Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/1-JH2v7EeONgIEjulE98W_SLwSBA.roa
File: 1-JH2v7EeONgIEjulE98W_SLwSBA.roa (raw, json)
Hash identifier: kSCg0WGUZURp17X+qBSGAgGR3+x0cTynhK/VJ9M91dI=
Subject key identifier: F8:91:F6:BF:B1:1E:38:D8:08:12:3B:A5:13:DF:16:FD:22:F0:48:10
Certificate issuer: /CN=633bca0ed1f9b60bc0ed423022d0389e29b6cdd4
Certificate serial: 018592AC9576114B4D93452E6BE135B7EE73
Authority key identifier: 63:3B:CA:0E:D1:F9:B6:0B:C0:ED:42:30:22:D0:38:9E:29:B6:CD:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzvKDtH5tgvA7UIwItA4nim2zdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/1-JH2v7EeONgIEjulE98W_SLwSBA.roa
Signing time: Sun 08 Jan 2023 18:37:41 +0000
ROA not before: Sun 08 Jan 2023 18:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211728
IP address blocks: 185.248.134.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:92:ac:95:76:11:4b:4d:93:45:2e:6b:e1:35:b7:ee:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=633bca0ed1f9b60bc0ed423022d0389e29b6cdd4
Validity
Not Before: Jan 8 18:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f891f6bfb11e38d808123ba513df16fd22f04810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:49:09:12:cb:21:a3:f3:9f:e6:24:d1:09:b6:
a1:63:7c:55:12:ea:74:26:ec:26:87:68:d0:a2:b5:
df:39:67:77:3e:b8:c6:f1:f6:ff:13:cc:1f:65:66:
15:99:c1:2d:e7:d9:99:7d:f2:7e:44:30:76:ad:42:
70:bc:b2:43:5d:32:68:d9:40:05:ec:b8:fa:a6:5d:
63:44:5d:b5:3a:1a:90:ba:d1:04:2d:98:a6:9a:40:
fb:ef:25:f0:2d:d3:1e:3f:3e:09:ac:0a:91:82:78:
33:bb:b0:15:c0:18:6e:d5:b1:76:75:e8:99:e7:6b:
e1:ae:fb:28:1c:ff:7d:8c:78:42:bd:84:db:78:b4:
65:d5:1d:a6:44:e6:42:49:a6:ec:28:c7:7d:e0:bb:
fd:8c:8b:5a:27:f5:73:5d:c7:96:69:25:d1:0d:31:
be:96:3a:32:28:b9:e2:f5:87:43:08:d1:83:c1:6e:
82:f2:d4:2e:ba:4d:39:98:60:1b:3a:f7:00:70:ae:
b8:fe:ef:03:64:08:50:8e:be:e5:02:b0:51:d5:77:
0a:8d:48:2a:37:33:01:0e:30:2d:37:db:d8:b1:75:
01:6e:28:79:7e:72:a4:22:32:3d:e7:ac:d6:0b:62:
6a:63:bf:c1:a6:c5:8a:0a:f6:fa:0e:00:4f:e6:4d:
09:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:91:F6:BF:B1:1E:38:D8:08:12:3B:A5:13:DF:16:FD:22:F0:48:10
X509v3 Authority Key Identifier:
keyid:63:3B:CA:0E:D1:F9:B6:0B:C0:ED:42:30:22:D0:38:9E:29:B6:CD:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzvKDtH5tgvA7UIwItA4nim2zdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/1-JH2v7EeONgIEjulE98W_SLwSBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/YzvKDtH5tgvA7UIwItA4nim2zdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.134.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7d:bf:87:b5:ca:8a:fc:ce:0b:07:43:78:4c:df:31:9e:b5:
