Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/6ca5b6-c423-4b54-9655-7c5964990397/1/5fz9Lq30r7soPMkRBzpYrSe94Vg.roa
File: 5fz9Lq30r7soPMkRBzpYrSe94Vg.roa (raw, json)
Hash identifier: R74eiQbfmcAQU3sBCxpwNF2T1XFtmStKeapy3yfeBWw=
Subject key identifier: E5:FC:FD:2E:AD:F4:AF:BB:28:3C:C9:11:07:3A:58:AD:27:BD:E1:58
Certificate issuer: /CN=a036af22669183ba26f23976530e349b34651968
Certificate serial: 06B0934C
Authority key identifier: A0:36:AF:22:66:91:83:BA:26:F2:39:76:53:0E:34:9B:34:65:19:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oDavImaRg7om8jl2Uw40mzRlGWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/6ca5b6-c423-4b54-9655-7c5964990397/1/5fz9Lq30r7soPMkRBzpYrSe94Vg.roa
Signing time: Sat 01 Jan 2022 15:55:14 +0000
ROA not before: Sat 01 Jan 2022 15:55:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205246
IP address blocks: 185.39.18.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112235340 (0x6b0934c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a036af22669183ba26f23976530e349b34651968
Validity
Not Before: Jan 1 15:55:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5fcfd2eadf4afbb283cc911073a58ad27bde158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:38:fd:51:d0:82:68:00:6a:28:ec:6c:ce:f7:
9d:cb:9a:ae:28:29:cb:ab:1b:02:9c:4a:83:e0:6f:
52:8e:e3:1e:c0:2e:3c:a0:8c:0d:f1:9b:2f:b2:87:
22:27:2d:68:11:1c:c5:95:ec:58:5a:4a:76:54:80:
71:5a:cd:dd:dd:34:bf:ff:35:a7:ec:b4:c8:c7:46:
37:3d:69:64:fb:8e:ca:dd:e5:3c:ae:70:a9:74:d3:
51:d9:5e:b9:94:7f:11:e0:91:58:fe:0c:02:29:a5:
a4:26:c7:c9:d3:db:8e:69:a2:28:32:8e:49:57:8a:
c7:83:6d:79:39:36:5c:43:54:23:b5:c7:fb:1c:d9:
ed:ff:7b:47:00:0f:95:9d:68:69:f3:87:34:de:2e:
eb:ca:0b:1a:02:59:19:2a:13:33:48:ce:c5:f0:df:
77:ed:fb:68:90:a2:0c:0e:b3:28:ec:65:e3:74:67:
3c:0f:9d:24:f5:a5:ac:fc:56:a0:65:50:e3:f1:2b:
48:3a:6f:09:a8:ed:4a:4b:a0:6d:65:5d:47:55:eb:
64:c2:0d:57:01:b0:92:90:3e:ec:4e:dd:b6:4d:bb:
26:ad:72:df:ee:9e:6c:40:b9:d0:58:b0:62:dc:99:
8f:d1:75:5e:28:06:92:c8:b2:67:e0:3b:80:a9:0a:
92:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FC:FD:2E:AD:F4:AF:BB:28:3C:C9:11:07:3A:58:AD:27:BD:E1:58
X509v3 Authority Key Identifier:
keyid:A0:36:AF:22:66:91:83:BA:26:F2:39:76:53:0E:34:9B:34:65:19:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oDavImaRg7om8jl2Uw40mzRlGWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/6ca5b6-c423-4b54-9655-7c5964990397/1/5fz9Lq30r7soPMkRBzpYrSe94Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/6ca5b6-c423-4b54-9655-7c5964990397/1/oDavImaRg7om8jl2Uw40mzRlGWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.18.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:bc:b8:3d:f8:4f:45:69:38:89:95:c2:e5:cb:44:c4:69:c9:
