Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/hhqx7Il_-uZtfs5_6xvL5RPOT2g.roa
File: hhqx7Il_-uZtfs5_6xvL5RPOT2g.roa (raw, json)
Hash identifier: +ClwB5W7m1IKg74WgkcNffdPSqFJYSslGDNHbCwr5aA=
Subject key identifier: 86:1A:B1:EC:89:7F:FA:E6:6D:7E:CE:7F:EB:1B:CB:E5:13:CE:4F:68
Certificate issuer: /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial: 01882992EB29F902C218CCD46A281FD93493
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/hhqx7Il_-uZtfs5_6xvL5RPOT2g.roa
Signing time: Wed 17 May 2023 11:57:54 +0000
ROA not before: Wed 17 May 2023 11:57:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59441
IP address blocks: 185.83.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:92:eb:29:f9:02:c2:18:cc:d4:6a:28:1f:d9:34:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
Validity
Not Before: May 17 11:57:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=861ab1ec897ffae66d7ece7feb1bcbe513ce4f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9c:ba:f2:83:92:2c:8a:09:06:dd:ce:94:9f:
09:95:27:3d:61:16:0a:c0:97:b1:de:c1:23:48:49:
99:16:70:6d:16:50:93:d6:d6:af:b7:0c:74:03:6a:
f8:4d:51:44:4b:9a:6b:f6:79:b8:8d:0d:83:26:79:
8c:45:5e:56:85:19:80:85:a4:96:23:f6:27:ed:40:
b1:f0:fa:da:b4:37:e8:e6:c7:4a:d7:84:01:fc:8e:
99:f7:a4:c6:fe:88:29:68:4a:bc:3b:ea:a2:89:ee:
8b:2d:85:7b:a5:61:01:03:00:23:44:69:ca:a8:23:
82:70:ae:ae:bd:0d:81:73:92:fc:81:cb:c1:80:58:
15:07:5f:43:bf:79:d2:33:7f:0e:42:86:4b:e6:fa:
52:1e:a5:e7:b0:ef:42:c4:20:cf:1f:c9:5f:55:10:
d5:7f:19:4a:28:a9:4f:38:f2:82:bf:0f:83:6b:87:
0d:be:c0:04:29:8a:42:31:30:b3:1d:0b:76:0c:72:
7e:bf:a2:60:ea:11:35:c8:02:c6:2a:69:50:a9:b1:
34:71:a5:16:d3:84:6a:26:b1:64:3f:b0:a9:38:9d:
45:dc:c7:3f:63:19:b9:1f:35:2b:a1:24:68:da:b0:
38:53:7f:67:3a:aa:67:37:ea:77:a5:8f:fa:1e:a1:
f5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1A:B1:EC:89:7F:FA:E6:6D:7E:CE:7F:EB:1B:CB:E5:13:CE:4F:68
X509v3 Authority Key Identifier:
keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/hhqx7Il_-uZtfs5_6xvL5RPOT2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.181.0/24
Signature Algorithm: sha256WithRSAEncryption
19:4a:10:7d:c3:5d:63:e0:dc:d6:49:dc:07:63:4e:21:5c:6b:
b0:91:5b:ef:65:4d:6d:c2:76:31:fc:39:be:c0:cd:76:05:1d:
61:6d:95:11:c1:61:db:d3:18:6d:7d:a1:0b:ed:db:2c:8e:62:
40:46:d9:2b:76:ff:a1:75:17:7c:1f:fe:49:77:3c:ae:7b:f6:
6f:0f:1a:38:c5:8f:cf:38:f5:45:1c:54:45:8f:2d:f8:2b:e1:
fc:f5:f2:c6:b3:11:cd:f5:97:59:60:c6:c3:a4:bf:a7:87:ca:
0b:77:50:cb:79:94:3f:fd:34:d1:d9:60:41:cf:26:25:b5:d4:
7e:6c:71:85:9b:b5:d4:4d:1a:1e:c4:d1:e2:c8:eb:7f:3c:6d:
9f:d1:ba:70:bb:6a:23:62:06:4a:ea:f7:d4:7f:47:38:e0:b4:
45:9c:54:cf:e5:3a:eb:0c:46:df:d3:f4:96:d2:49:16:0c:af:
c8:3d:1e:ed:e8:bb:f3:33:74:04:a2:11:75:05:02:fc:a6:c7:
8c:4e:8d:10:89:6e:d0:7d:21:29:06:3f:44:5c:92:66:07:3b:
79:e5:63:bc:2c:59:c4:21:4d:c7:df:f9:f4:d7:ef:42:c3:44:
6d:f3:d7:2f:f2:6e:42:01:7c:3c:7a:1c:12:20:37:24:ed:4d:
eb:89:86:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgpkusp+QLCGMzUaigf2TSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjMwNTE3MTE1NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFhYjFlYzg5N2ZmYWU2NmQ3ZWNlN2ZlYjFiY2JlNTEzY2U0ZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJy68oOSLIoJBt3OlJ8JlSc9YRYK
wJex3sEjSEmZFnBtFlCT1tavtwx0A2r4TVFES5pr9nm4jQ2DJnmMRV5WhRmAhaSW
I/Yn7UCx8PratDfo5sdK14QB/I6Z96TG/ogpaEq8O+qiie6LLYV7pWEBAwAjRGnK
qCOCcK6uvQ2Bc5L8gcvBgFgVB19Dv3nSM38OQoZL5vpSHqXnsO9CxCDPH8lfVRDV
fxlKKKlPOPKCvw+Da4cNvsAEKYpCMTCzHQt2DHJ+v6Jg6hE1yALGKmlQqbE0caUW
04RqJrFkP7CpOJ1F3Mc/Yxm5HzUroSRo2rA4U39nOqpnN+p3pY/6HqH1xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYaseyJf/rmbX7Of+sby+UTzk9oMB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvaGhxeDdJbF8tdVp0ZnM1XzZ4dkw1UlBPVDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVO1MA0G
CSqGSIb3DQEBCwUAA4IBAQAZShB9w11j4NzWSdwHY04hXGuwkVvvZU1twnYx/Dm+
wM12BR1hbZURwWHb0xhtfaEL7dssjmJARtkrdv+hdRd8H/5Jdzyue/ZvDxo4xY/P
OPVFHFRFjy34K+H89fLGsxHN9ZdZYMbDpL+nh8oLd1DLeZQ//TTR2WBBzyYltdR+
bHGFm7XUTRoexNHiyOt/PG2f0bpwu2ojYgZK6vfUf0c44LRFnFTP5TrrDEbf0/SW
0kkWDK/IPR7t6LvzM3QEohF1BQL8pseMTo0QiW7QfSEpBj9EXJJmBzt55WO8LFnE
IU3H3/n01+9Cw0Rt89cv8m5CAXw8ehwSIDck7U3riYb9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org