Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2de158-b19a-49eb-a6ec-284ea425e405/1/kPQVX1hlSD8BPMsEE_R3zVgJp_g.roa
File: kPQVX1hlSD8BPMsEE_R3zVgJp_g.roa (raw, json)
Hash identifier: /SgCcqfs7Vt/mzwbECMJ2kIOxr8NP+kkZUzvc+sAQLI=
Subject key identifier: 90:F4:15:5F:58:65:48:3F:01:3C:CB:04:13:F4:77:CD:58:09:A7:F8
Certificate issuer: /CN=9e18aee8fe70354f75ea6dabf89ed8f94b6a1e58
Certificate serial: 018573E892D219DE454DE50A360126DE2936
Authority key identifier: 9E:18:AE:E8:FE:70:35:4F:75:EA:6D:AB:F8:9E:D8:F9:4B:6A:1E:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhiu6P5wNU916m2r-J7Y-UtqHlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2de158-b19a-49eb-a6ec-284ea425e405/1/kPQVX1hlSD8BPMsEE_R3zVgJp_g.roa
Signing time: Mon 02 Jan 2023 19:14:59 +0000
ROA not before: Mon 02 Jan 2023 19:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59950
IP address blocks: 212.6.48.0/23 maxlen: 23
185.65.60.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:e8:92:d2:19:de:45:4d:e5:0a:36:01:26:de:29:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e18aee8fe70354f75ea6dabf89ed8f94b6a1e58
Validity
Not Before: Jan 2 19:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90f4155f5865483f013ccb0413f477cd5809a7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2d:55:74:7c:43:e7:f2:6f:b3:62:53:ae:4b:
2d:0d:c3:74:5b:18:db:ce:60:4e:76:b0:1e:36:92:
be:37:77:60:bf:47:87:0c:67:c4:f2:4f:97:cb:8b:
54:36:27:df:2c:f9:69:ad:4c:69:bd:22:c8:7a:2f:
40:4a:8a:55:03:2d:98:3d:b1:d5:bb:67:1a:52:db:
7f:2b:51:8d:34:7f:2c:c6:06:b4:b2:99:c1:bc:50:
ff:84:c1:de:a2:1f:99:a0:68:ab:92:f6:29:7a:c0:
17:2a:c7:6a:30:4f:1d:be:50:d3:fd:44:f4:2c:06:
3a:f9:50:30:a3:02:7d:6f:6e:5d:7d:5e:8c:ee:88:
f3:40:89:ee:2e:5d:5c:85:28:9d:92:a1:54:5a:86:
dc:f0:c6:a4:bb:f5:40:08:48:a2:b2:a1:e9:26:7f:
20:8d:a3:bb:c1:41:e0:2c:1d:aa:df:58:6a:4e:d1:
32:0c:b5:9b:b3:e3:57:c4:60:b1:46:0e:aa:f6:cd:
73:b6:c9:ea:bb:53:c8:dd:3a:9b:2c:21:87:34:87:
91:86:35:3d:17:56:09:25:3b:1e:b7:10:6a:73:c9:
63:95:46:f3:cf:97:4b:ff:c6:f0:0f:dc:93:76:e2:
ca:21:06:42:f2:d4:5e:89:b7:db:22:2d:51:03:20:
5d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F4:15:5F:58:65:48:3F:01:3C:CB:04:13:F4:77:CD:58:09:A7:F8
X509v3 Authority Key Identifier:
keyid:9E:18:AE:E8:FE:70:35:4F:75:EA:6D:AB:F8:9E:D8:F9:4B:6A:1E:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhiu6P5wNU916m2r-J7Y-UtqHlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2de158-b19a-49eb-a6ec-284ea425e405/1/kPQVX1hlSD8BPMsEE_R3zVgJp_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2de158-b19a-49eb-a6ec-284ea425e405/1/nhiu6P5wNU916m2r-J7Y-UtqHlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.60.0/23
