Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/R8IlIkaAgfps9jsOcaHy2UoSClo.roa
File: R8IlIkaAgfps9jsOcaHy2UoSClo.roa (raw, json)
Hash identifier: EIsm6LlMkHtyQxjVRM3fkHHrFhrCFqH4B6p5e8anosQ=
Subject key identifier: 47:C2:25:22:46:80:81:FA:6C:F6:3B:0E:71:A1:F2:D9:4A:12:0A:5A
Certificate issuer: /CN=27516d20ebefd12f072d413c4d2606bdb258691a
Certificate serial: 018432C96388D6F85AD637BDEFE3F5AD0C32
Authority key identifier: 27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/R8IlIkaAgfps9jsOcaHy2UoSClo.roa
Signing time: Tue 01 Nov 2022 10:42:49 +0000
ROA not before: Tue 01 Nov 2022 10:42:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35575
IP address blocks: 185.190.44.0/23 maxlen: 23
185.190.46.0/24 maxlen: 24
185.190.47.0/24 maxlen: 24
193.238.68.0/22 maxlen: 22
195.66.24.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:c9:63:88:d6:f8:5a:d6:37:bd:ef:e3:f5:ad:0c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27516d20ebefd12f072d413c4d2606bdb258691a
Validity
Not Before: Nov 1 10:42:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47c22522468081fa6cf63b0e71a1f2d94a120a5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:58:8b:c4:d6:18:6d:5c:d7:a9:8f:ea:ee:7d:
1e:da:fa:35:6a:1d:86:6f:b3:c9:ef:14:5f:08:45:
6a:c1:40:e6:fb:2f:24:49:d3:ae:19:20:75:9f:92:
89:a3:70:ce:39:94:a1:ed:39:c7:34:c9:62:fd:61:
36:c0:62:31:ba:4f:fa:46:a2:e4:36:c2:1a:63:a5:
60:52:48:1f:4c:df:52:5c:a1:49:73:75:f4:df:57:
a5:15:82:26:93:4b:5d:d9:b1:9d:7e:2d:d4:c2:77:
8b:f1:be:2c:0f:0e:5d:62:4f:18:59:39:23:bc:12:
74:10:e3:47:12:41:34:09:b1:4e:2b:77:11:b4:91:
35:25:48:f9:50:65:a2:e3:5d:2a:af:db:10:a2:b2:
45:67:9a:94:99:b9:76:46:b1:9f:4d:df:ea:c6:00:
02:2a:5a:77:98:9c:df:4f:18:3a:c9:3f:70:47:f6:
f3:1f:d2:ab:75:ba:ae:02:76:64:20:8a:06:87:1f:
70:32:f0:19:7e:1e:6f:03:0a:b4:f4:68:34:34:92:
c5:e5:46:30:89:48:34:c4:75:b0:b6:56:56:4d:bc:
70:31:3e:ab:ce:62:9b:4a:fa:70:b9:97:16:75:fa:
59:d0:d0:76:67:5e:bf:a9:62:cc:2a:bc:ec:69:fa:
df:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C2:25:22:46:80:81:FA:6C:F6:3B:0E:71:A1:F2:D9:4A:12:0A:5A
X509v3 Authority Key Identifier:
keyid:27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/R8IlIkaAgfps9jsOcaHy2UoSClo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/J1FtIOvv0S8HLUE8TSYGvbJYaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.44.0/22
193.238.68.0/22
195.66.24.0/21
