Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/fiG9Z9WO692GqgLRSO_zZz_JKq0.roa
File: fiG9Z9WO692GqgLRSO_zZz_JKq0.roa (raw, json)
Hash identifier: CIJ6Y8YDSjN7y4AjcCYMFJfp4IpU1gA9c3FCMdmJX0w=
Subject key identifier: 7E:21:BD:67:D5:8E:EB:DD:86:AA:02:D1:48:EF:F3:67:3F:C9:2A:AD
Certificate issuer: /CN=aad0a5f4e8f7e13c7cb535c64f79e20b3f01d624
Certificate serial: 018CC64B18E94F38ED191ABFD5C743ABE61B
Authority key identifier: AA:D0:A5:F4:E8:F7:E1:3C:7C:B5:35:C6:4F:79:E2:0B:3F:01:D6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/fiG9Z9WO692GqgLRSO_zZz_JKq0.roa
Signing time: Mon 01 Jan 2024 18:30:59 +0000
ROA not before: Mon 01 Jan 2024 18:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212040
IP address blocks: 185.223.160.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:18:e9:4f:38:ed:19:1a:bf:d5:c7:43:ab:e6:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aad0a5f4e8f7e13c7cb535c64f79e20b3f01d624
Validity
Not Before: Jan 1 18:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e21bd67d58eebdd86aa02d148eff3673fc92aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cf:46:8a:e4:2a:dd:c4:3d:07:4e:83:e4:f8:
90:35:5e:b2:4a:5e:a0:5d:fd:c5:a8:fb:07:9f:dc:
7e:36:7a:03:41:cc:4c:b9:ae:86:47:25:ad:14:64:
9c:04:ff:e8:c4:76:b9:3f:96:b3:c4:5d:f9:58:5c:
6e:2e:f2:2e:4f:01:98:7e:9d:7d:e0:21:52:37:10:
ea:aa:d2:5b:6b:6c:1d:e8:bc:08:29:8c:66:c4:0c:
08:ca:fe:78:0b:31:9d:4e:dc:de:9b:48:2d:bb:06:
62:b8:06:a0:57:d1:23:17:46:3b:49:2b:56:95:a6:
25:c0:fc:a3:ea:05:7c:1c:2a:19:bb:9f:47:61:2f:
1b:86:65:b7:8d:b0:40:19:d1:5d:f0:06:1b:63:f3:
92:7f:7b:dc:9c:0e:4b:3e:d5:dc:c8:07:8d:63:79:
4e:17:ce:28:70:1b:3f:74:d6:5a:80:f2:6a:00:85:
cb:8e:8e:91:b6:d6:c6:87:a7:bd:68:6d:72:2e:3c:
9d:24:fa:3d:3e:73:0f:cc:d2:96:3c:b2:6b:40:78:
5c:c9:0e:44:ee:1b:1b:16:d9:9a:0c:c4:ae:f8:68:
d7:ed:94:11:80:58:3f:41:0b:13:67:88:d9:67:5f:
13:c7:42:8d:38:b5:1e:71:c4:c1:e3:08:90:57:5b:
24:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:21:BD:67:D5:8E:EB:DD:86:AA:02:D1:48:EF:F3:67:3F:C9:2A:AD
X509v3 Authority Key Identifier:
keyid:AA:D0:A5:F4:E8:F7:E1:3C:7C:B5:35:C6:4F:79:E2:0B:3F:01:D6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/fiG9Z9WO692GqgLRSO_zZz_JKq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.160.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b3:8d:a3:31:6c:c9:2e:2d:91:ff:97:68:9a:a9:35:9c:89:
99:d5:5d:9e:f3:17:98:65:4e:60:90:bd:1b:34:46:f7:92:68:
