Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/_Xn36z2fbiz6oOxGNGmez77Pb6I.roa
File: _Xn36z2fbiz6oOxGNGmez77Pb6I.roa (raw, json)
Hash identifier: P4L3BLSpeXf0cO7wvYgJh1k+WDIAKUDyzIdMzFbD3Os=
Subject key identifier: FD:79:F7:EB:3D:9F:6E:2C:FA:A0:EC:46:34:69:9E:CF:BE:CF:6F:A2
Certificate issuer: /CN=c453f5e230420bc4a70d0a61de3b47dcda1a8d0e
Certificate serial: 05493C5B
Authority key identifier: C4:53:F5:E2:30:42:0B:C4:A7:0D:0A:61:DE:3B:47:DC:DA:1A:8D:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/_Xn36z2fbiz6oOxGNGmez77Pb6I.roa
Signing time: Sat 01 Jan 2022 05:52:29 +0000
ROA not before: Sat 01 Jan 2022 05:52:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203789
IP address blocks: 185.123.216.0/23 maxlen: 24
185.123.218.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88685659 (0x5493c5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c453f5e230420bc4a70d0a61de3b47dcda1a8d0e
Validity
Not Before: Jan 1 05:52:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd79f7eb3d9f6e2cfaa0ec4634699ecfbecf6fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fc:8c:76:28:b8:c4:08:64:68:52:12:3c:78:
6e:2e:13:7a:89:59:3b:4e:2c:8d:c0:cc:d2:e1:55:
eb:13:f0:b1:b6:98:2e:20:ed:f7:19:cb:6c:29:62:
26:3f:87:a6:9e:b8:a4:77:85:c9:c7:8b:33:22:e6:
e2:00:89:6a:fd:7c:16:59:51:6b:47:fe:5d:de:d1:
a9:74:f1:8b:56:52:2e:67:69:c8:e3:76:cc:33:e9:
dc:9b:24:97:b9:c5:03:4d:27:46:70:5a:3d:98:40:
54:fa:b5:8f:d9:90:a5:8c:58:0e:7f:f4:10:87:41:
51:f0:10:5f:f3:8d:59:62:c8:d4:34:f6:98:b1:cf:
b7:a3:fb:fe:a0:f8:f0:ac:36:2a:97:28:3b:13:22:
19:32:74:d8:bf:12:96:ee:59:10:ea:10:0f:6e:0e:
1c:41:d7:f3:40:a5:b5:4b:2f:db:dc:9a:c2:9f:6b:
bc:b6:7c:a1:dd:1e:eb:22:8d:56:0b:b1:b9:26:02:
45:f0:c3:e6:fb:25:55:ef:49:de:1d:b7:1d:9c:6e:
dc:a4:b3:55:4b:41:ef:9f:3c:f2:1b:41:eb:bf:58:
06:a0:3f:25:dc:7c:4b:c3:cd:95:a1:15:3d:ab:6b:
91:fe:07:b8:e4:7b:3a:17:46:ca:cc:fd:8f:3c:1b:
f5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:79:F7:EB:3D:9F:6E:2C:FA:A0:EC:46:34:69:9E:CF:BE:CF:6F:A2
X509v3 Authority Key Identifier:
keyid:C4:53:F5:E2:30:42:0B:C4:A7:0D:0A:61:DE:3B:47:DC:DA:1A:8D:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/_Xn36z2fbiz6oOxGNGmez77Pb6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/xFP14jBCC8SnDQph3jtH3NoajQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.216.0/22
Signature Algorithm: sha256WithRSAEncryption
80:51:99:d4:70:98:9d:18:d1:8d:ec:ba:54:a2:cd:3c:b0:16:
