Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/7iNcIf-XgyODVt6jPATDih0WMnI.roa
File: 7iNcIf-XgyODVt6jPATDih0WMnI.roa (raw, json)
Hash identifier: Hv7PZKWSTLSNAADsEV/rDFcJWN2H+c6T/gGG+W8aaJw=
Subject key identifier: EE:23:5C:21:FF:97:83:23:83:56:DE:A3:3C:04:C3:8A:1D:16:32:72
Certificate issuer: /CN=83286fa6da7d252e7828f84923f55919142b007f
Certificate serial: 018CC7941AEE5CA61271DB566EBF8DA7BDBE
Authority key identifier: 83:28:6F:A6:DA:7D:25:2E:78:28:F8:49:23:F5:59:19:14:2B:00:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyhvptp9JS54KPhJI_VZGRQrAH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/7iNcIf-XgyODVt6jPATDih0WMnI.roa
Signing time: Tue 02 Jan 2024 00:30:21 +0000
ROA not before: Tue 02 Jan 2024 00:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199714
IP address blocks: 185.65.240.0/24 maxlen: 24
185.65.240.0/22 maxlen: 22
185.65.242.0/24 maxlen: 24
2a05:400::/36 maxlen: 36
2a05:400::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:1a:ee:5c:a6:12:71:db:56:6e:bf:8d:a7:bd:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83286fa6da7d252e7828f84923f55919142b007f
Validity
Not Before: Jan 2 00:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee235c21ff9783238356dea33c04c38a1d163272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:7e:d0:16:dd:f9:af:57:5a:59:4d:6d:9b:
7e:ce:3c:1c:87:92:8b:d0:22:a0:5c:04:6b:b6:9a:
10:ba:05:99:ad:f0:85:26:21:f6:43:4e:5c:ec:8a:
ee:ae:01:9a:67:db:4b:2a:14:59:e5:59:ac:bf:e1:
f4:72:cc:64:f3:ee:cc:60:cb:98:6b:e6:a4:56:4c:
86:31:2d:22:09:8a:02:fe:2c:b2:40:84:4b:2c:bf:
4d:91:a9:99:d1:86:b5:76:35:61:04:8d:fd:0b:9c:
25:98:78:1c:59:1b:91:ee:6e:86:fb:db:3b:e6:6d:
e9:49:63:29:cf:1c:e8:40:51:34:4f:6f:d3:e3:fe:
58:b5:ec:ba:e0:b7:fc:e2:5b:6c:fc:7f:12:7a:a0:
e3:ed:7e:39:65:60:b3:c5:23:97:1c:0a:04:47:0c:
1f:d0:a7:38:09:c4:ff:00:93:e3:37:16:9b:44:f9:
59:26:05:c0:a9:9b:5f:00:82:3c:b2:d5:48:6a:f8:
c4:5e:4d:c6:ac:27:55:e7:71:14:d2:88:1b:74:b0:
32:12:56:43:d7:90:66:31:1a:ad:49:5c:31:72:e0:
73:b1:02:0d:a1:9d:f2:40:11:77:a9:1a:b5:ff:de:
00:76:43:e7:6b:ac:64:2b:15:df:fa:da:d1:0c:aa:
d5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:23:5C:21:FF:97:83:23:83:56:DE:A3:3C:04:C3:8A:1D:16:32:72
X509v3 Authority Key Identifier:
keyid:83:28:6F:A6:DA:7D:25:2E:78:28:F8:49:23:F5:59:19:14:2B:00:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyhvptp9JS54KPhJI_VZGRQrAH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/7iNcIf-XgyODVt6jPATDih0WMnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/gyhvptp9JS54KPhJI_VZGRQrAH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.240.0/22
