Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/qyIPPN21SguBoRvWb0OMhHmJles.roa
File: qyIPPN21SguBoRvWb0OMhHmJles.roa (raw, json)
Hash identifier: LJeTTUfe32SLE+t6y/pyLYqzELAI576XItBZ1lGX4Pc=
Subject key identifier: AB:22:0F:3C:DD:B5:4A:0B:81:A1:1B:D6:6F:43:8C:84:79:89:95:EB
Certificate issuer: /CN=83286fa6da7d252e7828f84923f55919142b007f
Certificate serial: 018CC7941B2AE13CCAB7F95B630A602DAE08
Authority key identifier: 83:28:6F:A6:DA:7D:25:2E:78:28:F8:49:23:F5:59:19:14:2B:00:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyhvptp9JS54KPhJI_VZGRQrAH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/qyIPPN21SguBoRvWb0OMhHmJles.roa
Signing time: Tue 02 Jan 2024 00:30:21 +0000
ROA not before: Tue 02 Jan 2024 00:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202329
IP address blocks: 185.65.241.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:1b:2a:e1:3c:ca:b7:f9:5b:63:0a:60:2d:ae:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83286fa6da7d252e7828f84923f55919142b007f
Validity
Not Before: Jan 2 00:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab220f3cddb54a0b81a11bd66f438c84798995eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b3:07:57:2b:d8:92:6d:c5:e5:8a:7f:9f:3f:
0d:19:51:d5:06:03:8d:bf:03:73:43:b2:3d:84:38:
ee:e3:c5:e6:92:82:43:e8:0b:d9:de:1c:e8:51:e9:
37:90:01:0d:b8:10:5e:6d:0a:62:c6:c1:ae:ec:eb:
04:5c:d0:76:72:41:b7:c8:b5:4f:00:65:14:33:c0:
63:99:f7:60:c9:76:82:53:63:d1:17:2c:dc:cc:30:
e6:1a:48:c8:44:b6:53:48:98:9c:4a:f1:f6:9d:57:
d3:49:15:28:5d:35:15:3e:05:d0:77:e7:ae:a6:8d:
7a:4d:24:3f:10:aa:7d:fa:e0:60:95:71:57:ca:18:
5e:5a:44:18:77:6c:41:d6:78:6f:ef:95:cd:b9:5a:
e7:b9:73:78:79:e2:21:a2:91:fd:c2:56:3a:94:a8:
6e:38:ab:3e:03:d0:92:be:8c:75:20:ba:82:63:f6:
d5:dc:08:63:a1:f2:b2:be:6a:bd:94:2f:5b:0c:94:
13:59:c6:d5:76:54:4c:ed:0b:aa:03:e9:0f:81:d0:
75:77:a7:b5:44:05:1b:69:55:d3:a0:09:e6:c0:cf:
61:f1:79:cd:31:cb:c7:b5:f5:ba:38:24:2e:18:d4:
5a:80:80:9b:a2:6a:5c:49:43:18:ad:5b:51:e7:57:
bd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:22:0F:3C:DD:B5:4A:0B:81:A1:1B:D6:6F:43:8C:84:79:89:95:EB
X509v3 Authority Key Identifier:
keyid:83:28:6F:A6:DA:7D:25:2E:78:28:F8:49:23:F5:59:19:14:2B:00:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyhvptp9JS54KPhJI_VZGRQrAH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/qyIPPN21SguBoRvWb0OMhHmJles.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/gyhvptp9JS54KPhJI_VZGRQrAH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.241.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:cb:31:0f:5e:72:56:1c:4c:76:85:c7:90:99:7c:6d:f2:9a:
