Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/Np6DLcmtVoGCKbZrBoP4YXK_NPg.roa
File: Np6DLcmtVoGCKbZrBoP4YXK_NPg.roa (raw, json)
Hash identifier: Cn3M2uaLWFhL95kpPGr7Z/p6zbKECAZxGYzCvl4cgFw=
Subject key identifier: 36:9E:83:2D:C9:AD:56:81:82:29:B6:6B:06:83:F8:61:72:BF:34:F8
Certificate issuer: /CN=aab1db0e00820876dfa20bec9b719aa795acc1de
Certificate serial: 018CC8016CFABCBF5FF7C9282A0AED8B20C8
Authority key identifier: AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/Np6DLcmtVoGCKbZrBoP4YXK_NPg.roa
Signing time: Tue 02 Jan 2024 02:29:45 +0000
ROA not before: Tue 02 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197075
IP address blocks: 185.25.234.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6c:fa:bc:bf:5f:f7:c9:28:2a:0a:ed:8b:20:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aab1db0e00820876dfa20bec9b719aa795acc1de
Validity
Not Before: Jan 2 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=369e832dc9ad56818229b66b0683f86172bf34f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:93:90:dd:9a:00:86:a1:11:ea:3f:0a:7d:52:
48:e7:a7:78:c5:c1:20:84:d8:bc:07:d4:03:e6:da:
22:ab:c8:42:93:db:a6:5b:9e:92:d8:dc:4e:cf:be:
82:3f:a8:fe:ab:fd:6a:b5:ee:12:c5:9a:ab:1c:f1:
22:43:7c:38:54:e7:f0:06:bd:e2:9b:e6:55:69:40:
18:da:97:95:b7:5d:5f:41:86:c4:01:66:51:18:3b:
dd:e0:3d:13:2c:9e:85:ad:d4:4e:e8:4c:24:4d:44:
0e:3d:f9:79:ae:34:54:0b:54:ba:f4:48:f4:4d:1e:
55:18:61:f5:01:d1:ff:63:15:c1:49:47:66:35:df:
38:55:00:7a:fb:e3:bf:e0:ac:7f:07:da:77:fc:e9:
1a:f7:8c:e7:e1:5a:89:a0:36:e0:b3:5f:68:62:f4:
ea:a2:88:8e:37:94:ab:78:a0:0b:fe:fc:49:f4:e0:
d4:53:64:5a:43:45:7a:4a:b3:3c:8c:ab:ad:9a:3b:
c8:4c:ec:84:41:36:98:01:43:95:e5:24:55:0f:20:
06:fa:b2:b0:ca:08:1e:3f:74:4e:51:0f:c8:56:37:
16:e3:93:dd:30:1e:52:55:03:83:c5:b5:ef:28:90:
fd:75:46:18:0f:38:89:2a:7e:0d:cc:fd:96:3b:08:
0d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9E:83:2D:C9:AD:56:81:82:29:B6:6B:06:83:F8:61:72:BF:34:F8
X509v3 Authority Key Identifier:
keyid:AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/Np6DLcmtVoGCKbZrBoP4YXK_NPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.234.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:79:dd:9f:3e:eb:69:61:a3:c6:c5:d5:cf:df:1b:6f:f7:f1:
02:d0:d0:fb:b1:d7:a2:fb:ab:7d:4b:32:bf:2c:71:8b:49:9c:
67:f6:76:9e:2f:f0:d7:3d:97:f1:35:3b:45:f6:09:2c:75:29:
2f:dd:a5:40:44:17:48:8e:61:c9:39:80:2b:75:62:51:85:f2:
d6:91:a5:44:40:cf:8a:6b:28:fb:10:63:82:12:c2:17:8c:24:
dd:a2:3b:d9:5c:fd:76:ad:0b:a7:49:fd:95:20:58:07:99:66:
57:b1:5f:0f:1a:ef:7e:55:20:ad:56:91:f8:1a:1c:0a:a6:b0:
ca:c6:0e:27:71:3a:09:a0:70:33:23:8f:a6:41:3f:83:fb:ab:
11:0f:8f:0e:c1:f4:c4:f2:f1:6e:cd:45:07:f1:5b:e1:27:bc:
be:61:dd:e9:f4:f4:98:9d:30:5f:bc:46:aa:34:7b:1a:ba:68:
bc:0f:25:77:4f:71:39:b3:7f:9e:29:3c:7b:5a:ac:69:4b:15:
0e:2d:bc:dc:ff:ec:dc:d4:84:bd:a3:3f:63:a5:0b:f3:ff:c4:
69:62:c6:28:20:1d:2d:65:98:2b:68:07:79:72:1f:65:71:70:
cc:8b:ec:fd:f8:10:03:67:0e:47:a1:df:11:0d:eb:77:31:1c:
46:a6:3d:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAWz6vL9f98koKgrtiyDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYjFkYjBlMDA4MjA4NzZkZmEyMGJlYzliNzE5YWE3OTVh
Y2MxZGUwHhcNMjQwMTAyMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjllODMyZGM5YWQ1NjgxODIyOWI2NmIwNjgzZjg2MTcyYmYzNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5OQ3ZoAhqER6j8KfVJI56d4xcEg
hNi8B9QD5toiq8hCk9umW56S2NxOz76CP6j+q/1qte4SxZqrHPEiQ3w4VOfwBr3i
m+ZVaUAY2peVt11fQYbEAWZRGDvd4D0TLJ6FrdRO6EwkTUQOPfl5rjRUC1S69Ej0
TR5VGGH1AdH/YxXBSUdmNd84VQB6++O/4Kx/B9p3/Oka94zn4VqJoDbgs19oYvTq
ooiON5SreKAL/vxJ9ODUU2RaQ0V6SrM8jKutmjvITOyEQTaYAUOV5SRVDyAG+rKw
yggeP3ROUQ/IVjcW45PdMB5SVQODxbXvKJD9dUYYDziJKn4NzP2WOwgN/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDaegy3JrVaBgim2awaD+GFyvzT4MB8GA1UdIwQY
MBaAFKqx2w4Aggh236IL7JtxmqeVrMHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGIt
MjNlMzgxMzY1MWQ0LzEvTnA2RExjbXRWb0dDS2JackJvUDRZWEtfTlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGItMjNlMzgxMzY1MWQ0
LzEvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuRnqMA0G
CSqGSIb3DQEBCwUAA4IBAQCMed2fPutpYaPGxdXP3xtv9/EC0ND7sdei+6t9SzK/
LHGLSZxn9naeL/DXPZfxNTtF9gksdSkv3aVARBdIjmHJOYArdWJRhfLWkaVEQM+K
ayj7EGOCEsIXjCTdojvZXP12rQunSf2VIFgHmWZXsV8PGu9+VSCtVpH4GhwKprDK
xg4ncToJoHAzI4+mQT+D+6sRD48OwfTE8vFuzUUH8VvhJ7y+Yd3p9PSYnTBfvEaq
NHsaumi8DyV3T3E5s3+eKTx7WqxpSxUOLbzc/+zc1IS9oz9jpQvz/8RpYsYoIB0t
ZZgraAd5ch9lcXDMi+z9+BADZw5Hod8RDet3MRxGpj0F
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:37 2024 by rpki-client on console-ams.rpki-client.org