03:05:71:06:ce:f6:5e:c9:60:16:0b:9e:25:f7:ac:1a:1a:cc:
d0:a4:ba:0b:4f:6e:e4:3e:e5:18:d8:1b:7e:ea:8c:e0:be:18:
0b:e6:04:ed:a1:4c:07:e0:9b:8a:d4:0f:32:4c:86:9a:68:e3:
6c:bb:81:e9:6d:c0:58:a7:47:ce:d1:e0:3c:60:e8:87:ec:f8:
ca:c5:ec:f4:31:b9:9f:a6:89:0e:1d:b1:4e:3f:3d:ad:9b:75:
f0:1c:39:10:de:f4:d1:b3:f4:79:a9:c0:13:ac:56:fc:73:82:
9e:76:60:f1:6a:1d:dc:ef:85:1c:a4:90:84:7d:4b:e3:8f:9a:
0b:fb:f3:24:1e:e6:a2:c3:26:ee:1a:8c:70:41:c2:77:7d:64:
6a:36:7d:ad:3b:d7:be:13:61:17:ea:d3:79:54:dc:01:c2:8c:
bc:24:c4:c6:33:16:f9:19:8e:5a:02:fb:12:d2:cf:53:1d:ee:
36:85:d6:34:54:80:6c:9f:a1:6e:9a:45:69:6a:ee:32:e6:cb:
71:60:a9:9c:53:2f:13:18:89:0e:9a:2d:ad:e7:2d:08:60:2d:
c8:b9:73:b8:8c:9f:95:d8:de:94:40:3d:55:c7:69:b8:78:7f:
05:6b:bc:55
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBrCTTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDM2YWYyMjY2OTE4M2JhMjZmMjM5NzY1MzBlMzQ5YjM0NjUxOTY4MB4XDTIyMDEw
MTE1NTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTVmY2ZkMmVhZGY0
YWZiYjI4M2NjOTExMDczYTU4YWQyN2JkZTE1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc4/VHQgmgAaijsbM73ncuarigpy6sbApxKg+BvUo7jHsAu
PKCMDfGbL7KHIictaBEcxZXsWFpKdlSAcVrN3d00v/81p+y0yMdGNz1pZPuOyt3l
PK5wqXTTUdleuZR/EeCRWP4MAimlpCbHydPbjmmiKDKOSVeKx4NteTk2XENUI7XH
+xzZ7f97RwAPlZ1oafOHNN4u68oLGgJZGSoTM0jOxfDfd+37aJCiDA6zKOxl43Rn
PA+dJPWlrPxWoGVQ4/ErSDpvCajtSkugbWVdR1XrZMINVwGwkpA+7E7dtk27Jq1y
3+6ebEC50FiwYtyZj9F1XigGksiyZ+A7gKkKkn8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTl/P0urfSvuyg8yREHOlitJ73hWDAfBgNVHSMEGDAWgBSgNq8iZpGDuiby
OXZTDjSbNGUZaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29EYXZJbWFSZzdvbThqbDJVdzQwbXpSbEdXZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvNmNhNWI2LWM0MjMtNGI1NC05NjU1LTdjNTk2NDk5MDM5Ny8x
LzVmejlMcTMwcjdzb1BNa1JCenBZclNlOTRWZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
NmNhNWI2LWM0MjMtNGI1NC05NjU1LTdjNTk2NDk5MDM5Ny8xL29EYXZJbWFSZzdv
bThqbDJVdzQwbXpSbEdXZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALknEjANBgkqhkiG9w0BAQsFAAOC
AQEAa7y4PfhPRWk4iZXC5ctExGnJAwVxBs72XslgFgueJfesGhrM0KS6C09u5D7l
GNgbfuqM4L4YC+YE7aFMB+CbitQPMkyGmmjjbLuB6W3AWKdHztHgPGDoh+z4ysXs
9DG5n6aJDh2xTj89rZt18Bw5EN700bP0eanAE6xW/HOCnnZg8Wod3O+FHKSQhH1L
44+aC/vzJB7mosMm7hqMcEHCd31kajZ9rTvXvhNhF+rTeVTcAcKMvCTExjMW+RmO
WgL7EtLPUx3uNoXWNFSAbJ+hbppFaWruMubLcWCpnFMvExiJDpotrectCGAtyLlz
uIyfldjelEA9VcdpuHh/BWu8VQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:52 2024 by rpki-client on console-fra.rpki-client.org