Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/Vrpmzaxq0EsXxsYGKV1QuJJv6dE.roa
File: Vrpmzaxq0EsXxsYGKV1QuJJv6dE.roa (raw, json)
Hash identifier: //YKfXz/lZMhpGJeZrfoNkOUy59GnruYQFQnCiwfSrQ=
Subject key identifier: 56:BA:66:CD:AC:6A:D0:4B:17:C6:C6:06:29:5D:50:B8:92:6F:E9:D1
Certificate issuer: /CN=6d650af172444b52116a7a67d74aac7df8a55e1c
Certificate serial: 018AD26C99E59DE5AE021C4FDDDE5E5C17C8
Authority key identifier: 6D:65:0A:F1:72:44:4B:52:11:6A:7A:67:D7:4A:AC:7D:F8:A5:5E:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWUK8XJES1IRanpn10qsffilXhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/Vrpmzaxq0EsXxsYGKV1QuJJv6dE.roa
Signing time: Tue 26 Sep 2023 16:57:27 +0000
ROA not before: Tue 26 Sep 2023 16:57:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43129
IP address blocks: 185.190.248.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d2:6c:99:e5:9d:e5:ae:02:1c:4f:dd:de:5e:5c:17:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d650af172444b52116a7a67d74aac7df8a55e1c
Validity
Not Before: Sep 26 16:57:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56ba66cdac6ad04b17c6c606295d50b8926fe9d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cf:1b:35:ff:af:f6:08:6b:c0:7a:ae:26:3f:
0b:da:d9:f7:d1:42:c9:01:9a:f2:21:cc:cc:36:a0:
6d:ed:e4:51:69:15:9c:69:2b:92:b0:58:df:2a:69:
06:be:f4:cb:b3:1d:72:10:c2:61:93:16:5a:ad:da:
54:ea:c1:b1:0f:ea:74:8b:0e:38:d9:12:c3:90:ae:
ce:78:db:4c:0e:0c:6d:9a:74:8a:87:ea:29:20:b9:
21:f8:9a:06:17:06:20:49:e1:a7:eb:e9:ba:6e:dc:
18:be:5d:34:b3:17:0c:5e:65:d4:2d:c3:ef:9a:a1:
28:7a:b5:1e:39:25:75:97:9e:be:75:09:8f:03:7f:
3b:6e:7b:13:47:91:b5:cd:86:d2:cb:91:0d:7f:4c:
af:15:23:fa:7e:99:d5:da:d4:8b:db:77:26:5a:56:
c2:0b:5c:fa:c8:23:e8:75:b5:a1:5a:51:19:45:0f:
b7:93:6c:64:ed:c6:68:b4:e9:51:13:1a:bc:aa:cc:
d7:ca:d3:07:25:16:58:cb:7d:aa:c7:fa:e1:e6:97:
e6:28:59:66:bb:64:71:1c:0f:ed:32:fe:2b:77:b6:
fc:12:a2:9f:85:42:a0:97:97:8e:49:a0:40:e1:99:
31:f7:94:bc:61:4c:97:b8:86:8b:b9:22:20:5f:8f:
d2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BA:66:CD:AC:6A:D0:4B:17:C6:C6:06:29:5D:50:B8:92:6F:E9:D1
X509v3 Authority Key Identifier:
keyid:6D:65:0A:F1:72:44:4B:52:11:6A:7A:67:D7:4A:AC:7D:F8:A5:5E:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWUK8XJES1IRanpn10qsffilXhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/Vrpmzaxq0EsXxsYGKV1QuJJv6dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/bWUK8XJES1IRanpn10qsffilXhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.248.0/24
Signature Algorithm: sha256WithRSAEncryption
