Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/1Bc5FJd9fCMUtpKBiTbmUJ06rfI.roa
File: 1Bc5FJd9fCMUtpKBiTbmUJ06rfI.roa (raw, json)
Hash identifier: MLytSrMNzLlY5Cc/MtHzlTr5+Zdv9coZiu0eANWxw/s=
Subject key identifier: D4:17:39:14:97:7D:7C:23:14:B6:92:81:89:36:E6:50:9D:3A:AD:F2
Certificate issuer: /CN=27516d20ebefd12f072d413c4d2606bdb258691a
Certificate serial: 01866497D5AC3C5BEF72C30331DFECB2A054
Authority key identifier: 27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/1Bc5FJd9fCMUtpKBiTbmUJ06rfI.roa
Signing time: Sat 18 Feb 2023 12:55:17 +0000
ROA not before: Sat 18 Feb 2023 12:55:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35575
IP address blocks: 185.190.46.0/24 maxlen: 24
185.190.47.0/24 maxlen: 24
193.238.68.0/22 maxlen: 22
195.66.27.0/24 maxlen: 24
195.66.28.0/24 maxlen: 24
195.66.31.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:64:97:d5:ac:3c:5b:ef:72:c3:03:31:df:ec:b2:a0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27516d20ebefd12f072d413c4d2606bdb258691a
Validity
Not Before: Feb 18 12:55:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4173914977d7c2314b692818936e6509d3aadf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e6:21:cc:16:b4:3d:d7:4a:57:e1:df:48:e2:
8e:b5:cf:0c:17:04:b9:e4:c4:b4:9b:59:e7:df:fa:
8c:6f:73:e1:49:2e:7b:7c:70:ec:90:58:ef:ec:b6:
a9:a4:77:6e:be:92:c4:4a:5d:e3:3a:2a:4f:db:0a:
14:09:24:11:2c:e9:60:fb:80:f3:b6:1c:20:74:61:
8b:24:e6:00:46:be:22:2c:69:be:2f:9c:2e:9d:ae:
66:c7:cf:e6:45:65:7c:c9:19:92:f6:01:d8:75:d6:
22:a8:b5:a4:ec:08:b1:67:60:ec:d5:ff:a7:05:24:
b9:f7:2f:af:1a:64:0a:bd:d8:8a:63:16:b9:2b:14:
b1:ee:1f:f8:78:e7:12:3d:a5:0d:23:94:bd:8d:40:
ef:c1:6f:90:ca:b3:ea:fd:55:46:1c:7e:8a:1d:ab:
5f:58:2d:4f:38:47:44:7e:e4:65:41:ec:1d:b7:61:
ca:6e:6a:2b:de:ff:6b:fd:61:85:0d:0a:62:0f:f9:
4f:5a:ce:8e:47:8a:ec:3c:dc:04:d8:7f:69:d1:21:
89:75:0f:95:5e:70:8b:02:46:ec:48:cc:85:10:57:
86:41:97:da:50:72:b5:e3:02:a0:a4:5f:0a:2e:73:
bc:0b:d3:8e:28:99:db:5d:93:ff:e6:53:43:8c:bb:
da:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:17:39:14:97:7D:7C:23:14:B6:92:81:89:36:E6:50:9D:3A:AD:F2
X509v3 Authority Key Identifier:
keyid:27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/1Bc5FJd9fCMUtpKBiTbmUJ06rfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/J1FtIOvv0S8HLUE8TSYGvbJYaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.46.0/23
193.238.68.0/22
195.66.27.0-195.66.28.255
195.66.31.0/24