Signature Algorithm: sha256WithRSAEncryption
1a:0c:4b:d3:40:22:65:bf:15:ca:50:dc:21:50:03:0a:98:55:
76:02:ac:76:bb:a9:78:74:95:49:16:e9:ae:04:5d:95:ad:34:
0b:93:57:9b:b5:a0:be:ae:90:a6:07:92:df:6a:2b:f3:cc:a9:
68:87:78:e6:da:21:ca:d6:12:99:21:00:94:98:6c:a2:d8:94:
c7:fd:7c:5d:49:c5:e3:08:98:a5:23:0b:54:56:f8:e4:2e:96:
85:5a:83:44:87:01:67:26:b4:4c:bf:b9:e0:da:48:3a:0f:c0:
dd:ff:cc:45:94:74:dc:09:21:1a:d8:14:88:56:ff:ae:f9:a6:
48:47:db:13:db:b7:c3:5d:71:23:c5:15:10:4c:02:9e:4b:b9:
a1:75:ab:d8:ce:4f:e0:58:cd:3f:11:71:87:a6:7b:5f:d8:04:
b7:58:94:ef:ed:33:af:ca:eb:fd:8e:cb:8a:ee:e0:43:3d:16:
5a:0d:fa:60:91:4e:47:e6:12:e1:36:a8:21:5c:72:77:57:85:
2a:e6:41:ce:25:72:8e:67:32:a3:ec:cd:0d:5d:8d:6e:75:84:
d3:23:c1:64:df:c5:aa:1e:35:f4:c8:e8:33:e5:13:69:3a:bd:
3a:14:15:37:25:d2:13:65:72:43:d3:09:f2:c2:25:8c:f4:1a:
61:09:81:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQyyWOI1vha1je97+P1rQwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTE2ZDIwZWJlZmQxMmYwNzJkNDEzYzRkMjYwNmJkYjI1
ODY5MWEwHhcNMjIxMTAxMTA0MjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2MyMjUyMjQ2ODA4MWZhNmNmNjNiMGU3MWExZjJkOTRhMTIwYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FiLxNYYbVzXqY/q7n0e2vo1ah2G
b7PJ7xRfCEVqwUDm+y8kSdOuGSB1n5KJo3DOOZSh7TnHNMli/WE2wGIxuk/6RqLk
NsIaY6VgUkgfTN9SXKFJc3X031elFYImk0td2bGdfi3UwneL8b4sDw5dYk8YWTkj
vBJ0EONHEkE0CbFOK3cRtJE1JUj5UGWi410qr9sQorJFZ5qUmbl2RrGfTd/qxgAC
Klp3mJzfTxg6yT9wR/bzH9KrdbquAnZkIIoGhx9wMvAZfh5vAwq09Gg0NJLF5UYw
iUg0xHWwtlZWTbxwMT6rzmKbSvpwuZcWdfpZ0NB2Z16/qWLMKrzsafrfjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEfCJSJGgIH6bPY7DnGh8tlKEgpaMB8GA1UdIwQY
MBaAFCdRbSDr79EvBy1BPE0mBr2yWGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYt
NzkwMjQ0NTA4ZGY0LzEvUjhJbElrYUFnZnBzOWpzT2NhSHkyVW9TQ2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYtNzkwMjQ0NTA4ZGY0
LzEvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCub4sAwQC
we5EAwQDw0IYMA0GCSqGSIb3DQEBCwUAA4IBAQAaDEvTQCJlvxXKUNwhUAMKmFV2
Aqx2u6l4dJVJFumuBF2VrTQLk1ebtaC+rpCmB5LfaivzzKloh3jm2iHK1hKZIQCU
mGyi2JTH/XxdScXjCJilIwtUVvjkLpaFWoNEhwFnJrRMv7ng2kg6D8Dd/8xFlHTc
CSEa2BSIVv+u+aZIR9sT27fDXXEjxRUQTAKeS7mhdavYzk/gWM0/EXGHpntf2AS3
WJTv7TOvyuv9jsuK7uBDPRZaDfpgkU5H5hLhNqghXHJ3V4Uq5kHOJXKOZzKj7M0N
XY1udYTTI8Fk38WqHjX0yOgz5RNpOr06FBU3JdITZXJD0wnywiWM9BphCYGz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:59 2024 by rpki-client on console-ams.rpki-client.org