Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qj8jr7YBoXcVUW1WKIvw6JC26QA.roa
File: Qj8jr7YBoXcVUW1WKIvw6JC26QA.roa (raw, json)
Hash identifier: DUtuCHwLTMf2qAU0rKC016JQ3sTWGT7L15hXRP0jJWA=
Subject key identifier: 42:3F:23:AF:B6:01:A1:77:15:51:6D:56:28:8B:F0:E8:90:B6:E9:00
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7B5878FF6592F35AE99361090D2E0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qj8jr7YBoXcVUW1WKIvw6JC26QA.roa
Signing time: Mon 02 Jan 2023 08:44:54 +0000
ROA not before: Mon 02 Jan 2023 08:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206005
IP address blocks: 185.15.137.0/24 maxlen: 24
185.243.140.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b5:87:8f:f6:59:2f:35:ae:99:36:10:90:d2:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=423f23afb601a17715516d56288bf0e890b6e900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b5:68:74:79:48:c0:4e:85:4d:68:cb:2a:11:
1b:38:84:80:a3:ac:07:44:a9:d8:b2:3d:27:74:fa:
c7:93:c8:b9:45:a2:2d:97:d1:c6:05:82:f0:c0:c2:
82:af:66:d7:fb:23:44:11:c7:88:d9:dc:7e:84:29:
de:11:61:8e:8d:83:c8:8c:19:e8:be:a8:ff:e3:58:
f2:17:7c:ad:47:e3:ee:00:69:ca:6a:42:98:a2:7e:
37:7e:dc:3c:e3:86:47:a6:98:3c:99:d1:b6:ff:2d:
ff:4b:3c:e5:04:f2:3d:06:58:b8:16:eb:95:5a:9a:
2b:ab:1b:d1:bf:85:47:0b:8b:49:cb:1c:0a:b0:4c:
04:53:c5:cc:af:cb:ff:5b:07:0f:a3:75:c6:bd:26:
05:b7:ce:12:0e:a2:aa:c9:3a:5a:03:d9:a0:de:b1:
bc:8b:b4:a0:c7:39:23:bb:db:4e:47:16:b1:39:81:
94:e4:2a:8f:e5:a3:90:f7:df:c9:7e:14:ff:37:fb:
2d:f1:a9:2a:dd:c8:b1:b9:28:e8:d9:c9:ff:86:20:
40:b9:37:80:cb:8a:eb:11:0f:22:4e:d2:15:52:fc:
f7:40:84:7c:ce:f9:f1:64:1f:bf:66:26:4f:a3:bf:
74:4c:a2:25:d6:5e:54:eb:ad:15:85:f0:84:00:a4:
2e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3F:23:AF:B6:01:A1:77:15:51:6D:56:28:8B:F0:E8:90:B6:E9:00
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qj8jr7YBoXcVUW1WKIvw6JC26QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.137.0/24
185.243.140.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:e7:f7:5f:04:f9:c1:ea:ca:08:c3:42:41:39:db:89:85:44:
37:f3:54:4d:c8:68:f8:0d:74:9d:ea:01:88:02:9f:08:aa:a1:
5c:02:03:7c:28:12:5a:a1:68:72:f9:3d:bf:d6:7f:dc:5d:2e:
82:c7:b4:ab:23:01:dd:bb:88:96:c5:60:52:8f:2a:2e:f0:30:
15:07:10:02:98:e3:2e:39:b2:75:e7:c4:66:a4:f5:49:40:9d:
7e:df:68:79:1c:01:0e:04:95:d4:28:8a:21:a3:54:18:7e:4a:
f4:fe:c9:88:62:78:32:9f:2c:a6:62:70:92:8c:c4:30:c4:77:
a5:6d:7b:db:96:29:c0:05:e9:c9:01:a2:f2:df:79:79:76:95:
51:0c:ed:83:6c:53:99:01:8c:0e:d9:e4:a8:24:8e:de:ba:cd:
cb:64:85:8e:e4:bb:0f:5d:f5:66:91:d2:84:61:f9:23:66:47:
99:13:ab:80:7a:48:a5:64:8b:18:ea:e8:60:0b:ec:f9:2b:c6:
0c:65:8c:b9:00:9d:85:f4:85:1b:27:ec:28:9a:de:04:47:68:
06:b6:c3:f3:c1:a2:b9:70:08:1b:79:46:05:64:d8:8b:7f:c9:
3f:d3:53:7e:8a:2e:26:d3:f2:9e:96:59:ba:ac:ef:ae:00:e7:
00:4d:24:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp7WHj/ZZLzWumTYQkNLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNmMjNhZmI2MDFhMTc3MTU1MTZkNTYyODhiZjBlODkwYjZlOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbVodHlIwE6FTWjLKhEbOISAo6wH
RKnYsj0ndPrHk8i5RaItl9HGBYLwwMKCr2bX+yNEEceI2dx+hCneEWGOjYPIjBno
vqj/41jyF3ytR+PuAGnKakKYon43ftw844ZHppg8mdG2/y3/SzzlBPI9Bli4FuuV
WporqxvRv4VHC4tJyxwKsEwEU8XMr8v/WwcPo3XGvSYFt84SDqKqyTpaA9mg3rG8
i7Sgxzkju9tORxaxOYGU5CqP5aOQ99/JfhT/N/st8akq3cixuSjo2cn/hiBAuTeA
y4rrEQ8iTtIVUvz3QIR8zvnxZB+/ZiZPo790TKIl1l5U660VhfCEAKQuRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEI/I6+2AaF3FVFtViiL8OiQtukAMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUWo4anI3WUJvWGNWVVcxV0tJdnc2SkMyNlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQ+JAwQC
ufOMMA0GCSqGSIb3DQEBCwUAA4IBAQBO5/dfBPnB6soIw0JBOduJhUQ381RNyGj4
DXSd6gGIAp8IqqFcAgN8KBJaoWhy+T2/1n/cXS6Cx7SrIwHdu4iWxWBSjyou8DAV
BxACmOMuObJ158RmpPVJQJ1+32h5HAEOBJXUKIoho1QYfkr0/smIYngynyymYnCS
jMQwxHelbXvblinABenJAaLy33l5dpVRDO2DbFOZAYwO2eSoJI7eus3LZIWO5LsP
XfVmkdKEYfkjZkeZE6uAekilZIsY6uhgC+z5K8YMZYy5AJ2F9IUbJ+womt4ER2gG
tsPzwaK5cAgbeUYFZNiLf8k/01N+ii4m0/Kellm6rO+uAOcATSTi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org