IPv6:
2a05:400::/29
Signature Algorithm: sha256WithRSAEncryption
6e:a9:8c:75:54:90:6b:2c:bc:51:80:84:ed:9c:b1:0c:fd:07:
27:f6:e6:a7:28:4a:22:e6:6f:98:86:63:5e:b8:cb:65:a2:56:
b0:1e:d9:86:0f:05:6b:b6:d7:f3:64:e9:d3:22:72:2b:ae:bd:
a4:a2:1d:8b:3d:4d:c5:aa:e8:d5:29:dd:c2:99:8f:5e:1e:17:
79:df:bc:2c:65:13:14:ec:5e:b5:a4:82:31:23:4d:1d:d5:2e:
c9:b6:ff:2c:70:9e:8b:bd:1a:e1:e9:79:b8:8c:16:77:71:6d:
21:43:92:dc:cb:3c:10:cd:01:0e:8d:bf:cb:ca:b6:fa:c6:d2:
31:92:3d:6d:91:2a:c2:84:68:b7:1d:69:00:9d:4b:fe:3e:3c:
1c:13:55:5b:47:80:76:f0:e6:90:a4:98:3f:30:0c:3c:d1:5a:
bd:c5:e8:80:53:97:d9:a6:72:89:53:53:2b:2a:2a:d8:70:28:
4f:ac:88:38:5f:83:78:f2:ea:89:49:82:2e:8f:21:6f:2b:15:
5a:67:c8:91:62:98:0f:15:0a:24:4d:24:38:88:da:9c:71:66:
4a:90:5b:cd:34:e2:a0:f7:5d:fa:70:f2:a9:f9:57:87:37:ff:
5a:6b:80:db:44:e1:36:75:47:2f:fb:e3:ff:ef:1e:15:fa:c5:
b7:24:0f:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlBruXKYScdtWbr+Np72+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjg2ZmE2ZGE3ZDI1MmU3ODI4Zjg0OTIzZjU1OTE5MTQy
YjAwN2YwHhcNMjQwMTAyMDAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTIzNWMyMWZmOTc4MzIzODM1NmRlYTMzYzA0YzM4YTFkMTYzMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWB+0Bbd+a9XWllNbZt+zjwch5KL
0CKgXARrtpoQugWZrfCFJiH2Q05c7IrurgGaZ9tLKhRZ5Vmsv+H0csxk8+7MYMuY
a+akVkyGMS0iCYoC/iyyQIRLLL9NkamZ0Ya1djVhBI39C5wlmHgcWRuR7m6G+9s7
5m3pSWMpzxzoQFE0T2/T4/5Ytey64Lf84lts/H8SeqDj7X45ZWCzxSOXHAoERwwf
0Kc4CcT/AJPjNxabRPlZJgXAqZtfAII8stVIavjEXk3GrCdV53EU0ogbdLAyElZD
15BmMRqtSVwxcuBzsQINoZ3yQBF3qRq1/94AdkPna6xkKxXf+trRDKrV2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO4jXCH/l4Mjg1beozwEw4odFjJyMB8GA1UdIwQY
MBaAFIMob6bafSUueCj4SSP1WRkUKwB/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lodnB0cDlKUzU0S1BoSklfVlpHUlFyQUg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYzU4M2QtMWFiYS00Nzk4LTg4MTct
ZDZjOWM2ZTg2OTIzLzEvN2lOY0lmLVhneU9EVnQ2alBBVERpaDBXTW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYzU4M2QtMWFiYS00Nzk4LTg4MTctZDZjOWM2ZTg2OTIz
LzEvZ3lodnB0cDlKUzU0S1BoSklfVlpHUlFyQUg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUHwMA0E
AgACMAcDBQMqBQQAMA0GCSqGSIb3DQEBCwUAA4IBAQBuqYx1VJBrLLxRgITtnLEM
/Qcn9uanKEoi5m+YhmNeuMtlolawHtmGDwVrttfzZOnTInIrrr2koh2LPU3FqujV
Kd3CmY9eHhd537wsZRMU7F61pIIxI00d1S7Jtv8scJ6LvRrh6Xm4jBZ3cW0hQ5Lc
yzwQzQEOjb/Lyrb6xtIxkj1tkSrChGi3HWkAnUv+PjwcE1VbR4B28OaQpJg/MAw8
0Vq9xeiAU5fZpnKJU1MrKirYcChPrIg4X4N48uqJSYIujyFvKxVaZ8iRYpgPFQok
TSQ4iNqccWZKkFvNNOKg9136cPKp+VeHN/9aa4DbROE2dUcv++P/7x4V+sW3JA+q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:14 2024 by rpki-client on console-ams.rpki-client.org