52:6e:2a:35:56:02:41:ef:31:67:5f:86:e3:33:57:fd:b1:b1:
08:4b:9e:e7:bc:e3:66:b0:3c:94:92:31:cf:ef:6c:b1:2f:2e:
6c:55:56:0e:26:0d:db:1f:bf:c2:71:21:b4:13:ae:13:a0:30:
b7:7b:de:bc:35:68:62:b7:d7:fa:85:87:4f:2e:8c:37:97:fa:
f7:7e:78:e2:2f:f0:3e:ab:ca:f6:ee:54:a0:9f:d8:9b:9c:03:
d2:fa:4b:c9:b3:1d:0b:3a:db:db:89:24:36:de:04:13:44:f2:
5b:98:85:b6:3d:56:14:89:d6:8b:58:3f:c1:5f:db:2c:69:80:
29:da:d9:e0:7a:b4:ba:e0:44:9a:e7:3b:80:14:4b:16:6a:55:
34:2b:c0:19:3a:22:cb:7e:d7:1c:96:5b:9d:81:34:7c:aa:04:
ed:b8:7a:b2:30:b3:33:7f:1b:fd:fd:3d:bf:3d:da:0f:10:11:
56:48:6a:83:28:6e:a6:1f:94:e1:2f:8e:91:8f:1f:6f:b1:a4:
fa:c6:80:0b:c0:d5:d4:10:f8:e1:d9:c1:b6:c8:b9:59:e5:d8:
63:2a:18:4c:30:17:33:06:ec:46:2f:ab:78:bd:2e:52:35:30:
14:dd:f3:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYWSrJV2EUtNk0Uua+E1t+5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzM2JjYTBlZDFmOWI2MGJjMGVkNDIzMDIyZDAzODllMjli
NmNkZDQwHhcNMjMwMTA4MTgzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODkxZjZiZmIxMWUzOGQ4MDgxMjNiYTUxM2RmMTZmZDIyZjA0ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkkJEssho/Of5iTRCbahY3xVEup0
Juwmh2jQorXfOWd3PrjG8fb/E8wfZWYVmcEt59mZffJ+RDB2rUJwvLJDXTJo2UAF
7Lj6pl1jRF21OhqQutEELZimmkD77yXwLdMePz4JrAqRgngzu7AVwBhu1bF2deiZ
52vhrvsoHP99jHhCvYTbeLRl1R2mROZCSabsKMd94Lv9jItaJ/VzXceWaSXRDTG+
ljoyKLni9YdDCNGDwW6C8tQuuk05mGAbOvcAcK64/u8DZAhQjr7lArBR1XcKjUgq
NzMBDjAtN9vYsXUBbih5fnKkIjI956zWC2JqY7/BpsWKCvb6DgBP5k0JfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPiR9r+xHjjYCBI7pRPfFv0i8EgQMB8GA1UdIwQY
MBaAFGM7yg7R+bYLwO1CMCLQOJ4pts3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXp2S0R0SDV0Z3ZBN1VJd0l0QTRuaW0yemRRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9lMzg3ZmYtNTM0OC00YjMyLWIxMzYt
ZDA1MTg0YzI1ZTlhLzEvMS1KSDJ2N0VlT05nSUVqdWxFOThXX1NMd1NCQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZTM4N2ZmLTUzNDgtNGIzMi1iMTM2LWQwNTE4NGMyNWU5
YS8xL1l6dktEdEg1dGd2QTdVSXdJdEE0bmltMnpkUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn4hjAN
BgkqhkiG9w0BAQsFAAOCAQEAd32/h7XKivzOCwdDeEzfMZ61Um4qNVYCQe8xZ1+G
4zNX/bGxCEue57zjZrA8lJIxz+9ssS8ubFVWDiYN2x+/wnEhtBOuE6Awt3vevDVo
YrfX+oWHTy6MN5f693544i/wPqvK9u5UoJ/Ym5wD0vpLybMdCzrb24kkNt4EE0Ty
W5iFtj1WFInWi1g/wV/bLGmAKdrZ4Hq0uuBEmuc7gBRLFmpVNCvAGToiy37XHJZb
nYE0fKoE7bh6sjCzM38b/f09vz3aDxARVkhqgyhuph+U4S+OkY8fb7Gk+saAC8DV
1BD44dnBtsi5WeXYYyoYTDAXMwbsRi+reL0uUjUwFN3zIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:09 2024 by rpki-client on console-fra.rpki-client.org