Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/0dRJcY_0C6vcjomvPLtKwXzozQk.roa
File: 0dRJcY_0C6vcjomvPLtKwXzozQk.roa (raw, json)
Hash identifier: CF+KZ4ST7bLQH4bc8AJfB31JYwZekXKrPYB3XaGbYhI=
Subject key identifier: D1:D4:49:71:8F:F4:0B:AB:DC:8E:89:AF:3C:BB:4A:C1:7C:E8:CD:09
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 018CC94ADFDBD34C209C9A9EBD55D3A8AA6A
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/0dRJcY_0C6vcjomvPLtKwXzozQk.roa
Signing time: Tue 02 Jan 2024 08:29:36 +0000
ROA not before: Tue 02 Jan 2024 08:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215846
IP address blocks: 185.111.110.0/24 maxlen: 24
2a06:5d81::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:df:db:d3:4c:20:9c:9a:9e:bd:55:d3:a8:aa:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jan 2 08:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1d449718ff40babdc8e89af3cbb4ac17ce8cd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e1:e8:82:ff:f0:89:a6:b3:84:56:c7:c8:8e:
5c:f9:cc:e8:56:e6:20:9c:57:69:92:af:5e:ec:00:
07:3f:96:2d:2e:28:ea:2e:37:d2:a4:b7:94:06:e8:
fd:ad:14:47:08:e2:4d:a5:be:b4:b6:0b:38:9a:c7:
18:bb:1d:c1:28:63:f5:d2:41:71:91:bd:a1:95:0d:
ac:b0:85:52:b5:da:55:24:c1:76:ab:2b:45:4a:56:
30:9e:b1:78:37:9b:45:94:8d:f8:6a:4e:40:0d:3c:
1d:ad:da:4d:08:28:16:ed:0f:d6:90:ed:90:34:31:
c1:b1:03:41:9a:bd:1b:75:da:af:51:2e:3b:2e:c5:
fe:ce:ad:9c:5b:38:73:08:8d:30:2b:1f:83:58:eb:
96:0d:a5:6a:1d:ec:f0:8c:99:35:e0:e2:9e:b1:ff:
8d:1b:2a:70:f6:09:ae:6b:c6:e5:39:68:f3:94:16:
63:dd:9d:98:81:72:68:42:62:f9:8a:fb:84:57:19:
f7:55:48:d5:2d:a7:bf:33:41:b6:38:34:12:e4:12:
75:08:08:dc:a5:7b:20:e7:10:31:c6:58:c2:fb:68:
4e:72:f3:1d:a4:6a:5d:64:a3:7a:9b:11:0a:09:59:
5b:d4:2c:85:ab:e7:fc:0f:18:f2:97:59:4f:01:b8:
ba:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D4:49:71:8F:F4:0B:AB:DC:8E:89:AF:3C:BB:4A:C1:7C:E8:CD:09
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/0dRJcY_0C6vcjomvPLtKwXzozQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.110.0/24
IPv6:
2a06:5d81::/32
Signature Algorithm: sha256WithRSAEncryption
4a:47:aa:8e:62:86:c7:03:e1:13:d1:99:80:6f:3d:0c:62:0b:
bd:99:c5:8a:9e:6e:48:64:30:b8:94:7a:eb:04:6b:3d:83:18:
f5:62:dc:b1:2a:f8:bd:fb:3e:ae:a0:9f:66:d7:d9:d6:7d:b1:
59:59:a8:9e:4f:d4:89:88:86:ce:1d:68:ae:d1:cf:c6:15:bc:
50:ef:17:31:75:b6:6f:de:07:27:1d:b3:16:b3:ae:8f:57:0d:
1f:e4:22:34:0c:10:21:a7:c9:e6:e2:ef:b7:74:eb:eb:a5:2e:
64:71:9d:52:e4:fe:1b:1c:f2:72:0d:bc:54:50:9e:71:46:21:
e8:02:8e:cb:81:fd:1b:90:41:8b:94:2f:d6:e3:eb:ea:59:d8:
37:be:5a:c8:19:16:9a:db:86:d7:b2:c5:78:6a:e9:ea:a1:b2:
48:45:c6:00:cd:10:86:df:57:81:9c:1a:c6:14:58:03:e0:d3:
40:5c:be:79:f4:5b:af:ea:4c:2d:6e:28:39:06:2e:b2:51:ce:
a2:d8:66:74:2f:30:88:24:bb:7d:dd:c3:b8:53:eb:49:e2:71:
00:83:f9:79:03:12:79:2a:24:61:6f:fd:32:ee:b8:2e:91:09:
ed:e7:03:2a:8a:8e:f0:33:47:3b:34:0f:64:e4:e3:a3:3d:29:
1d:ec:e7:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJSt/b00wgnJqevVXTqKpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjQwMTAyMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQ0NDk3MThmZjQwYmFiZGM4ZTg5YWYzY2JiNGFjMTdjZThjZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+Hogv/wiaazhFbHyI5c+czoVuYg
nFdpkq9e7AAHP5YtLijqLjfSpLeUBuj9rRRHCOJNpb60tgs4mscYux3BKGP10kFx
kb2hlQ2ssIVStdpVJMF2qytFSlYwnrF4N5tFlI34ak5ADTwdrdpNCCgW7Q/WkO2Q
NDHBsQNBmr0bddqvUS47LsX+zq2cWzhzCI0wKx+DWOuWDaVqHezwjJk14OKesf+N
Gypw9gmua8blOWjzlBZj3Z2YgXJoQmL5ivuEVxn3VUjVLae/M0G2ODQS5BJ1CAjc
pXsg5xAxxljC+2hOcvMdpGpdZKN6mxEKCVlb1CyFq+f8Dxjyl1lPAbi6uwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNHUSXGP9Aur3I6Jrzy7SsF86M0JMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvMGRSSmNZXzBDNnZjam9tdlBMdEt3WHpvelFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuW9uMA0E
AgACMAcDBQAqBl2BMA0GCSqGSIb3DQEBCwUAA4IBAQBKR6qOYobHA+ET0ZmAbz0M
Ygu9mcWKnm5IZDC4lHrrBGs9gxj1YtyxKvi9+z6uoJ9m19nWfbFZWaieT9SJiIbO
HWiu0c/GFbxQ7xcxdbZv3gcnHbMWs66PVw0f5CI0DBAhp8nm4u+3dOvrpS5kcZ1S
5P4bHPJyDbxUUJ5xRiHoAo7Lgf0bkEGLlC/W4+vqWdg3vlrIGRaa24bXssV4aunq
obJIRcYAzRCG31eBnBrGFFgD4NNAXL559Fuv6kwtbig5Bi6yUc6i2GZ0LzCIJLt9
3cO4U+tJ4nEAg/l5AxJ5KiRhb/0y7rgukQnt5wMqio7wM0c7NA9k5OOjPSkd7OdB
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:06 2024 by rpki-client on console-fra.rpki-client.org