5:37:ba:2d:80:6f:d8:f2:61:
1e:6f:9d:de:61:ce:4c:84:fb:a8:e6:01:57:b0:ae:87:6f:1a:
63:5f:66:3e:07:67:52:3c:c4:23:eb:40:8b:e9:db:43:e8:13:
95:3d:6a:8f:9f:82:c9:f1:e5:31:7d:9f:f6:72:8e:9e:8b:29:
81:f4:9a:b6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECiyuozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODQ5MjA0Y2E0ZjBlYjRlNTZlMDhlMDk5ZmUzNzg1Y2UwNmZmZWFhMB4XDTIyMDEx
ODE4MTA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgzM2Q3ZGVlZTlh
OTkxMjIyMGU5YWFmYjRlNTY3MjFhZjU5NTg3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWUyeYEWZR0ThWzofkzKCA4ULYTQQuhVsc8Cl3UpdbntB8b
2AWIa5x6jazFlzJGZY14TwD6yf8NLy4XzY6WIextF0SMG7gRej0DBdXN8boAFQZr
gNE5AFbRVB+mnjDVHKw263G6JUrqwB74ujPmSqC2qVaw69vr1Dcf8ZBQ9oua4iD0
uLXNhBaAkjf4IOMgEzJHtnDPju7ngXe0FrvvqHDsZx/p9o2Qxp8lZnPU7EXhAue2
hSrM1c4OauBMC5+IeIK0FDsZTbEzddYJt/r2dC40YbJk9LEQhmrIlk5imOKJ2DCG
Vv76gFQf4zLXuya61Pn26dpgHJE/0ApgNHDx3qUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQIM9fe7pqZEiIOmq+05Wchr1lYcTAfBgNVHSMEGDAWgBSoSSBMpPDrTlbg
jgmf43hc4G/+qjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FFa2dUS1R3NjA1VzRJNEpuLU40WE9Cdl9xby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvNDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8x
L0NEUFgzdTZhbVJJaURwcXZ0T1ZuSWE5WldIRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
NDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8xL3FFa2dUS1R3NjA1
VzRJNEpuLU40WE9Cdl9xby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArnmkAMEALnohjANBgkqhkiG9w0B
AQsFAAOCAQEAXgt70srwRO2YzQF46KrmSRzU1t0e2pwuEbe/6SHB2/87r+Ukgmvn
U7j0CFkl+8dcSxH59r4uRH1w7U002QVnWskjPBd/mjlYi3jyuC7v/CH4YW7V6Dck
PsBlA1vzOQaMiZCsFVwny9bUlDHRhAhE0FiNjqoHN4HYVM3iIMK6wQBA0cvX2NOq
lO3X9CWgmK7cq9AAIZA4/ffUYS7c1UYc7HoTdnYXNQa4R2R8wp76h262xRSow3sK
eekbwCLLpTe6LYBv2PJhHm+d3mHOTIT7qOYBV7Cuh28aY19mPgdnUjzEI+tAi+nb
Q+gTlT1qj5+CyfHlMX2f9nKOnospgfSatg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org