76:01:27:5f:af:17:13:fa:82:c3:5b:a7:97:6d:a4:16:cd:18:
88:5c:ab:f5:3d:e4:39:c7:a3:2c:7f:f1:56:27:09:26:9b:11:
07:61:32:3c:72:fd:62:36:38:6e:91:ae:bb:8d:8f:1b:b4:ce:
bd:65:16:36:e8:54:5b:25:c5:33:92:4d:04:ac:5a:ad:e1:35:
0b:ff:b5:9b:c0:4a:2e:15:64:12:c0:5d:d6:6f:4a:8c:37:70:
19:28:c4:03:83:43:83:e6:10:39:f8:fe:fa:ee:0e:ff:6c:a1:
f8:2c:cf:a1:c8:90:d5:0e:92:fc:64:84:ad:ca:a0:99:2a:e1:
ea:ab:0a:bd:77:d6:1e:b5:cd:3f:a6:27:89:ab:c3:44:7b:f3:
72:ec:32:11:67:0f:47:ec:43:5e:66:26:40:2f:89:40:a1:32:
a2:29:14:0d:9f:2b:cd:7d:ae:6f:ca:56:8a:61:05:76:4e:40:
38:60:9d:1c:2a:ff:95:61:cc:08:14:12:c4:d6:e8:35:fc:7d:
65:10:42:0c:6b:5f:87:64:e7:a3:66:61:50:2d:65:6e:48:b5:
dc:35:f8:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSxjpTzjtGRq/1cdDq+YbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZDBhNWY0ZThmN2UxM2M3Y2I1MzVjNjRmNzllMjBiM2Yw
MWQ2MjQwHhcNMjQwMTAxMTgzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTIxYmQ2N2Q1OGVlYmRkODZhYTAyZDE0OGVmZjM2NzNmYzkyYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc9GiuQq3cQ9B06D5PiQNV6ySl6g
Xf3FqPsHn9x+NnoDQcxMua6GRyWtFGScBP/oxHa5P5azxF35WFxuLvIuTwGYfp19
4CFSNxDqqtJba2wd6LwIKYxmxAwIyv54CzGdTtzem0gtuwZiuAagV9EjF0Y7SStW
laYlwPyj6gV8HCoZu59HYS8bhmW3jbBAGdFd8AYbY/OSf3vcnA5LPtXcyAeNY3lO
F84ocBs/dNZagPJqAIXLjo6RttbGh6e9aG1yLjydJPo9PnMPzNKWPLJrQHhcyQ5E
7hsbFtmaDMSu+GjX7ZQRgFg/QQsTZ4jZZ18Tx0KNOLUeccTB4wiQV1skmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4hvWfVjuvdhqoC0Ujv82c/ySqtMB8GA1UdIwQY
MBaAFKrQpfTo9+E8fLU1xk954gs/AdYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXRDbDlPajM0VHg4dFRYR1QzbmlDejhCMWlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMDFhMTUtZWYzZC00MTU1LWJmMTMt
YjdlZjA0MmM4NTdiLzEvZmlHOVo5V082OTJHcWdMUlNPX3pael9KS3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMDFhMTUtZWYzZC00MTU1LWJmMTMtYjdlZjA0MmM4NTdi
LzEvcXRDbDlPajM0VHg4dFRYR1QzbmlDejhCMWlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud+gMA0G
CSqGSIb3DQEBCwUAA4IBAQASs42jMWzJLi2R/5domqk1nImZ1V2e8xeYZU5gkL0b
NEb3kmh2ASdfrxcT+oLDW6eXbaQWzRiIXKv1PeQ5x6Msf/FWJwkmmxEHYTI8cv1i
Njhuka67jY8btM69ZRY26FRbJcUzkk0ErFqt4TUL/7WbwEouFWQSwF3Wb0qMN3AZ
KMQDg0OD5hA5+P767g7/bKH4LM+hyJDVDpL8ZIStyqCZKuHqqwq9d9Yetc0/pieJ
q8NEe/Ny7DIRZw9H7ENeZiZAL4lAoTKiKRQNnyvNfa5vylaKYQV2TkA4YJ0cKv+V
YcwIFBLE1ug1/H1lEEIMa1+HZOejZmFQLWVuSLXcNfgy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:32 2024 by rpki-client on console-ams.rpki-client.org