Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/Ni82WaB-rbZZ6BcqoiGvC3ZRwMg.roa
File: Ni82WaB-rbZZ6BcqoiGvC3ZRwMg.roa (raw, json)
Hash identifier: dhyH8sjCg8R4lazx8dTsXkbYx946ELHYJqJa7aZDj34=
Subject key identifier: 36:2F:36:59:A0:7E:AD:B6:59:E8:17:2A:A2:21:AF:0B:76:51:C0:C8
Certificate issuer: /CN=27516d20ebefd12f072d413c4d2606bdb258691a
Certificate serial: 01866497D4DD4223F85A80A015873BEDCA2C
Authority key identifier: 27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/Ni82WaB-rbZZ6BcqoiGvC3ZRwMg.roa
Signing time: Sat 18 Feb 2023 12:55:17 +0000
ROA not before: Sat 18 Feb 2023 12:55:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 185.190.45.0/24 maxlen: 24
195.66.24.0/24 maxlen: 24
195.66.25.0/24 maxlen: 24
195.66.26.0/24 maxlen: 24
195.66.29.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:64:97:d4:dd:42:23:f8:5a:80:a0:15:87:3b:ed:ca:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27516d20ebefd12f072d413c4d2606bdb258691a
Validity
Not Before: Feb 18 12:55:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=362f3659a07eadb659e8172aa221af0b7651c0c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ee:55:b0:6f:d3:0b:53:37:63:60:b7:80:6c:
00:d5:b1:17:8b:7e:0b:01:b8:de:0b:18:19:e5:db:
eb:f2:e5:1f:cf:53:dc:81:d2:cc:9e:aa:fd:a2:34:
58:c1:07:ad:86:44:6f:cf:40:35:5e:c4:a2:3a:9b:
34:b0:38:ea:bb:94:01:71:30:84:95:a0:60:d6:a6:
46:63:82:43:ef:37:45:f2:f8:93:72:40:3f:2d:2d:
7b:3f:e2:bb:d9:c7:6f:c4:53:6e:bd:23:bd:4a:08:
c4:a9:84:bb:23:d8:26:44:cb:69:64:47:30:46:b4:
ff:e2:39:a7:10:0c:01:31:5b:28:65:c9:49:d0:3e:
23:b9:ca:37:67:0a:0c:05:08:9d:22:94:b7:e0:8e:
93:b2:62:c2:00:b1:c1:6d:83:2a:ae:1a:b0:bc:3e:
89:b5:21:4a:94:7f:b8:f9:d2:c1:1b:1b:54:c0:e5:
94:b3:8f:d9:8d:a9:4d:1d:7d:b8:60:95:6e:a3:7e:
3d:df:2b:3b:d3:c7:74:be:b6:28:47:dd:2b:59:7b:
32:3f:5c:ce:d9:3c:09:3b:18:9a:19:3f:ad:a4:78:
41:80:40:3c:9e:b8:9f:bc:98:52:ca:cf:61:ac:a0:
40:b3:2a:d4:72:8a:18:31:6d:10:e1:0a:b7:b6:d8:
09:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:2F:36:59:A0:7E:AD:B6:59:E8:17:2A:A2:21:AF:0B:76:51:C0:C8
X509v3 Authority Key Identifier:
keyid:27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/Ni82WaB-rbZZ6BcqoiGvC3ZRwMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/J1FtIOvv0S8HLUE8TSYGvbJYaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.45.0/24
195.66.24.0-195.66.26.255
195.66.29.0/24