40:94:e0:f5:81:b9:95:b8:a0:8a:c0:1c:ba:65:f4:0f:34:5b:
de:0e:93:3a:cb:6b:47:e3:27:c5:88:5e:d3:c3:e1:6e:e9:ef:
5e:b6:85:ee:86:21:01:29:1b:ec:a8:e8:36:df:64:22:07:cf:
26:db:fa:17:1d:4c:84:e6:87:a6:40:2c:22:2b:7b:83:a2:d9:
2d:76:c7:33:7a:79:62:9b:28:c8:8e:ec:ef:98:3f:3c:61:d4:
3a:5b:f3:86:a0:aa:e4:0c:44:bb:23:c8:0b:ba:d7:5e:a8:c7:
7d:83:a6:31:df:dd:fa:9d:c1:3e:48:12:37:f0:58:39:3e:05:
77:6e:34:ab:b9:b2:17:a2:11:c3:49:69:c4:3d:81:09:70:3c:
b9:cb:b6:d8:d5:50:ae:03:bd:d5:86:81:95:af:1f:66:93:92:
41:b2:10:40:86:cf:50:76:ff:cf:af:64:c3:da:12:8b:e8:d3:
08:98:73:00:46:86:66:db:89:85:d5:8a:5a:4d:b3:ef:27:2a:
3b:db:8e:ec:9a:41:33:cc:3e:69:d4:94:35:df:d5:3c:a6:01:
93:92:15:a4:69:e5:4d:ae:7b:d3:e7:34:be:bb:a2:b5:f8:b6:
c5:2e:83:a0:46:eb:a6:32:7f:3f:7f:1d:a2:13:4f:ac:ba:2b:
df:54:22:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrSbJnlneWuAhxP3d5eXBfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjUwYWYxNzI0NDRiNTIxMTZhN2E2N2Q3NGFhYzdkZjhh
NTVlMWMwHhcNMjMwOTI2MTY1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmJhNjZjZGFjNmFkMDRiMTdjNmM2MDYyOTVkNTBiODkyNmZlOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis8bNf+v9ghrwHquJj8L2tn30ULJ
AZryIczMNqBt7eRRaRWcaSuSsFjfKmkGvvTLsx1yEMJhkxZardpU6sGxD+p0iw44
2RLDkK7OeNtMDgxtmnSKh+opILkh+JoGFwYgSeGn6+m6btwYvl00sxcMXmXULcPv
mqEoerUeOSV1l56+dQmPA387bnsTR5G1zYbSy5ENf0yvFSP6fpnV2tSL23cmWlbC
C1z6yCPodbWhWlEZRQ+3k2xk7cZotOlRExq8qszXytMHJRZYy32qx/rh5pfmKFlm
u2RxHA/tMv4rd7b8EqKfhUKgl5eOSaBA4Zkx95S8YUyXuIaLuSIgX4/SQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFa6Zs2satBLF8bGBildULiSb+nRMB8GA1UdIwQY
MBaAFG1lCvFyREtSEWp6Z9dKrH34pV4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYldVSzhYSkVTMUlSYW5wbjEwcXNmZmlsWGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iN2NhODktNzBmMi00MDhmLWE0ZTQt
YjRhMGNiOGVkODIxLzEvVnJwbXpheHEwRXNYeHNZR0tWMVF1Skp2NmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iN2NhODktNzBmMi00MDhmLWE0ZTQtYjRhMGNiOGVkODIx
LzEvYldVSzhYSkVTMUlSYW5wbjEwcXNmZmlsWGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub74MA0G
CSqGSIb3DQEBCwUAA4IBAQBAlOD1gbmVuKCKwBy6ZfQPNFveDpM6y2tH4yfFiF7T
w+Fu6e9etoXuhiEBKRvsqOg232QiB88m2/oXHUyE5oemQCwiK3uDotktdsczenli
myjIjuzvmD88YdQ6W/OGoKrkDES7I8gLutdeqMd9g6Yx3936ncE+SBI38Fg5PgV3
bjSrubIXohHDSWnEPYEJcDy5y7bY1VCuA73VhoGVrx9mk5JBshBAhs9Qdv/Pr2TD
2hKL6NMImHMARoZm24mF1YpaTbPvJyo7247smkEzzD5p1JQ139U8pgGTkhWkaeVN
rnvT5zS+u6K1+LbFLoOgRuumMn8/fx2iE0+suivfVCKZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:06 2024 by rpki-client on console-fra.rpki-client.org