fb:60:e2:5f:3b:e4:c9:ad:84:94:ea:3f:b4:4c:ee:9a:48:30:
36:cb:9d:6b:ea:b2:9a:28:f2:61:71:63:2a:ac:b9:f0:f1:f7:
73:15:d5:4e:17:b5:bd:0b:52:c6:b9:45:f9:7a:f2:a5:18:e9:
dc:96:6e:37:6e:eb:48:98:49:7f:da:b4:d6:ae:0b:31:c4:0a:
70:f7:49:a6:34:38:fa:28:e9:98:59:8d:c2:66:9e:76:71:fa:
9b:33:15:a6:84:ca:76:54:85:64:a9:d1:a7:4f:a0:76:77:82:
07:ff:fb:f2:cb:7a:be:62:fc:2f:2c:cd:ba:f3:83:e2:48:b5:
49:22:6d:0b:63:cf:40:d7:54:82:66:5f:d1:9a:23:5c:e9:69:
47:52:a4:30:ff:39:db:71:c5:12:c3:b1:f7:0d:73:96:8e:73:
32:07:d1:ea:30:95:96:8d:21:24:72:b4:df:c9:ef:35:a3:9e:
cf:0c:71:9b:dc:f3:26:2d:04:ab:a0:76:aa:fa:71:d9:bf:3f:
11:84:03:c9:df:f2:45:5b:50:b8:56:90:3b:a7:aa:c2:42:ec:
05:8d:50:61:8a:6e:26:76:a8:41:38:68:02:e1:fd:bf:a5:82:
7a:e2:2c:6c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBUk8WzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDUzZjVlMjMwNDIwYmM0YTcwZDBhNjFkZTNiNDdkY2RhMWE4ZDBlMB4XDTIyMDEw
MTA1NTIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ3OWY3ZWIzZDlm
NmUyY2ZhYTBlYzQ2MzQ2OTllY2ZiZWNmNmZhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKT8jHYouMQIZGhSEjx4bi4TeolZO04sjcDM0uFV6xPwsbaY
LiDt9xnLbCliJj+Hpp64pHeFyceLMyLm4gCJav18FllRa0f+Xd7RqXTxi1ZSLmdp
yON2zDPp3Jskl7nFA00nRnBaPZhAVPq1j9mQpYxYDn/0EIdBUfAQX/ONWWLI1DT2
mLHPt6P7/qD48Kw2KpcoOxMiGTJ02L8Slu5ZEOoQD24OHEHX80CltUsv29yawp9r
vLZ8od0e6yKNVguxuSYCRfDD5vslVe9J3h23HZxu3KSzVUtB75888htB679YBqA/
Jdx8S8PNlaEVPatrkf4HuOR7OhdGysz9jzwb9cMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT9effrPZ9uLPqg7EY0aZ7Pvs9vojAfBgNVHSMEGDAWgBTEU/XiMEILxKcN
CmHeO0fc2hqNDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hGUDE0akJDQzhTbkRRcGgzanRIM05vYWpRNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvNDg3NTYyLWQxNzEtNDY4Ni04NTY5LWU2Y2YxN2NkZGE0Zi8x
L19YbjM2ejJmYml6Nm9PeEdOR21lejc3UGI2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
NDg3NTYyLWQxNzEtNDY4Ni04NTY5LWU2Y2YxN2NkZGE0Zi8xL3hGUDE0akJDQzhT
bkRRcGgzanRIM05vYWpRNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl72DANBgkqhkiG9w0BAQsFAAOC
AQEAgFGZ1HCYnRjRjey6VKLNPLAW+2DiXzvkya2ElOo/tEzumkgwNsuda+qymijy
YXFjKqy58PH3cxXVThe1vQtSxrlF+XrypRjp3JZuN27rSJhJf9q01q4LMcQKcPdJ
pjQ4+ijpmFmNwmaednH6mzMVpoTKdlSFZKnRp0+gdneCB//78st6vmL8LyzNuvOD
4ki1SSJtC2PPQNdUgmZf0ZojXOlpR1KkMP8523HFEsOx9w1zlo5zMgfR6jCVlo0h
JHK038nvNaOezwxxm9zzJi0Eq6B2qvpx2b8/EYQDyd/yRVtQuFaQO6eqwkLsBY1Q
YYpuJnaoQThoAuH9v6WCeuIsbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:21 2024 by rpki-client on console-ams.rpki-client.org