212.6.48.0/23
Signature Algorithm: sha256WithRSAEncryption
97:b9:b8:e3:6c:23:a3:38:17:33:10:4c:9b:41:6e:a6:d4:b5:
bb:0f:00:e2:8d:be:7c:d1:00:23:8e:18:21:24:dc:5f:be:7f:
2b:9c:61:9a:52:1f:14:8e:f3:b6:3f:70:69:e0:5a:2e:dd:df:
ae:93:23:4a:69:f4:0e:ca:5f:94:5e:c4:53:1a:20:41:94:5c:
9a:0d:13:b3:0c:91:bc:69:e3:b1:3c:04:ff:b3:9a:bd:24:33:
72:47:bc:4b:13:af:b8:04:7a:ed:88:26:6e:32:f5:36:af:43:
6a:d9:02:99:f4:40:7a:c1:10:27:9d:80:28:df:69:b4:41:e3:
4c:96:38:de:f7:84:f7:09:43:d6:30:1b:97:51:62:0c:80:45:
a3:26:ee:5c:28:9f:63:75:74:68:a5:08:d0:0a:15:cf:89:e0:
f5:6c:a3:0c:9e:a2:9f:5d:a5:16:5a:31:18:f7:69:4e:34:bd:
ca:8e:4a:f7:98:09:85:fb:be:be:1f:a0:9a:f6:e1:dc:99:be:
ab:f1:4f:56:9c:77:a5:fb:2d:d6:c6:32:ef:e8:53:fa:1a:36:
38:81:79:3c:ed:46:6e:d5:62:6d:17:bb:68:f7:c9:3e:4a:79:
8f:2e:fd:c6:d9:9f:16:56:b1:8c:6c:ba:64:44:11:25:b8:bf:
fb:e3:3c:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVz6JLSGd5FTeUKNgEm3ik2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMThhZWU4ZmU3MDM1NGY3NWVhNmRhYmY4OWVkOGY5NGI2
YTFlNTgwHhcNMjMwMTAyMTkxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGY0MTU1ZjU4NjU0ODNmMDEzY2NiMDQxM2Y0NzdjZDU4MDlhN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki1VdHxD5/Jvs2JTrkstDcN0Wxjb
zmBOdrAeNpK+N3dgv0eHDGfE8k+Xy4tUNiffLPlprUxpvSLIei9ASopVAy2YPbHV
u2caUtt/K1GNNH8sxga0spnBvFD/hMHeoh+ZoGirkvYpesAXKsdqME8dvlDT/UT0
LAY6+VAwowJ9b25dfV6M7ojzQInuLl1chSidkqFUWobc8Maku/VACEiisqHpJn8g
jaO7wUHgLB2q31hqTtEyDLWbs+NXxGCxRg6q9s1ztsnqu1PI3TqbLCGHNIeRhjU9
F1YJJTsetxBqc8ljlUbzz5dL/8bwD9yTduLKIQZC8tReibfbIi1RAyBdzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJD0FV9YZUg/ATzLBBP0d81YCaf4MB8GA1UdIwQY
MBaAFJ4Yruj+cDVPdeptq/ie2PlLah5YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhpdTZQNXdOVTkxNm0yci1KN1ktVXRxSGxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yZGUxNTgtYjE5YS00OWViLWE2ZWMt
Mjg0ZWE0MjVlNDA1LzEva1BRVlgxaGxTRDhCUE1zRUVfUjN6VmdKcF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yZGUxNTgtYjE5YS00OWViLWE2ZWMtMjg0ZWE0MjVlNDA1
LzEvbmhpdTZQNXdOVTkxNm0yci1KN1ktVXRxSGxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuUE8AwQB
1AYwMA0GCSqGSIb3DQEBCwUAA4IBAQCXubjjbCOjOBczEEybQW6m1LW7DwDijb58
0QAjjhghJNxfvn8rnGGaUh8UjvO2P3Bp4Fou3d+ukyNKafQOyl+UXsRTGiBBlFya
DROzDJG8aeOxPAT/s5q9JDNyR7xLE6+4BHrtiCZuMvU2r0Nq2QKZ9EB6wRAnnYAo
32m0QeNMljje94T3CUPWMBuXUWIMgEWjJu5cKJ9jdXRopQjQChXPieD1bKMMnqKf
XaUWWjEY92lONL3Kjkr3mAmF+76+H6Ca9uHcmb6r8U9WnHel+y3WxjLv6FP6GjY4
gXk87UZu1WJtF7to98k+SnmPLv3G2Z8WVrGMbLpkRBEluL/74zwE
-----END CERTIFICATE-----
Generated at Mon Aug 14 07:24:23 2023 by rpki-client on console-fra.rpki-client.org