Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/BSEHXEFdiD8747rA5cJvEbCi0pw.roa
File: BSEHXEFdiD8747rA5cJvEbCi0pw.roa (raw, json)
Hash identifier: 54AV3rXwrRfMIi2EVH1E+4zcxN1FmlS9AOOM+Eao9v4=
Subject key identifier: 05:21:07:5C:41:5D:88:3F:3B:E3:BA:C0:E5:C2:6F:11:B0:A2:D2:9C
Certificate issuer: /CN=aad0a5f4e8f7e13c7cb535c64f79e20b3f01d624
Certificate serial: 01856D41A602F1A0E18FB010CDD9846E0FE9
Authority key identifier: AA:D0:A5:F4:E8:F7:E1:3C:7C:B5:35:C6:4F:79:E2:0B:3F:01:D6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/BSEHXEFdiD8747rA5cJvEbCi0pw.roa
Signing time: Sun 01 Jan 2023 12:14:56 +0000
ROA not before: Sun 01 Jan 2023 12:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212040
IP address blocks: 185.223.160.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a6:02:f1:a0:e1:8f:b0:10:cd:d9:84:6e:0f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aad0a5f4e8f7e13c7cb535c64f79e20b3f01d624
Validity
Not Before: Jan 1 12:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0521075c415d883f3be3bac0e5c26f11b0a2d29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:60:9b:a4:c5:79:cb:b1:22:48:ec:3a:85:2d:
d4:81:12:f1:95:c3:f2:ad:00:1c:dd:39:9a:e3:17:
a6:ad:f7:e1:23:3b:d2:f6:26:44:6a:f2:a7:f1:90:
b6:7f:45:d7:9a:f9:b9:d3:d4:90:7f:1a:e9:77:0f:
c8:5d:83:c6:b9:f0:66:15:1d:50:30:bd:69:1e:c5:
39:56:ef:c9:5f:a4:b2:73:a2:d7:a2:65:b8:df:13:
a1:ff:69:cf:f3:b3:b7:db:b2:68:3d:b4:11:cd:d3:
c9:1b:3f:e8:8e:e6:93:2d:8c:7c:58:29:d6:ac:09:
70:c4:d0:d0:2c:b8:7c:d3:9d:7c:1b:06:8c:d5:26:
41:30:64:2f:bb:a9:3c:7d:22:8c:36:23:c4:d2:64:
28:8f:9f:6d:7b:dd:72:56:5f:ad:6b:4a:6d:28:2d:
d8:38:b8:86:f2:54:0f:09:1d:b7:88:c7:6d:cd:6d:
93:ff:67:72:73:32:a1:d6:ca:3c:f7:02:04:72:98:
06:5f:2d:07:5b:79:cb:fe:f2:dd:fc:5e:67:d7:5a:
20:b3:50:7f:20:b6:32:98:d4:3d:a0:1c:de:58:2f:
8a:4d:1b:2f:99:ed:84:1d:a2:ed:11:d6:d7:f5:97:
af:ca:d8:4d:49:d9:1b:51:aa:63:32:62:93:76:f4:
42:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:21:07:5C:41:5D:88:3F:3B:E3:BA:C0:E5:C2:6F:11:B0:A2:D2:9C
X509v3 Authority Key Identifier:
keyid:AA:D0:A5:F4:E8:F7:E1:3C:7C:B5:35:C6:4F:79:E2:0B:3F:01:D6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/BSEHXEFdiD8747rA5cJvEbCi0pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.160.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:5f:ba:4c:b7:1a:c4:9e:6c:b7:86:c6:a5:dd:2e:bd:72:33:
ef:9a:7f:6d:a8:a5:8e:29:9a:3a:d1:91:dc:29:5c:17:62:b4:
65:26:4f:65:3f:ce:dd:46:8a:89:4c:80:5e:38:93:0f:32:19:
e3:b5:0b:d6:03:ec:ce:40:da:d8:f0:19:5e:d9:6c:f2:09:44:
8b:54:fd:82:9e:8f:5b:c2:55:33:35:15:56:b6:35:76:1c:77:
14:d6:80:9c:84:2e:2d:74:42:ef:b7:6f:93:f0:48:98:16:2a:
9d:b9:89:65:75:21:2e:9b:3a:3c:88:8a:7d:16:ee:f5:3c:43:
04:fe:32:4d:bc:8b:53:f5:16:cb:99:98:81:5c:87:98:38:53:
45:8d:3e:5a:65:51:c1:b3:3a:fa:70:af:9c:59:d9:42:bb:cc:
9d:7d:b1:15:f5:35:11:5c:63:10:4d:f9:08:d5:33:fd:6e:34:
95:ab:40:35:b1:40:2e:c7:cb:96:e9:a5:a2:8e:60:10:7d:59:
71:42:87:df:fe:e8:a3:2f:ca:03:ef:c9:d9:94:99:46:3e:a9:
24:54:96:72:aa:6f:b9:a3:5e:ce:13:66:8c:01:96:b3:ee:cf:
35:3b:17:15:fc:a9:80:d3:3c:aa:7c:dc:aa:f3:52:1e:9c:7b:
72:c6:53:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQaYC8aDhj7AQzdmEbg/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZDBhNWY0ZThmN2UxM2M3Y2I1MzVjNjRmNzllMjBiM2Yw
MWQ2MjQwHhcNMjMwMTAxMTIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTIxMDc1YzQxNWQ4ODNmM2JlM2JhYzBlNWMyNmYxMWIwYTJkMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12CbpMV5y7EiSOw6hS3UgRLxlcPy
rQAc3Tma4xemrffhIzvS9iZEavKn8ZC2f0XXmvm509SQfxrpdw/IXYPGufBmFR1Q
ML1pHsU5Vu/JX6Syc6LXomW43xOh/2nP87O327JoPbQRzdPJGz/ojuaTLYx8WCnW
rAlwxNDQLLh80518GwaM1SZBMGQvu6k8fSKMNiPE0mQoj59te91yVl+ta0ptKC3Y
OLiG8lQPCR23iMdtzW2T/2dyczKh1so89wIEcpgGXy0HW3nL/vLd/F5n11ogs1B/
ILYymNQ9oBzeWC+KTRsvme2EHaLtEdbX9ZevythNSdkbUapjMmKTdvRCswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUhB1xBXYg/O+O6wOXCbxGwotKcMB8GA1UdIwQY
MBaAFKrQpfTo9+E8fLU1xk954gs/AdYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXRDbDlPajM0VHg4dFRYR1QzbmlDejhCMWlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMDFhMTUtZWYzZC00MTU1LWJmMTMt
YjdlZjA0MmM4NTdiLzEvQlNFSFhFRmRpRDg3NDdyQTVjSnZFYkNpMHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMDFhMTUtZWYzZC00MTU1LWJmMTMtYjdlZjA0MmM4NTdi
LzEvcXRDbDlPajM0VHg4dFRYR1QzbmlDejhCMWlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud+gMA0G
CSqGSIb3DQEBCwUAA4IBAQAPX7pMtxrEnmy3hsal3S69cjPvmn9tqKWOKZo60ZHc
KVwXYrRlJk9lP87dRoqJTIBeOJMPMhnjtQvWA+zOQNrY8Ble2WzyCUSLVP2Cno9b
wlUzNRVWtjV2HHcU1oCchC4tdELvt2+T8EiYFiqduYlldSEumzo8iIp9Fu71PEME
/jJNvItT9RbLmZiBXIeYOFNFjT5aZVHBszr6cK+cWdlCu8ydfbEV9TURXGMQTfkI
1TP9bjSVq0A1sUAux8uW6aWijmAQfVlxQoff/uijL8oD78nZlJlGPqkkVJZyqm+5
o17OE2aMAZaz7s81OxcV/KmA0zyqfNyq81IenHtyxlPI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:31 2024 by rpki-client on console-ams.rpki-client.org