Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/R31cL1orVovqU3wdZcjkI6_-le0.roa
File: R31cL1orVovqU3wdZcjkI6_-le0.roa (raw, json)
Hash identifier: X2TBoglDPRuY9BeNMngTXkzTx+Eh/VtJXNUJ1HbHLlE=
Subject key identifier: 47:7D:5C:2F:5A:2B:56:8B:EA:53:7C:1D:65:C8:E4:23:AF:FE:95:ED
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 018CC3B6A90BB8ACECB165D69E06C2335801
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/R31cL1orVovqU3wdZcjkI6_-le0.roa
Signing time: Mon 01 Jan 2024 06:29:37 +0000
ROA not before: Mon 01 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 185.222.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a9:0b:b8:ac:ec:b1:65:d6:9e:06:c2:33:58:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jan 1 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=477d5c2f5a2b568bea537c1d65c8e423affe95ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ff:25:27:b5:87:9c:07:d9:3f:bb:c1:6b:f2:
8d:56:9c:0b:4d:4f:45:c0:07:b0:d0:55:b1:8c:7d:
ae:ef:eb:48:ea:31:17:ea:17:c0:21:72:de:e3:38:
ba:1d:66:30:b8:37:88:33:52:9e:c4:5e:d3:63:04:
8d:d8:b5:f2:8f:4e:d7:70:35:8e:38:a3:37:66:a1:
fe:e8:18:6e:d6:53:56:5e:8a:b4:1d:24:69:bc:50:
43:69:2b:b9:2f:bc:49:d8:f5:20:21:0f:f8:81:4e:
df:4e:36:54:6d:f2:0c:7d:84:4a:c7:da:a0:23:47:
c1:ec:80:97:eb:9d:e0:fa:eb:ca:ed:28:1c:5b:fb:
1b:b5:c3:d9:ad:11:d6:4e:fe:2b:bb:c4:5b:5d:df:
95:59:4c:d8:a9:fd:7e:16:24:53:8e:39:79:7d:35:
f1:32:be:7f:09:5c:7d:7f:bb:b4:1c:c2:c8:45:11:
fb:c9:0d:2b:4d:33:ea:64:aa:3c:9f:c5:43:75:ce:
5b:19:3d:0c:ee:2c:70:87:8b:73:2f:64:81:f6:a2:
2b:f2:ce:73:7e:75:ff:90:19:95:0a:ed:9c:94:49:
73:04:6f:47:de:52:e0:65:e3:ed:58:12:c9:cc:69:
ab:7b:d1:6a:9a:36:08:f5:18:0d:a0:1f:43:71:54:
37:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7D:5C:2F:5A:2B:56:8B:EA:53:7C:1D:65:C8:E4:23:AF:FE:95:ED
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/R31cL1orVovqU3wdZcjkI6_-le0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.214.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:06:66:5b:a9:14:0d:ff:01:e5:f9:72:29:f0:ff:0d:c1:81:
e6:38:4f:20:ea:db:b8:76:15:6a:5d:b0:27:30:f7:53:08:4e:
53:4a:1e:c1:b2:7a:b7:9a:5b:13:06:dc:9b:4a:b1:12:fb:f2:
e7:f2:b6:da:e4:f4:f8:9b:c4:80:d2:d7:08:40:28:05:2b:46:
66:96:c9:2b:3e:70:37:03:c6:a7:96:a8:46:49:b6:da:96:e6:
a9:03:25:04:7c:8c:e2:34:b9:0e:de:98:c1:42:b1:fe:a7:68:
e6:4b:c6:37:8a:e8:f7:a6:61:16:55:f0:db:e4:94:cf:e6:08:
af:60:ad:f6:f0:d8:8f:c6:8f:01:93:df:fb:ab:c9:bb:1b:47:
ec:12:76:18:91:14:65:bf:fa:ce:e5:53:f5:2f:57:40:c7:e9:
78:29:d1:33:ef:b7:0c:bd:ff:df:04:61:47:2e:5d:9a:d5:3a:
90:25:d1:d0:ab:51:7f:a3:7a:26:f1:09:78:7b:f2:41:f8:06:
92:b4:d2:67:4b:4c:b4:95:54:65:4a:55:9f:9d:53:bb:5c:f3:
11:af:03:37:85:cf:2a:22:1b:e3:2d:2c:fd:7a:ca:36:b7:ae:
a7:bb:09:16:48:8c:81:87:83:54:c4:77:19:49:1b:57:6b:5c:
e4:6c:44:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtqkLuKzssWXWngbCM1gBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQwMTAxMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzdkNWMyZjVhMmI1NjhiZWE1MzdjMWQ2NWM4ZTQyM2FmZmU5NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP8lJ7WHnAfZP7vBa/KNVpwLTU9F
wAew0FWxjH2u7+tI6jEX6hfAIXLe4zi6HWYwuDeIM1KexF7TYwSN2LXyj07XcDWO
OKM3ZqH+6Bhu1lNWXoq0HSRpvFBDaSu5L7xJ2PUgIQ/4gU7fTjZUbfIMfYRKx9qg
I0fB7ICX653g+uvK7SgcW/sbtcPZrRHWTv4ru8RbXd+VWUzYqf1+FiRTjjl5fTXx
Mr5/CVx9f7u0HMLIRRH7yQ0rTTPqZKo8n8VDdc5bGT0M7ixwh4tzL2SB9qIr8s5z
fnX/kBmVCu2clElzBG9H3lLgZePtWBLJzGmre9FqmjYI9RgNoB9DcVQ3YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEd9XC9aK1aL6lN8HWXI5COv/pXtMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvUjMxY0wxb3JWb3ZxVTN3ZFpjamtJNl8tbGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud7WMA0G
CSqGSIb3DQEBCwUAA4IBAQCxBmZbqRQN/wHl+XIp8P8NwYHmOE8g6tu4dhVqXbAn
MPdTCE5TSh7Bsnq3mlsTBtybSrES+/Ln8rba5PT4m8SA0tcIQCgFK0ZmlskrPnA3
A8anlqhGSbbaluapAyUEfIziNLkO3pjBQrH+p2jmS8Y3iuj3pmEWVfDb5JTP5giv
YK328NiPxo8Bk9/7q8m7G0fsEnYYkRRlv/rO5VP1L1dAx+l4KdEz77cMvf/fBGFH
Ll2a1TqQJdHQq1F/o3om8Ql4e/JB+AaStNJnS0y0lVRlSlWfnVO7XPMRrwM3hc8q
IhvjLSz9eso2t66nuwkWSIyBh4NUxHcZSRtXa1zkbEQb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:27 2024 by rpki-client on console-ams.rpki-client.org