Signature Algorithm: sha256WithRSAEncryption
23:32:7c:d4:0b:c1:b5:a1:b3:94:28:2e:4f:6e:ad:92:98:78:
09:44:eb:10:fe:0b:1c:9b:88:a4:b2:2e:8f:1a:f1:76:55:a4:
87:8b:8a:52:e0:c6:83:5c:85:e4:d5:fa:b1:fc:2c:57:67:9f:
37:cf:01:8e:56:92:eb:ff:8e:1d:95:0b:ae:2d:41:5e:97:b2:
38:8e:9d:6c:96:f0:f2:65:b1:d0:3b:ac:f6:01:49:41:61:16:
d6:8b:ff:be:e1:bf:36:2a:44:42:d9:23:49:4e:46:55:96:d7:
95:06:5e:34:eb:20:78:62:94:78:60:83:47:86:70:67:9c:72:
77:a9:cd:af:27:ac:4a:3d:75:d1:76:9b:3f:b4:26:0d:72:1b:
db:e7:fd:de:96:ba:a8:6c:b9:7a:40:32:c7:6e:25:ec:36:c6:
62:c8:e7:19:d1:63:13:14:e9:3d:31:9e:dd:16:8a:9d:71:c1:
da:3b:0c:c2:3d:de:02:87:e7:db:68:14:fd:d5:30:9d:00:d2:
a6:9e:36:f1:8d:8a:6c:61:af:12:11:9a:2a:89:14:f9:b5:6b:
62:94:b5:36:bb:5e:b8:86:ca:20:f5:1c:6e:ed:5a:fc:36:13:
08:29:13:4c:21:ab:26:75:ee:ee:25:dd:58:c8:1d:6b:b3:e7:
c8:bb:2f:08
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYZkl9TdQiP4WoCgFYc77cosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTE2ZDIwZWJlZmQxMmYwNzJkNDEzYzRkMjYwNmJkYjI1
ODY5MWEwHhcNMjMwMjE4MTI1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjJmMzY1OWEwN2VhZGI2NTllODE3MmFhMjIxYWYwYjc2NTFjMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu5VsG/TC1M3Y2C3gGwA1bEXi34L
AbjeCxgZ5dvr8uUfz1PcgdLMnqr9ojRYwQethkRvz0A1XsSiOps0sDjqu5QBcTCE
laBg1qZGY4JD7zdF8viTckA/LS17P+K72cdvxFNuvSO9SgjEqYS7I9gmRMtpZEcw
RrT/4jmnEAwBMVsoZclJ0D4juco3ZwoMBQidIpS34I6TsmLCALHBbYMqrhqwvD6J
tSFKlH+4+dLBGxtUwOWUs4/ZjalNHX24YJVuo3493ys708d0vrYoR90rWXsyP1zO
2TwJOxiaGT+tpHhBgEA8nrifvJhSys9hrKBAsyrUcooYMW0Q4Qq3ttgJUQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDYvNlmgfq22WegXKqIhrwt2UcDIMB8GA1UdIwQY
MBaAFCdRbSDr79EvBy1BPE0mBr2yWGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYt
NzkwMjQ0NTA4ZGY0LzEvTmk4MldhQi1yYlpaNkJjcW9pR3ZDM1pSd01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYtNzkwMjQ0NTA4ZGY0
LzEvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAub4tMAwD
BAPDQhgDBADDQhoDBADDQh0wDQYJKoZIhvcNAQELBQADggEBACMyfNQLwbWhs5Qo
Lk9urZKYeAlE6xD+CxybiKSyLo8a8XZVpIeLilLgxoNcheTV+rH8LFdnnzfPAY5W
kuv/jh2VC64tQV6XsjiOnWyW8PJlsdA7rPYBSUFhFtaL/77hvzYqRELZI0lORlWW
15UGXjTrIHhilHhgg0eGcGeccnepza8nrEo9ddF2mz+0Jg1yG9vn/d6WuqhsuXpA
MsduJew2xmLI5xnRYxMU6T0xnt0Wip1xwdo7DMI93gKH59toFP3VMJ0A0qaeNvGN
imxhrxIRmiqJFPm1a2KUtTa7XriGyiD1HG7tWvw2EwgpE0whqyZ17u4l3VjIHWuz
58i7Lwg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org