70:93:99:fa:b2:0e:76:48:10:03:6d:1f:fa:f6:ad:a9:bc:1e:
cf:c3:a0:93:20:1a:ae:9c:11:46:d9:96:e9:a8:00:6e:e0:3d:
7b:ba:1a:9d:09:d3:39:5d:50:a4:d7:e9:c1:11:c7:90:b8:af:
19:86:16:75:9a:fb:8f:1c:a8:19:53:f2:13:c1:60:83:a9:20:
36:a9:84:3c:c3:37:0b:47:97:d6:b0:e7:a4:fb:a1:0c:53:1b:
dd:97:65:d0:86:4b:7c:5d:5a:63:a5:ba:81:90:5d:27:f8:8f:
85:ea:11:b9:47:20:fd:e7:99:2f:9b:5f:4b:91:29:d1:ba:eb:
6a:9e:c2:21:0a:6d:1e:d8:20:1c:13:cf:93:d3:97:ff:a6:37:
90:58:bb:e4:05:c0:52:6e:7a:99:d6:36:e3:e8:85:03:26:90:
f8:29:6f:e5:ee:e8:62:dc:7a:84:a4:3f:af:c4:8c:4b:29:6f:
b3:08:d6:ba:ee:ca:a0:9a:e5:9f:1a:41:52:7a:a5:19:83:aa:
c4:4c:19:43:59:aa:d6:9c:51:89:24:d2:3b:80:19:18:9d:1b:
f5:03:02:cf:8c:89:20:bf:7e:2c:44:3c:67:39:cc:4e:e5:6d:
d4:6c:b1:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlBsq4TzKt/lbYwpgLa4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjg2ZmE2ZGE3ZDI1MmU3ODI4Zjg0OTIzZjU1OTE5MTQy
YjAwN2YwHhcNMjQwMTAyMDAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjIyMGYzY2RkYjU0YTBiODFhMTFiZDY2ZjQzOGM4NDc5ODk5NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrMHVyvYkm3F5Yp/nz8NGVHVBgON
vwNzQ7I9hDju48XmkoJD6AvZ3hzoUek3kAENuBBebQpixsGu7OsEXNB2ckG3yLVP
AGUUM8BjmfdgyXaCU2PRFyzczDDmGkjIRLZTSJicSvH2nVfTSRUoXTUVPgXQd+eu
po16TSQ/EKp9+uBglXFXyhheWkQYd2xB1nhv75XNuVrnuXN4eeIhopH9wlY6lKhu
OKs+A9CSvox1ILqCY/bV3AhjofKyvmq9lC9bDJQTWcbVdlRM7QuqA+kPgdB1d6e1
RAUbaVXToAnmwM9h8XnNMcvHtfW6OCQuGNRagICbompcSUMYrVtR51e9pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKsiDzzdtUoLgaEb1m9DjIR5iZXrMB8GA1UdIwQY
MBaAFIMob6bafSUueCj4SSP1WRkUKwB/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lodnB0cDlKUzU0S1BoSklfVlpHUlFyQUg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYzU4M2QtMWFiYS00Nzk4LTg4MTct
ZDZjOWM2ZTg2OTIzLzEvcXlJUFBOMjFTZ3VCb1J2V2IwT01oSG1KbGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYzU4M2QtMWFiYS00Nzk4LTg4MTctZDZjOWM2ZTg2OTIz
LzEvZ3lodnB0cDlKUzU0S1BoSklfVlpHUlFyQUg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUHxMA0G
CSqGSIb3DQEBCwUAA4IBAQBtyzEPXnJWHEx2hceQmXxt8ppwk5n6sg52SBADbR/6
9q2pvB7Pw6CTIBqunBFG2ZbpqABu4D17uhqdCdM5XVCk1+nBEceQuK8ZhhZ1mvuP
HKgZU/ITwWCDqSA2qYQ8wzcLR5fWsOek+6EMUxvdl2XQhkt8XVpjpbqBkF0n+I+F
6hG5RyD955kvm19LkSnRuutqnsIhCm0e2CAcE8+T05f/pjeQWLvkBcBSbnqZ1jbj
6IUDJpD4KW/l7uhi3HqEpD+vxIxLKW+zCNa67sqgmuWfGkFSeqUZg6rETBlDWarW
nFGJJNI7gBkYnRv1AwLPjIkgv34sRDxnOcxO5W3UbLH8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:56 2024 by rpki-client on console-fra.rpki-client.org