Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o4t8CpsPbBodwNfVrbBVEN3wYVo.roa
File: o4t8CpsPbBodwNfVrbBVEN3wYVo.roa (raw, json)
Hash identifier: hxIWc0MlfvH6k1n2nEvvX1p6AXKmcZ5zwbyHnEuzDdc=
Subject key identifier: A3:8B:7C:0A:9B:0F:6C:1A:1D:C0:D7:D5:AD:B0:55:10:DD:F0:61:5A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1D6FD83E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o4t8CpsPbBodwNfVrbBVEN3wYVo.roa
Signing time: Tue 08 Mar 2022 08:06:42 +0000
ROA not before: Tue 08 Mar 2022 08:06:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210838
IP address blocks: 185.225.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 493869118 (0x1d6fd83e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 8 08:06:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a38b7c0a9b0f6c1a1dc0d7d5adb05510ddf0615a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:43:97:d7:50:f6:31:15:58:66:8f:a1:3b:98:
84:9d:dd:d1:14:3d:1b:56:81:4a:16:be:09:2d:94:
27:23:33:d1:5d:54:f6:05:d9:71:ac:4b:50:4f:df:
81:e5:04:ce:55:8e:bf:ad:43:99:fd:5b:0c:6b:65:
cf:fc:72:3b:9b:4e:05:d9:bb:1d:5a:d8:32:2b:c7:
69:3d:83:9a:9c:e8:7d:b9:9b:c9:ba:28:ad:63:22:
ff:62:ae:c0:6b:eb:e0:df:e3:b5:d2:10:8f:3b:52:
62:74:29:a5:cd:e8:1d:e5:fb:09:44:b5:c6:3e:66:
2e:f5:8d:48:76:5f:b2:61:17:ef:8d:94:00:f8:23:
b2:4a:22:22:ef:12:c3:d1:71:e0:1f:f6:60:b9:13:
4f:61:5c:c3:7c:75:a0:8c:90:91:22:48:c1:97:96:
c3:a5:4c:8a:92:8e:7d:17:a0:4c:38:88:ff:e7:d8:
1b:e9:99:51:b9:f4:ce:d7:43:a7:bc:79:9c:a3:2f:
66:1d:53:1b:56:40:ce:8e:e0:64:81:ff:8d:c6:90:
13:1c:03:df:60:6d:69:f0:80:a3:a6:a4:7c:23:ac:
d9:8b:ff:6f:b6:24:f3:3f:d9:56:e9:03:58:c4:f1:
52:ab:70:c9:cb:71:f4:c8:9b:f5:3c:b4:50:55:ea:
d0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8B:7C:0A:9B:0F:6C:1A:1D:C0:D7:D5:AD:B0:55:10:DD:F0:61:5A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o4t8CpsPbBodwNfVrbBVEN3wYVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.72.0/24
Signature Algorithm: sha256WithRSAEncryption
82:eb:d6:3b:9a:12:1e:2b:0f:ae:81:ce:42:a6:45:da:27:bb:
29:d4:cb:ea:db:2b:e2:a5:9d:47:0e:57:9c:38:85:3e:02:c1:
53:93:98:e9:a4:9b:52:8e:0c:5a:18:5b:0a:7b:71:d1:34:7f:
3f:6a:ca:c0:d3:e5:2e:a9:18:4e:ce:8c:54:33:7a:a2:15:40:
a8:4a:0c:2e:88:b3:51:52:67:69:68:a9:3e:c2:2e:19:ff:02:
8a:d9:45:da:48:60:90:24:e0:40:11:a3:b9:98:6e:e9:03:b7:
d1:5f:70:ee:d6:d4:ad:57:21:e9:a2:cb:37:05:84:8b:53:6f:
84:55:32:db:ac:9e:75:66:da:22:3b:a6:52:8f:8f:b6:8c:59:
a5:c1:55:2a:e3:0f:33:07:72:2c:31:b9:e4:48:7e:6b:dc:e6:
8d:f2:d1:f4:33:e3:40:fc:c2:d0:fc:e5:a0:3e:bb:97:17:a4:
99:3b:5a:86:ad:45:8d:05:cb:0a:fa:3d:a5:0e:ae:c1:29:52:
f5:4c:f6:b2:18:3e:92:1c:9f:7d:d1:9f:66:4c:ca:70:15:dd:
d6:16:3c:bf:dc:4a:fa:b6:fe:c1:f7:44:cd:17:fd:af:3b:86:
cd:9f:86:ad:15:9f:f8:c4:b2:13:62:14:23:4a:99:65:25:97:
52:31:a2:ca
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHW/YPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDMw
ODA4MDY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM4YjdjMGE5YjBm
NmMxYTFkYzBkN2Q1YWRiMDU1MTBkZGYwNjE1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJDl9dQ9jEVWGaPoTuYhJ3d0RQ9G1aBSha+CS2UJyMz0V1U
9gXZcaxLUE/fgeUEzlWOv61Dmf1bDGtlz/xyO5tOBdm7HVrYMivHaT2Dmpzofbmb
yboorWMi/2KuwGvr4N/jtdIQjztSYnQppc3oHeX7CUS1xj5mLvWNSHZfsmEX742U
APgjskoiIu8Sw9Fx4B/2YLkTT2Fcw3x1oIyQkSJIwZeWw6VMipKOfRegTDiI/+fY
G+mZUbn0ztdDp7x5nKMvZh1TG1ZAzo7gZIH/jcaQExwD32BtafCAo6akfCOs2Yv/
b7Yk8z/ZVukDWMTxUqtwyctx9Mib9Ty0UFXq0JcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSji3wKmw9sGh3A19WtsFUQ3fBhWjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L280dDhDcHNQYkJvZHdOZlZyYkJWRU4zd1lWby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnhSDANBgkqhkiG9w0BAQsFAAOC
AQEAguvWO5oSHisProHOQqZF2ie7KdTL6tsr4qWdRw5XnDiFPgLBU5OY6aSbUo4M
WhhbCntx0TR/P2rKwNPlLqkYTs6MVDN6ohVAqEoMLoizUVJnaWipPsIuGf8CitlF
2khgkCTgQBGjuZhu6QO30V9w7tbUrVch6aLLNwWEi1NvhFUy26yedWbaIjumUo+P
toxZpcFVKuMPMwdyLDG55Eh+a9zmjfLR9DPjQPzC0PzloD67lxekmTtahq1FjQXL
Cvo9pQ6uwSlS9Uz2shg+khyffdGfZkzKcBXd1hY8v9xK+rb+wfdEzRf9rzuGzZ+G
rRWf+MSyE2IUI0qZZSWXUjGiyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:43 2024 by rpki-client on console-ams.rpki-client.org