Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/L0Chw9A3ugcmdse_-fb6Quq_moU.roa
File: L0Chw9A3ugcmdse_-fb6Quq_moU.roa (raw, json)
Hash identifier: lkH6hfbXIGzhAMuA+0Pl1Wdggv0c7UZbXTauuxa0Zog=
Subject key identifier: 2F:40:A1:C3:D0:37:BA:07:26:76:C7:BF:F9:F6:FA:42:EA:BF:9A:85
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 018571D79609EF86F24FB55D7E815A8CBA89
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/L0Chw9A3ugcmdse_-fb6Quq_moU.roa
Signing time: Mon 02 Jan 2023 09:37:12 +0000
ROA not before: Mon 02 Jan 2023 09:37:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205185
IP address blocks: 185.152.84.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:96:09:ef:86:f2:4f:b5:5d:7e:81:5a:8c:ba:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jan 2 09:37:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f40a1c3d037ba072676c7bff9f6fa42eabf9a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:74:96:66:34:b8:f5:9e:e8:66:33:89:74:
34:d8:63:0c:20:a9:64:d7:81:c5:c8:ec:2e:98:bd:
78:79:27:9f:a8:54:da:8e:fd:e9:9c:bd:43:56:27:
29:72:46:7c:88:8e:47:b2:52:ce:ec:de:42:b5:e9:
88:ab:96:f0:74:b9:3d:da:93:55:c2:27:2d:50:e7:
d5:99:73:f2:f6:36:8b:f3:67:8b:76:22:89:40:cd:
cf:12:8a:9e:1e:a6:5e:d0:15:d7:aa:7f:33:db:b4:
66:44:a7:83:9a:3e:9d:a2:98:7f:7d:60:9e:a8:cc:
2e:0d:94:ae:0e:d6:81:1f:03:d4:e2:4c:2b:b5:eb:
d4:5c:22:54:b3:6e:a6:98:71:9a:bf:83:34:43:ef:
d9:57:4d:33:78:01:99:33:2a:fc:be:08:1c:95:51:
83:91:d4:3d:9e:cf:1f:aa:30:49:74:c2:24:23:2e:
0e:04:89:7d:3b:fe:8c:98:95:8c:e8:33:83:95:9b:
5e:a2:d1:1d:c7:d6:40:a6:e7:41:5f:8c:c0:b9:5c:
9e:19:d4:62:94:d6:d7:82:50:8d:90:f9:8c:d6:54:
e2:fa:e5:46:53:5b:fc:86:30:ca:f6:3c:21:07:f5:
38:31:09:37:95:62:81:32:90:a9:c3:56:2a:41:66:
bc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:40:A1:C3:D0:37:BA:07:26:76:C7:BF:F9:F6:FA:42:EA:BF:9A:85
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/L0Chw9A3ugcmdse_-fb6Quq_moU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.84.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:06:92:98:e1:eb:2a:50:26:03:85:d9:05:40:63:a2:ba:28:
c8:09:4c:f8:12:54:43:ba:45:29:aa:76:f7:07:3e:db:10:b6:
b5:e6:bc:fa:bf:34:27:41:6a:32:87:77:cc:a3:07:fe:4a:d7:
ae:78:17:0a:d1:e6:3b:8c:e3:20:34:7e:9d:cc:91:b4:3d:03:
7b:5b:d1:f0:c7:17:c2:5d:cf:c7:e0:91:d1:59:60:22:3c:90:
3e:4a:12:22:0b:ac:0d:a2:60:f6:00:37:6a:cc:40:11:82:50:
b4:8b:f7:9f:f6:44:2f:14:7e:5f:9d:ed:0f:80:45:f4:97:2d:
df:b2:53:c3:18:4a:7a:b2:f0:79:2e:82:90:96:c4:2c:cc:36:
a2:7e:c6:98:f1:e2:4c:a3:6c:eb:24:89:8c:69:84:d8:31:18:
15:16:06:07:f4:01:5a:5a:b6:79:31:eb:ac:a8:06:b3:d0:a6:
6c:39:c8:70:2f:5b:c3:74:e8:25:df:53:ff:74:52:c4:08:28:
2f:12:28:b8:0f:3c:8f:52:7c:65:f6:12:a4:48:31:b7:4b:fb:
2b:91:69:36:fd:bd:d1:44:14:00:0b:5e:28:b6:1d:62:84:d9:
17:65:e8:7e:0e:84:30:b2:f0:13:bd:34:38:70:85:5a:13:1c:
2a:38:9f:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx15YJ74byT7VdfoFajLqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjMwMTAyMDkzNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjQwYTFjM2QwMzdiYTA3MjY3NmM3YmZmOWY2ZmE0MmVhYmY5YTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApER0lmY0uPWe6GYziXQ02GMMIKlk
14HFyOwumL14eSefqFTajv3pnL1DVicpckZ8iI5HslLO7N5CtemIq5bwdLk92pNV
wictUOfVmXPy9jaL82eLdiKJQM3PEoqeHqZe0BXXqn8z27RmRKeDmj6doph/fWCe
qMwuDZSuDtaBHwPU4kwrtevUXCJUs26mmHGav4M0Q+/ZV00zeAGZMyr8vggclVGD
kdQ9ns8fqjBJdMIkIy4OBIl9O/6MmJWM6DODlZteotEdx9ZApudBX4zAuVyeGdRi
lNbXglCNkPmM1lTi+uVGU1v8hjDK9jwhB/U4MQk3lWKBMpCpw1YqQWa8swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9AocPQN7oHJnbHv/n2+kLqv5qFMB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvTDBDaHc5QTN1Z2NtZHNlXy1mYjZRdXFfbW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZhUMA0G
CSqGSIb3DQEBCwUAA4IBAQBbBpKY4esqUCYDhdkFQGOiuijICUz4ElRDukUpqnb3
Bz7bELa15rz6vzQnQWoyh3fMowf+SteueBcK0eY7jOMgNH6dzJG0PQN7W9HwxxfC
Xc/H4JHRWWAiPJA+ShIiC6wNomD2ADdqzEARglC0i/ef9kQvFH5fne0PgEX0ly3f
slPDGEp6svB5LoKQlsQszDaifsaY8eJMo2zrJImMaYTYMRgVFgYH9AFaWrZ5Meus
qAaz0KZsOchwL1vDdOgl31P/dFLECCgvEii4DzyPUnxl9hKkSDG3S/srkWk2/b3R
RBQAC14oth1ihNkXZeh+DoQwsvATvTQ4cIVaExwqOJ8j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:34 2024 by rpki-client on console-ams.rpki-client.org