Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/FVO4BtYH7BowmvyUMTCsMnZG3bY.roa
File: FVO4BtYH7BowmvyUMTCsMnZG3bY.roa (raw, json)
Hash identifier: BdXRdfqK7qiP7ZOJXwZAIpBW+tAjpTPv5massgdCI1Q=
Subject key identifier: 15:53:B8:06:D6:07:EC:1A:30:9A:FC:94:31:30:AC:32:76:46:DD:B6
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 018964C050E568F6C996CB03D52518DD4B30
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/FVO4BtYH7BowmvyUMTCsMnZG3bY.roa
Signing time: Mon 17 Jul 2023 16:47:52 +0000
ROA not before: Mon 17 Jul 2023 16:47:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 185.222.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:c0:50:e5:68:f6:c9:96:cb:03:d5:25:18:dd:4b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jul 17 16:47:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1553b806d607ec1a309afc943130ac327646ddb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:71:1d:61:1e:d2:c9:d7:25:89:fd:5c:78:8d:
68:3d:3c:94:91:90:a6:c7:4a:8a:e8:97:66:24:5b:
b4:fa:91:46:9a:47:62:15:15:82:fb:f9:73:45:0f:
88:dc:52:5d:14:66:a4:e9:10:f5:56:ca:49:a6:01:
e1:27:05:ab:c3:52:a2:47:6f:46:d1:48:c8:2a:b9:
86:1a:01:ff:44:7b:bd:93:c0:a9:c3:5c:bd:82:0a:
f4:08:cf:66:e3:e9:c7:11:c6:83:e5:2c:b2:34:8e:
95:74:ab:7d:6a:64:de:09:ea:32:94:06:1b:c7:0b:
93:fd:cd:92:eb:ca:f1:ad:b2:64:dd:c6:45:bc:bb:
1a:6d:01:9f:ca:fd:77:1b:a7:16:fa:5a:38:d2:43:
0f:d8:9b:59:f8:4e:94:a2:1e:3e:f7:ff:9f:6e:d3:
78:1d:f3:5f:98:7b:c6:14:c0:21:a8:00:81:dc:af:
83:ab:d5:b5:13:52:58:eb:b5:4b:46:29:5d:26:9d:
42:22:af:4a:2d:ad:1a:1e:d9:c0:c7:05:3e:fd:39:
26:93:24:60:a8:87:62:c2:2a:cb:d5:8f:20:4e:0a:
0c:e6:49:8b:de:dc:e3:0e:2f:ae:cb:2f:5d:c0:b7:
10:ee:df:63:ab:29:7b:d7:1c:74:db:4f:81:c8:c8:
78:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:53:B8:06:D6:07:EC:1A:30:9A:FC:94:31:30:AC:32:76:46:DD:B6
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/FVO4BtYH7BowmvyUMTCsMnZG3bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.214.0/24
Signature Algorithm: sha256WithRSAEncryption
48:5b:77:d9:4b:bf:b7:9d:4c:c0:7b:4d:49:e7:ea:d5:26:08:
d0:4b:b5:55:96:79:18:3c:8a:1b:77:45:18:16:51:95:2e:60:
c0:04:e8:3a:9b:c1:60:83:96:5e:46:c6:76:ae:03:76:1a:62:
f3:ec:cf:04:24:45:6f:28:f9:4c:a2:62:b1:7f:20:56:d3:85:
14:43:02:e6:b6:33:5c:3a:97:59:54:b2:2d:1f:81:a8:95:fb:
31:b2:0e:dc:6c:f0:ac:7a:b6:95:2f:87:36:16:1e:b3:11:4e:
96:84:f6:01:3c:52:40:2a:58:23:5b:68:1e:eb:45:5d:92:a2:
7e:dd:09:a6:9a:a9:cd:8d:88:18:ac:4d:39:c8:ce:e2:88:61:
4f:08:d1:2f:c8:92:d0:61:08:30:65:68:dc:75:0e:fd:f1:f4:
71:c6:d3:eb:d4:f7:40:b1:8a:ee:3d:63:f9:b1:12:5e:e3:a3:
d8:37:9c:be:16:49:e8:b6:24:3b:1d:22:82:15:9a:85:9c:d4:
aa:b0:9b:73:b5:44:47:59:48:78:b0:07:f3:fa:37:16:3a:4c:
c4:46:b4:a1:b2:b1:1d:0b:0a:c6:76:cd:96:6c:10:5b:13:23:
52:43:fe:f6:c6:e4:4f:68:4d:67:94:a7:d1:3a:76:37:36:44:
b1:49:47:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkwFDlaPbJlssD1SUY3UswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjMwNzE3MTY0NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTUzYjgwNmQ2MDdlYzFhMzA5YWZjOTQzMTMwYWMzMjc2NDZkZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnEdYR7Sydclif1ceI1oPTyUkZCm
x0qK6JdmJFu0+pFGmkdiFRWC+/lzRQ+I3FJdFGak6RD1VspJpgHhJwWrw1KiR29G
0UjIKrmGGgH/RHu9k8Cpw1y9ggr0CM9m4+nHEcaD5SyyNI6VdKt9amTeCeoylAYb
xwuT/c2S68rxrbJk3cZFvLsabQGfyv13G6cW+lo40kMP2JtZ+E6Uoh4+9/+fbtN4
HfNfmHvGFMAhqACB3K+Dq9W1E1JY67VLRildJp1CIq9KLa0aHtnAxwU+/TkmkyRg
qIdiwirL1Y8gTgoM5kmL3tzjDi+uyy9dwLcQ7t9jqyl71xx020+ByMh4UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVTuAbWB+waMJr8lDEwrDJ2Rt22MB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvRlZPNEJ0WUg3Qm93bXZ5VU1UQ3NNblpHM2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud7WMA0G
CSqGSIb3DQEBCwUAA4IBAQBIW3fZS7+3nUzAe01J5+rVJgjQS7VVlnkYPIobd0UY
FlGVLmDABOg6m8Fgg5ZeRsZ2rgN2GmLz7M8EJEVvKPlMomKxfyBW04UUQwLmtjNc
OpdZVLItH4Golfsxsg7cbPCseraVL4c2Fh6zEU6WhPYBPFJAKlgjW2ge60VdkqJ+
3QmmmqnNjYgYrE05yM7iiGFPCNEvyJLQYQgwZWjcdQ798fRxxtPr1PdAsYruPWP5
sRJe46PYN5y+FknotiQ7HSKCFZqFnNSqsJtztURHWUh4sAfz+jcWOkzERrShsrEd
CwrGds2WbBBbEyNSQ/72xuRPaE1nlKfROnY3NkSxSUeH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org