Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/acdMTHLl_4uBxec1YdVbOjeC4VI.roa
File: acdMTHLl_4uBxec1YdVbOjeC4VI.roa (raw, json)
Hash identifier: hwu8iqXmbyHQOZfo86LF/KZJ5kjj3LQTjBelAcBquw0=
Subject key identifier: 69:C7:4C:4C:72:E5:FF:8B:81:C5:E7:35:61:D5:5B:3A:37:82:E1:52
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 13A0F525
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/acdMTHLl_4uBxec1YdVbOjeC4VI.roa
Signing time: Tue 04 Jan 2022 16:54:46 +0000
ROA not before: Tue 04 Jan 2022 16:54:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206535
IP address blocks: 185.15.137.0/24 maxlen: 24
185.243.140.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 329315621 (0x13a0f525)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 4 16:54:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69c74c4c72e5ff8b81c5e73561d55b3a3782e152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:02:17:f2:cf:3a:14:b4:f5:fe:a7:0d:b8:0a:
21:8c:bb:e3:ab:21:ac:69:fd:11:ca:66:0d:a9:8f:
f0:61:b5:d4:64:2b:ab:12:cf:d3:52:48:15:6f:a8:
9a:4c:0e:43:3a:7f:05:3a:f7:2e:68:f3:58:a8:7d:
df:a0:90:4a:35:47:87:8a:84:cc:47:3b:03:68:77:
fd:bc:d3:73:b7:49:4a:9a:33:31:c7:25:e1:84:6b:
5d:a4:e4:ac:4b:b7:11:4a:ba:e0:dc:bc:c0:f3:60:
5f:41:f2:db:b0:7d:c2:e5:70:a5:9d:e1:c9:d6:98:
5d:1b:1f:7a:61:a0:c9:c7:5f:4d:5b:f3:0e:ca:3f:
e5:da:4b:d1:ce:01:64:14:64:3e:b6:7a:97:78:02:
7e:29:34:3e:17:5a:eb:6d:5c:2f:0a:00:90:4a:4d:
9b:df:a6:75:90:b7:9f:76:4a:6e:1a:9c:84:b8:16:
c1:0f:cf:0e:dc:34:c8:7e:da:1c:1b:f0:75:4e:55:
66:1e:50:1b:05:8a:47:9c:f1:89:da:3e:e2:ae:cf:
e2:00:1c:86:50:f2:6c:2d:b7:41:ef:da:22:89:80:
6d:fb:52:e3:24:f8:40:77:c6:a8:5a:e7:92:55:26:
ee:01:8e:6b:c4:ce:59:83:ac:bf:89:59:05:93:82:
74:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C7:4C:4C:72:E5:FF:8B:81:C5:E7:35:61:D5:5B:3A:37:82:E1:52
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/acdMTHLl_4uBxec1YdVbOjeC4VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.137.0/24
185.243.140.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:b7:ea:b3:24:08:fe:f5:bb:a4:5f:34:f5:d5:4b:bc:25:f1:
6f:49:e0:39:b1:e9:b4:b9:b8:5c:68:0b:e5:c4:09:a9:ea:9b:
91:fc:28:1e:7d:7c:57:ce:ac:bd:ab:11:62:cb:82:89:97:62:
49:9c:4c:dd:ab:ce:0b:ee:47:4d:74:fa:3d:df:8a:fb:9a:b1:
ed:8e:90:08:3d:ee:ca:84:67:c2:13:6c:3c:2c:b7:cf:d0:89:
26:42:69:c0:86:4c:de:4b:86:03:0e:9d:4c:58:1d:4e:af:ef:
e7:20:cc:ff:db:8f:89:09:8c:bc:dd:43:dc:4c:56:4e:93:d3:
08:2b:b6:ae:f5:7d:2b:f3:aa:b1:9e:95:e5:d2:e4:85:b3:c8:
2d:44:c2:6a:dc:75:f5:03:fb:21:5e:c9:0c:7d:1c:30:e7:b1:
8f:84:ef:c8:59:6d:b2:9d:63:a5:07:69:83:3d:96:47:bc:11:
6f:69:86:80:c8:31:cd:6b:b3:92:77:f7:26:ff:1e:39:e9:90:
4c:0d:34:7a:09:4c:a9:4f:5c:e3:4e:9f:7c:98:25:56:58:e1:
e4:97:51:22:07:ba:e3:b4:bb:8b:17:c5:d6:be:9c:a6:a6:e9:
6e:75:29:08:e7:9c:5b:5a:29:62:41:fa:5a:a1:8d:64:ac:3a:
bb:64:20:9f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEE6D1JTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
NDE2NTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjljNzRjNGM3MmU1
ZmY4YjgxYzVlNzM1NjFkNTViM2EzNzgyZTE1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMCF/LPOhS09f6nDbgKIYy746shrGn9EcpmDamP8GG11GQr
qxLP01JIFW+omkwOQzp/BTr3LmjzWKh936CQSjVHh4qEzEc7A2h3/bzTc7dJSpoz
Mccl4YRrXaTkrEu3EUq64Ny8wPNgX0Hy27B9wuVwpZ3hydaYXRsfemGgycdfTVvz
Dso/5dpL0c4BZBRkPrZ6l3gCfik0Phda621cLwoAkEpNm9+mdZC3n3ZKbhqchLgW
wQ/PDtw0yH7aHBvwdU5VZh5QGwWKR5zxido+4q7P4gAchlDybC23Qe/aIomAbftS
4yT4QHfGqFrnklUm7gGOa8TOWYOsv4lZBZOCdGUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRpx0xMcuX/i4HF5zVh1Vs6N4LhUjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L2FjZE1USExsXzR1QnhlYzFZZFZiT2plQzRWSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALkPiQMEArnzjDANBgkqhkiG9w0B
AQsFAAOCAQEAobfqsyQI/vW7pF809dVLvCXxb0ngObHptLm4XGgL5cQJqeqbkfwo
Hn18V86svasRYsuCiZdiSZxM3avOC+5HTXT6Pd+K+5qx7Y6QCD3uyoRnwhNsPCy3
z9CJJkJpwIZM3kuGAw6dTFgdTq/v5yDM/9uPiQmMvN1D3ExWTpPTCCu2rvV9K/Oq
sZ6V5dLkhbPILUTCatx19QP7IV7JDH0cMOexj4TvyFltsp1jpQdpgz2WR7wRb2mG
gMgxzWuzknf3Jv8eOemQTA00eglMqU9c406ffJglVljh5JdRIge647S7ixfF1r6c
pqbpbnUpCOecW1opYkH6WqGNZKw6u2Qgnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org