Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/R1K1tyVQiEYtGLELvA4e3eQHE7Y.roa
File: R1K1tyVQiEYtGLELvA4e3eQHE7Y.roa (raw, json)
Hash identifier: 4xOUQJT1nsD4Gh8LMzdDLJZhVFzd0rWXjoXUB5VE0DA=
Subject key identifier: 47:52:B5:B7:25:50:88:46:2D:18:B1:0B:BC:0E:1E:DD:E4:07:13:B6
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0A793D4D
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/R1K1tyVQiEYtGLELvA4e3eQHE7Y.roa
Signing time: Mon 21 Feb 2022 13:03:17 +0000
ROA not before: Mon 21 Feb 2022 13:03:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201453
IP address blocks: 185.228.118.0/24 maxlen: 24
185.228.117.0/24 maxlen: 24
185.228.116.0/22 maxlen: 22
185.228.116.0/24 maxlen: 24
185.228.119.0/24 maxlen: 24
185.226.231.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.160.231.0/24 maxlen: 24
185.160.230.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.228.0/24 maxlen: 24
185.160.228.0/22 maxlen: 22
185.232.132.0/24 maxlen: 24
185.232.132.0/22 maxlen: 22
185.232.133.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175717709 (0xa793d4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Feb 21 13:03:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4752b5b7255088462d18b10bbc0e1edde40713b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f1:3b:62:ca:7b:be:01:3a:57:a2:3d:13:f0:
c6:b5:f4:dc:06:73:b7:ba:72:69:52:0c:e5:eb:4c:
76:7f:d3:2e:11:f8:d2:21:c3:08:c5:df:e7:ec:4b:
8b:e0:6a:61:28:e9:6a:92:27:f6:7e:14:05:27:c1:
43:86:4c:ce:b0:18:91:39:75:ec:a1:7e:a5:98:63:
91:95:11:20:8b:4c:25:73:de:d2:80:88:55:2c:43:
56:c7:1d:a7:96:5d:25:1c:a6:39:2a:7c:2e:b2:b2:
c8:7b:52:21:6c:cb:b8:85:6c:e0:33:dd:ab:d5:3c:
72:5b:a1:1a:e3:a2:57:ff:5e:c4:c6:76:2e:7c:d0:
c1:c1:25:92:0b:bd:e3:0d:64:41:d4:51:76:38:b3:
92:53:7a:20:35:7e:31:84:b1:82:30:ff:e0:ac:86:
f9:d7:3d:30:15:9f:65:19:36:46:1a:ca:fb:aa:05:
54:6d:a5:8b:f2:fd:85:f8:95:17:1b:c8:e9:c2:30:
c5:17:b9:a9:44:68:08:dd:b5:64:b8:bf:c3:eb:0a:
51:a4:6d:42:b7:80:46:50:1c:5f:1b:50:cc:1e:1d:
05:2b:73:dc:c0:29:c8:76:61:00:0f:61:68:6a:57:
9c:fb:7a:a3:08:8f:fb:9d:b6:15:64:08:29:f0:0e:
db:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:52:B5:B7:25:50:88:46:2D:18:B1:0B:BC:0E:1E:DD:E4:07:13:B6
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/R1K1tyVQiEYtGLELvA4e3eQHE7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/22
185.220.166.0/23
185.226.231.0/24
185.228.116.0/22
185.232.132.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:0e:2a:94:58:74:d5:7d:ae:84:c0:18:30:98:54:14:bc:30:
d6:65:5a:e9:df:72:9f:ea:43:3d:b3:67:79:5c:e9:84:de:3b:
ec:95:f2:18:83:ce:2b:fb:93:81:0a:80:e9:90:dc:9b:28:4a:
ec:17:7c:b5:5c:d1:3d:78:05:8c:de:19:e9:9c:08:de:38:57:
e9:90:67:d1:ba:03:b2:a7:50:cc:86:ed:3d:95:68:08:9d:de:
78:18:d0:72:8d:b2:6b:cc:7a:9a:01:51:3f:f0:9c:94:7a:3e:
6b:ed:b1:05:f8:7c:d7:bf:1e:76:71:73:6f:40:34:ed:71:3d:
5a:7b:be:cd:08:34:6f:b2:b8:bf:35:7e:a0:c2:5f:f9:07:b4:
9b:e8:3f:73:ad:74:67:82:7c:13:c2:18:28:28:22:8d:2a:7f:
eb:8d:f0:7d:57:58:61:c0:15:88:b4:1e:7e:42:77:15:dc:ac:
50:96:93:0b:80:9a:e7:6f:78:23:5d:c8:7b:86:e1:5f:5b:c4:
9f:f2:cd:b9:66:1c:e8:70:6f:78:f1:5c:7b:54:ff:9f:5c:1f:
f3:e0:0b:e7:c1:07:d2:6a:fc:0c:fc:f8:ae:35:27:72:66:e7:
33:c8:87:ac:f5:bf:eb:58:c0:84:e9:c4:4b:bb:cd:0a:47:da:
6f:33:fd:30
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECnk9TTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODQ5MjA0Y2E0ZjBlYjRlNTZlMDhlMDk5ZmUzNzg1Y2UwNmZmZWFhMB4XDTIyMDIy
MTEzMDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc1MmI1YjcyNTUw
ODg0NjJkMThiMTBiYmMwZTFlZGRlNDA3MTNiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfxO2LKe74BOleiPRPwxrX03AZzt7pyaVIM5etMdn/TLhH4
0iHDCMXf5+xLi+BqYSjpapIn9n4UBSfBQ4ZMzrAYkTl17KF+pZhjkZURIItMJXPe
0oCIVSxDVscdp5ZdJRymOSp8LrKyyHtSIWzLuIVs4DPdq9U8cluhGuOiV/9exMZ2
LnzQwcElkgu94w1kQdRRdjizklN6IDV+MYSxgjD/4KyG+dc9MBWfZRk2RhrK+6oF
VG2li/L9hfiVFxvI6cIwxRe5qURoCN21ZLi/w+sKUaRtQreARlAcXxtQzB4dBStz
3MApyHZhAA9haGpXnPt6owiP+522FWQIKfAO2x0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRHUrW3JVCIRi0YsQu8Dh7d5AcTtjAfBgNVHSMEGDAWgBSoSSBMpPDrTlbg
jgmf43hc4G/+qjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FFa2dUS1R3NjA1VzRJNEpuLU40WE9Cdl9xby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvNDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8x
L1IxSzF0eVZRaUVZdEdMRUx2QTRlM2VRSEU3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
NDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8xL3FFa2dUS1R3NjA1
VzRJNEpuLU40WE9Cdl9xby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEArmg5AMEAbncpgMEALni5wMEArnk
dAMEArnohDANBgkqhkiG9w0BAQsFAAOCAQEAHA4qlFh01X2uhMAYMJhUFLww1mVa
6d9yn+pDPbNneVzphN477JXyGIPOK/uTgQqA6ZDcmyhK7Bd8tVzRPXgFjN4Z6ZwI
3jhX6ZBn0boDsqdQzIbtPZVoCJ3eeBjQco2ya8x6mgFRP/CclHo+a+2xBfh8178e
dnFzb0A07XE9Wnu+zQg0b7K4vzV+oMJf+Qe0m+g/c610Z4J8E8IYKCgijSp/643w
fVdYYcAViLQefkJ3FdysUJaTC4Ca5294I13Ie4bhX1vEn/LNuWYc6HBvePFce1T/
n1wf8+AL58EH0mr8DPz4rjUncmbnM8iHrPW/61jAhOnES7vNCkfabzP9MA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org