Signature Algorithm: sha256WithRSAEncryption
96:08:4c:eb:83:3d:e2:4a:8b:06:9c:a0:4e:c4:0b:25:c6:f3:
45:dd:1b:2d:15:3c:a5:df:33:46:ae:6e:50:8d:b9:0b:6b:47:
72:ba:9a:01:ea:2e:30:50:0a:0e:99:ad:52:3d:ba:12:90:af:
31:60:bd:e3:6c:a6:cc:b1:51:73:3b:4f:c1:3c:9e:c0:08:ff:
83:c9:81:22:f1:98:47:12:4b:49:a8:f3:e1:d8:d9:17:8c:61:
76:c9:fc:d8:91:3c:a4:8b:99:45:ab:89:b9:38:7d:c6:4f:bb:
17:45:5a:ed:70:34:db:00:a4:23:e5:4d:7e:6f:b5:cc:06:c0:
d1:bf:89:a8:73:3b:09:b9:c8:48:0d:a3:25:ea:1c:b7:c2:47:
28:23:24:57:51:35:f1:04:c2:a2:42:cb:64:38:35:e9:a9:9b:
09:e6:15:55:8e:5a:48:38:d6:4c:9a:c8:c6:e2:c4:98:a9:3b:
5a:93:49:e1:ca:3e:ba:f4:e5:46:ab:a9:3f:fe:67:36:4a:d6:
ff:ff:21:57:b4:16:1a:51:96:f4:80:0a:ef:2a:b1:d3:b9:48:
0b:11:a9:da:b9:0d:3f:7b:ef:f8:83:db:d9:91:9a:a4:c8:42:
54:3d:7e:a7:fc:eb:f4:1e:2a:cf:87:8b:d1:02:95:69:8c:08:
78:ad:e6:f1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYZkl9WsPFvvcsMDMd/ssqBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTE2ZDIwZWJlZmQxMmYwNzJkNDEzYzRkMjYwNmJkYjI1
ODY5MWEwHhcNMjMwMjE4MTI1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDE3MzkxNDk3N2Q3YzIzMTRiNjkyODE4OTM2ZTY1MDlkM2FhZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+YhzBa0PddKV+HfSOKOtc8MFwS5
5MS0m1nn3/qMb3PhSS57fHDskFjv7LappHduvpLESl3jOipP2woUCSQRLOlg+4Dz
thwgdGGLJOYARr4iLGm+L5wuna5mx8/mRWV8yRmS9gHYddYiqLWk7AixZ2Ds1f+n
BSS59y+vGmQKvdiKYxa5KxSx7h/4eOcSPaUNI5S9jUDvwW+QyrPq/VVGHH6KHatf
WC1POEdEfuRlQewdt2HKbmor3v9r/WGFDQpiD/lPWs6OR4rsPNwE2H9p0SGJdQ+V
XnCLAkbsSMyFEFeGQZfaUHK14wKgpF8KLnO8C9OOKJnbXZP/5lNDjLvakwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNQXORSXfXwjFLaSgYk25lCdOq3yMB8GA1UdIwQY
MBaAFCdRbSDr79EvBy1BPE0mBr2yWGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYt
NzkwMjQ0NTA4ZGY0LzEvMUJjNUZKZDlmQ01VdHBLQmlUYm1VSjA2cmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYtNzkwMjQ0NTA4ZGY0
LzEvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBub4uAwQC
we5EMAwDBADDQhsDBADDQhwDBADDQh8wDQYJKoZIhvcNAQELBQADggEBAJYITOuD
PeJKiwacoE7ECyXG80XdGy0VPKXfM0aublCNuQtrR3K6mgHqLjBQCg6ZrVI9uhKQ
rzFgveNspsyxUXM7T8E8nsAI/4PJgSLxmEcSS0mo8+HY2ReMYXbJ/NiRPKSLmUWr
ibk4fcZPuxdFWu1wNNsApCPlTX5vtcwGwNG/iahzOwm5yEgNoyXqHLfCRygjJFdR
NfEEwqJCy2Q4NempmwnmFVWOWkg41kyayMbixJipO1qTSeHKPrr05UarqT/+ZzZK
1v//IVe0FhpRlvSACu8qsdO5SAsRqdq5DT977/iD29mRmqTIQlQ9fqf86/QeKs+H
i9EClWmMCHit5vE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:58 2024 by rpki-client on console-ams.rpki-client.org