Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/SNjkKIcsKFRM7A3kbajfzBWf4eY.roa
File: SNjkKIcsKFRM7A3kbajfzBWf4eY.roa (raw, json)
Hash identifier: 6XAcVCma5sAafpzvwcjCX3cIaypDBhmYHlGDuQF7kKk=
Subject key identifier: 48:D8:E4:28:87:2C:28:54:4C:EC:0D:E4:6D:A8:DF:CC:15:9F:E1:E6
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 01876A15BE2223BBF1D8E1C08B3CC614DACD
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/SNjkKIcsKFRM7A3kbajfzBWf4eY.roa
Signing time: Mon 10 Apr 2023 07:33:42 +0000
ROA not before: Mon 10 Apr 2023 07:33:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208972
IP address blocks: 5.182.247.0/24 maxlen: 24
185.233.244.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:15:be:22:23:bb:f1:d8:e1:c0:8b:3c:c6:14:da:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Apr 10 07:33:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48d8e428872c28544cec0de46da8dfcc159fe1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8a:1d:29:cb:59:5e:c5:2c:ed:4b:89:8d:40:
f7:62:11:96:6e:6a:0b:6b:13:2f:93:dc:be:b4:e4:
dc:87:1e:44:c9:59:36:b6:0d:e4:71:c8:10:e7:ad:
44:a2:22:f0:51:d0:45:b8:88:4c:51:3c:8e:e5:49:
09:4d:92:39:0b:05:ae:8f:cf:68:63:86:df:3d:10:
66:1a:f2:5b:a8:93:30:ff:fb:ad:3b:bd:6c:0b:07:
c4:88:e4:0f:f4:04:21:25:8c:94:d7:37:be:af:4f:
33:0a:59:3c:03:c9:67:10:88:46:45:5a:c0:da:f9:
56:24:75:05:ae:25:f1:0b:56:2f:c6:d2:66:fb:22:
76:fc:a0:3e:c4:79:ff:64:3d:79:43:7d:0a:ad:e2:
2f:90:25:0f:ac:2d:56:d2:75:a8:45:9e:39:bc:35:
60:10:ff:c3:78:03:f0:1b:4a:fc:28:b7:d7:8d:a6:
b8:ca:38:ac:4c:8e:eb:58:6b:1e:11:a0:91:66:cc:
54:d0:11:15:c1:0d:3f:df:8a:b1:92:8f:03:db:cd:
f1:e8:f7:90:8a:47:aa:1f:04:32:2c:61:08:79:11:
a3:5c:8e:ec:88:47:c5:4e:8c:39:3c:16:12:2d:e9:
83:7e:8a:1d:c5:60:61:8f:f8:06:43:33:14:3d:de:
5a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D8:E4:28:87:2C:28:54:4C:EC:0D:E4:6D:A8:DF:CC:15:9F:E1:E6
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/SNjkKIcsKFRM7A3kbajfzBWf4eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.247.0/24
185.233.244.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b2:2e:b5:8a:19:3a:a0:09:1d:9a:c2:52:fb:0d:78:f6:4c:
68:c4:ad:cc:ef:39:09:17:da:55:f5:75:4f:28:cb:8f:80:cc:
0a:c3:b0:20:f5:b5:c5:20:88:c6:a4:d8:f4:2c:5b:60:3e:d4:
c5:0c:9a:b4:ec:00:82:6d:e8:21:8c:6d:76:77:70:0b:8b:7b:
1b:b8:f1:28:ef:f9:6d:a4:77:68:4c:66:61:4b:f9:cd:e9:fc:
e4:c9:90:75:c8:6d:a6:71:54:5d:1e:39:37:e5:09:76:90:4e:
10:54:9d:53:30:41:de:82:ee:19:fa:37:ef:51:fc:5e:82:4c:
4a:3e:8f:d1:9a:d6:42:85:28:b6:b7:9e:03:7f:bf:08:17:52:
b2:1a:3c:68:c6:44:c7:5e:89:c5:6f:db:9d:ba:f6:a5:c7:f1:
fb:55:e5:62:0e:61:dd:fd:ee:4d:14:c9:ba:d3:f1:f6:a1:0c:
5c:93:59:14:c0:11:f0:cb:56:7b:e0:81:c1:5d:6b:af:a1:e1:
9f:7a:f0:47:28:53:52:4a:e2:51:e0:f5:55:01:54:a4:b9:83:
c6:de:34:12:27:2a:da:58:c2:4a:90:7e:d0:59:01:ac:ad:fd:
d1:3e:ef:46:2c:a6:85:13:c6:fd:21:95:78:b9:7a:4f:33:80:
2a:33:62:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdqFb4iI7vx2OHAizzGFNrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjMwNDEwMDczMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQ4ZTQyODg3MmMyODU0NGNlYzBkZTQ2ZGE4ZGZjYzE1OWZlMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4odKctZXsUs7UuJjUD3YhGWbmoL
axMvk9y+tOTchx5EyVk2tg3kccgQ561EoiLwUdBFuIhMUTyO5UkJTZI5CwWuj89o
Y4bfPRBmGvJbqJMw//utO71sCwfEiOQP9AQhJYyU1ze+r08zClk8A8lnEIhGRVrA
2vlWJHUFriXxC1YvxtJm+yJ2/KA+xHn/ZD15Q30KreIvkCUPrC1W0nWoRZ45vDVg
EP/DeAPwG0r8KLfXjaa4yjisTI7rWGseEaCRZsxU0BEVwQ0/34qxko8D283x6PeQ
ikeqHwQyLGEIeRGjXI7siEfFTow5PBYSLemDfoodxWBhj/gGQzMUPd5aOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEjY5CiHLChUTOwN5G2o38wVn+HmMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvU05qa0tJY3NLRlJNN0Eza2JhamZ6QldmNGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbb3AwQA
uen0MA0GCSqGSIb3DQEBCwUAA4IBAQARsi61ihk6oAkdmsJS+w149kxoxK3M7zkJ
F9pV9XVPKMuPgMwKw7Ag9bXFIIjGpNj0LFtgPtTFDJq07ACCbeghjG12d3ALi3sb
uPEo7/ltpHdoTGZhS/nN6fzkyZB1yG2mcVRdHjk35Ql2kE4QVJ1TMEHegu4Z+jfv
UfxegkxKPo/RmtZChSi2t54Df78IF1KyGjxoxkTHXonFb9uduvalx/H7VeViDmHd
/e5NFMm60/H2oQxck1kUwBHwy1Z74IHBXWuvoeGfevBHKFNSSuJR4PVVAVSkuYPG
3jQSJyraWMJKkH7QWQGsrf3RPu9GLKaFE8b9IZV4uXpPM4AqM2Ix
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:43 2024 by rpki-client on console-ams.rpki-client.org