Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/J9E6zF_CXOLyPIGwPYb1xBGwtZA.roa
File: J9E6zF_CXOLyPIGwPYb1xBGwtZA.roa (raw, json)
Hash identifier: GxlUwjHofT5MELJOI2GWcEknuwT9XrMil6Ad/x6y+vs=
Subject key identifier: 27:D1:3A:CC:5F:C2:5C:E2:F2:3C:81:B0:3D:86:F5:C4:11:B0:B5:90
Certificate issuer: /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial: 01856D6F6D068DEF6DDA368882A431CFC84F
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/J9E6zF_CXOLyPIGwPYb1xBGwtZA.roa
Signing time: Sun 01 Jan 2023 13:04:57 +0000
ROA not before: Sun 01 Jan 2023 13:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202391
IP address blocks: 185.104.192.0/24 maxlen: 24
185.83.181.0/24 maxlen: 24
185.83.180.0/24 maxlen: 24
185.83.183.0/24 maxlen: 24
185.170.236.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:6d:06:8d:ef:6d:da:36:88:82:a4:31:cf:c8:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
Validity
Not Before: Jan 1 13:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27d13acc5fc25ce2f23c81b03d86f5c411b0b590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f0:af:2f:70:a9:21:2a:3b:8a:ff:b6:b2:4e:
71:69:5d:dc:86:b9:44:24:f0:43:c4:4f:25:eb:2c:
8a:42:c2:26:fc:10:de:81:c6:e9:52:bf:ef:31:be:
db:3f:8d:f3:3c:7f:09:f7:7a:0b:7d:3f:e3:33:99:
8a:78:92:c3:36:ce:a2:5e:b8:34:e0:f9:bd:1a:95:
1b:02:eb:b7:50:f1:09:9f:5b:c2:a5:c2:9b:24:94:
2f:51:25:73:61:46:72:cb:fe:77:91:ae:d9:52:a7:
73:29:5f:71:1f:77:13:f7:ff:45:af:9b:1b:ee:e7:
3c:d0:12:d4:51:4f:f8:65:29:12:69:1e:50:a4:a2:
9a:4a:f2:54:dc:2a:4c:92:df:60:13:50:2d:c0:bc:
b9:e1:a3:77:0a:61:9f:1d:86:0b:fb:6e:0b:9d:b5:
fb:40:3b:ff:db:a0:4b:a8:fd:90:f0:19:4a:30:f1:
57:28:f1:4d:b5:78:2b:50:83:db:bd:3e:87:44:f1:
db:c3:52:c4:be:f4:a5:a6:d6:d0:76:af:bb:27:2a:
2e:aa:e2:d6:56:72:0e:01:ad:b0:c0:fe:aa:55:8b:
a7:ab:2c:cd:95:4e:ae:01:09:51:94:21:d0:27:1c:
01:9b:25:cc:26:23:ef:93:ef:ef:71:81:e1:11:65:
4b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D1:3A:CC:5F:C2:5C:E2:F2:3C:81:B0:3D:86:F5:C4:11:B0:B5:90
X509v3 Authority Key Identifier:
keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/J9E6zF_CXOLyPIGwPYb1xBGwtZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.180.0/23
185.83.183.0/24
185.104.192.0/24
185.170.236.0/22
Signature Algorithm: sha256WithRSAEncryption
35:ff:ce:c0:5b:71:66:11:bf:bb:3f:fa:8a:3e:96:27:e0:1e:
37:b9:12:86:2c:24:20:54:21:b3:8d:ce:4c:0b:35:5f:b1:8d:
9c:36:46:89:6f:67:0e:06:36:76:db:20:00:28:c5:6a:9a:df:
b3:15:e8:37:ae:98:e6:1f:a5:1d:c6:1f:af:35:54:df:d3:52:
90:51:93:64:64:f0:09:27:76:e6:5b:cc:7d:90:bf:9a:fd:80:
e2:c1:3f:c0:45:34:97:f2:55:9d:41:ff:08:3a:01:ee:dc:4c:
99:6c:cc:12:e1:93:5d:93:f8:d4:9a:7a:0c:b8:8e:0a:d6:b2:
77:7e:64:f5:e1:d8:87:b3:61:71:d8:e3:43:ea:84:67:15:13:
b8:3c:4e:34:73:20:e0:df:c4:15:13:66:f8:9f:b1:89:7d:c2:
4e:e5:02:b4:df:d1:65:b8:bf:03:9b:74:b8:04:d1:ae:5a:12:
d0:f1:fe:b9:f7:e8:2f:11:c6:f5:e5:95:c8:d3:16:2a:9e:a7:
dd:d8:87:28:31:18:6e:d1:e7:66:ef:26:64:a8:c2:ce:ef:cf:
33:e2:cb:dc:c2:d6:8d:f4:c7:35:30:9a:e8:16:c3:52:6f:64:
bf:2c:9a:36:9f:8b:3f:23:fa:22:d4:84:0e:08:32:9c:46:16:
68:f6:b7:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtb20Gje9t2jaIgqQxz8hPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjMwMTAxMTMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2QxM2FjYzVmYzI1Y2UyZjIzYzgxYjAzZDg2ZjVjNDExYjBiNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPCvL3CpISo7iv+2sk5xaV3chrlE
JPBDxE8l6yyKQsIm/BDegcbpUr/vMb7bP43zPH8J93oLfT/jM5mKeJLDNs6iXrg0
4Pm9GpUbAuu3UPEJn1vCpcKbJJQvUSVzYUZyy/53ka7ZUqdzKV9xH3cT9/9Fr5sb
7uc80BLUUU/4ZSkSaR5QpKKaSvJU3CpMkt9gE1AtwLy54aN3CmGfHYYL+24LnbX7
QDv/26BLqP2Q8BlKMPFXKPFNtXgrUIPbvT6HRPHbw1LEvvSlptbQdq+7JyouquLW
VnIOAa2wwP6qVYunqyzNlU6uAQlRlCHQJxwBmyXMJiPvk+/vcYHhEWVLAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCfROsxfwlzi8jyBsD2G9cQRsLWQMB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvSjlFNnpGX0NYT0x5UElHd1BZYjF4Qkd3dFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuVO0AwQA
uVO3AwQAuWjAAwQCuarsMA0GCSqGSIb3DQEBCwUAA4IBAQA1/87AW3FmEb+7P/qK
PpYn4B43uRKGLCQgVCGzjc5MCzVfsY2cNkaJb2cOBjZ22yAAKMVqmt+zFeg3rpjm
H6Udxh+vNVTf01KQUZNkZPAJJ3bmW8x9kL+a/YDiwT/ARTSX8lWdQf8IOgHu3EyZ
bMwS4ZNdk/jUmnoMuI4K1rJ3fmT14diHs2Fx2OND6oRnFRO4PE40cyDg38QVE2b4
n7GJfcJO5QK039FluL8Dm3S4BNGuWhLQ8f659+gvEcb15ZXI0xYqnqfd2IcoMRhu
0edm7yZkqMLO788z4svcwtaN9Mc1MJroFsNSb2S/LJo2n4s/I/oi1IQOCDKcRhZo
9rcG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org