Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/64P-_bDc1m-mQ7ozsy2XTQyPqUg.roa
File: 64P-_bDc1m-mQ7ozsy2XTQyPqUg.roa (raw, json)
Hash identifier: OvPItWMhzorWoweixYUxhY+hXR1kjU767jiKKCIn6ZY=
Subject key identifier: EB:83:FE:FD:B0:DC:D6:6F:A6:43:BA:33:B3:2D:97:4D:0C:8F:A9:48
Certificate issuer: /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial: 018861CD4D69541E6A98FDBC00A4F29E6633
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/64P-_bDc1m-mQ7ozsy2XTQyPqUg.roa
Signing time: Sun 28 May 2023 10:00:24 +0000
ROA not before: Sun 28 May 2023 10:00:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202391
IP address blocks: 185.104.192.0/24 maxlen: 24
185.83.180.0/24 maxlen: 24
185.170.236.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:61:cd:4d:69:54:1e:6a:98:fd:bc:00:a4:f2:9e:66:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
Validity
Not Before: May 28 10:00:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb83fefdb0dcd66fa643ba33b32d974d0c8fa948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d7:d9:04:5d:a5:c8:27:88:1e:16:ec:ab:94:
88:2f:98:07:80:ae:16:5b:6a:93:fe:48:42:20:72:
72:f9:2d:1d:67:02:52:b0:b4:60:3a:a8:c0:8d:33:
fc:c1:12:8f:7f:52:47:85:76:f1:dd:30:85:74:0b:
1a:a6:76:c4:9b:b7:92:6b:bb:3e:57:a1:a6:88:fd:
9e:09:82:cd:96:3d:a3:a1:19:c7:41:c1:d1:4d:7d:
0d:13:ba:f1:b2:1d:d8:18:94:bc:26:7f:65:c2:28:
01:23:30:19:ca:18:31:df:9e:9b:5f:eb:9c:7f:e5:
d7:d5:d6:5c:8c:49:1f:26:0d:8b:17:1d:31:87:0e:
43:7a:7f:5c:fa:4a:64:17:f1:e0:9f:27:86:1b:1b:
3b:1a:cd:7c:31:a4:10:a8:9c:a4:e0:70:ef:25:ab:
58:a1:02:6a:0c:61:96:18:af:d3:fc:08:2f:d9:08:
a3:ea:ca:a5:82:e5:a6:65:7e:ab:8a:b3:64:55:23:
4f:c1:5d:b0:00:04:98:ca:7e:a9:e8:06:92:d8:36:
6a:7f:95:c0:68:80:da:0f:a7:f2:13:03:ee:e4:b7:
99:e1:6f:48:9f:2c:6f:fe:51:cc:23:a2:8b:4c:14:
41:7e:00:fb:4c:e3:9b:44:49:2c:fd:c4:e7:f3:c5:
8c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:83:FE:FD:B0:DC:D6:6F:A6:43:BA:33:B3:2D:97:4D:0C:8F:A9:48
X509v3 Authority Key Identifier:
keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/64P-_bDc1m-mQ7ozsy2XTQyPqUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.180.0/24
185.104.192.0/24
185.170.236.0/22
Signature Algorithm: sha256WithRSAEncryption
43:57:00:91:82:ae:a6:bd:58:37:76:56:0e:da:0b:54:95:f2:
79:5a:21:9a:cf:9d:a7:28:9a:0d:5d:1d:9a:3e:2c:3b:8d:df:
98:54:7c:37:c9:e2:09:b0:8d:66:a7:ce:42:87:58:17:a4:08:
d4:b8:30:47:5b:eb:72:7c:ae:78:0f:bc:8b:70:cc:32:04:e0:
89:78:f6:35:b0:3b:54:4c:32:91:17:2a:97:0b:f0:b8:62:ff:
67:da:b8:13:8f:0a:c5:77:2e:14:19:ef:6b:07:3c:f2:20:ad:
11:a5:a3:67:3f:6e:ca:8c:82:1f:38:4c:cc:9e:1e:de:d1:29:
8d:97:51:12:0d:7c:03:40:41:4b:0e:6b:82:52:68:31:3e:0c:
bb:a9:42:66:cd:3f:10:7f:b9:a5:f2:1f:53:79:ae:c4:55:f3:
b5:05:7d:d3:fb:79:fc:43:58:d0:bf:a8:08:e0:73:ea:cc:37:
96:91:5a:f2:f2:69:66:dd:b9:de:3b:cd:4a:c7:b8:1e:0c:d1:
71:2a:54:a9:a4:e2:6c:b9:b7:2e:4b:28:72:fc:42:cf:ac:c7:
1c:4c:c1:a5:26:f7:97:c0:b7:03:85:54:40:42:91:30:8c:5d:
1a:58:34:6a:3b:aa:a6:52:79:57:ee:fd:ec:4e:23:9d:94:b1:
84:8d:94:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhhzU1pVB5qmP28AKTynmYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjMwNTI4MTAwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjgzZmVmZGIwZGNkNjZmYTY0M2JhMzNiMzJkOTc0ZDBjOGZhOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9fZBF2lyCeIHhbsq5SIL5gHgK4W
W2qT/khCIHJy+S0dZwJSsLRgOqjAjTP8wRKPf1JHhXbx3TCFdAsapnbEm7eSa7s+
V6GmiP2eCYLNlj2joRnHQcHRTX0NE7rxsh3YGJS8Jn9lwigBIzAZyhgx356bX+uc
f+XX1dZcjEkfJg2LFx0xhw5Den9c+kpkF/HgnyeGGxs7Gs18MaQQqJyk4HDvJatY
oQJqDGGWGK/T/Agv2Qij6sqlguWmZX6rirNkVSNPwV2wAASYyn6p6AaS2DZqf5XA
aIDaD6fyEwPu5LeZ4W9Inyxv/lHMI6KLTBRBfgD7TOObREks/cTn88WMtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOuD/v2w3NZvpkO6M7Mtl00Mj6lIMB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvNjRQLV9iRGMxbS1tUTdvenN5MlhUUXlQcVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVO0AwQA
uWjAAwQCuarsMA0GCSqGSIb3DQEBCwUAA4IBAQBDVwCRgq6mvVg3dlYO2gtUlfJ5
WiGaz52nKJoNXR2aPiw7jd+YVHw3yeIJsI1mp85Ch1gXpAjUuDBHW+tyfK54D7yL
cMwyBOCJePY1sDtUTDKRFyqXC/C4Yv9n2rgTjwrFdy4UGe9rBzzyIK0RpaNnP27K
jIIfOEzMnh7e0SmNl1ESDXwDQEFLDmuCUmgxPgy7qUJmzT8Qf7ml8h9Tea7EVfO1
BX3T+3n8Q1jQv6gI4HPqzDeWkVry8mlm3bneO81Kx7geDNFxKlSppOJsubcuSyhy
/ELPrMccTMGlJveXwLcDhVRAQpEwjF0aWDRqO6qmUnlX7v3sTiOdlLGEjZR3
-----END CERTIFICATE-----
Generated at Wed Oct 4 11:29:40 2023 by rpki-client on console-ams.rpki-client.org