Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ce4kLxAPkiSBGu_jNtCvRnTtT_0.roa
File: ce4kLxAPkiSBGu_jNtCvRnTtT_0.roa (raw, json)
Hash identifier: CaFj5FwTpbtcgY7ubOjUrXvjyaahF0dNGjK7OFAqvQg=
Subject key identifier: 71:EE:24:2F:10:0F:92:24:81:1A:EF:E3:36:D0:AF:46:74:ED:4F:FD
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 139BAFD8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ce4kLxAPkiSBGu_jNtCvRnTtT_0.roa
Signing time: Tue 04 Jan 2022 16:54:41 +0000
ROA not before: Tue 04 Jan 2022 16:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42694
IP address blocks: 185.15.136.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328970200 (0x139bafd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 4 16:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71ee242f100f9224811aefe336d0af4674ed4ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c3:27:09:49:f0:80:cf:86:2d:52:b5:d5:83:
3f:18:60:ba:df:24:f2:bb:62:ac:69:bd:ba:90:45:
44:21:48:c9:e0:d9:a7:15:ca:a3:39:aa:7a:b4:87:
23:dc:68:0f:4f:59:b2:9d:7f:90:86:d9:e9:94:02:
aa:64:08:66:1e:77:6d:bb:e6:e2:52:da:e2:ee:9e:
e3:01:4b:54:62:6c:fb:fe:75:49:4e:f9:cd:19:f3:
75:83:cb:b4:e8:ad:a6:2b:5b:d6:df:8a:85:6d:4a:
62:e4:11:a6:69:8b:5e:85:fa:d8:26:5d:4b:5c:f4:
90:0a:21:23:b3:3f:a3:a2:47:2d:43:1c:b0:86:5a:
d7:1f:16:da:00:ee:cc:28:b8:4e:06:a8:01:fd:ea:
d3:3e:cf:3d:6b:ba:c0:2b:76:d4:44:88:22:53:40:
73:2c:4d:ca:ea:c8:99:86:9f:29:22:04:8b:39:90:
79:ea:cc:fa:69:1f:39:66:b0:1f:3f:21:25:dd:2b:
6f:b0:fb:1e:fc:f2:5e:c0:2a:31:0c:45:13:50:bd:
93:4f:91:b4:26:62:0c:b6:cf:6c:6c:f7:85:cd:4c:
83:25:6c:6c:69:a6:c1:8f:c3:30:46:95:19:7c:82:
3d:f9:4d:8c:87:93:e9:b9:d8:79:79:16:2a:1a:85:
b2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EE:24:2F:10:0F:92:24:81:1A:EF:E3:36:D0:AF:46:74:ED:4F:FD
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ce4kLxAPkiSBGu_jNtCvRnTtT_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.136.0/24
Signature Algorithm: sha256WithRSAEncryption
68:9b:fc:c3:6e:f3:3c:52:72:f2:df:99:af:0e:79:b5:24:66:
64:94:6a:a9:51:95:35:fb:1b:3d:b2:6a:f5:4d:a4:f1:c1:99:
c3:96:bb:04:53:87:1d:2f:e7:b0:c9:c9:24:5b:58:7a:c6:84:
db:12:4e:74:52:20:80:2d:9e:73:09:3b:35:62:e8:29:96:5d:
ba:86:9c:d1:4b:39:eb:dd:58:30:93:89:ed:72:fa:6b:5e:eb:
ed:8c:19:69:95:4d:6e:90:0e:bf:a0:51:96:de:95:81:f3:61:
24:eb:d9:b3:5b:7e:39:0f:58:8c:db:e8:5e:b7:aa:9e:c7:39:
75:11:cd:27:9a:58:f2:b3:f1:72:a7:19:2d:5d:af:24:4e:32:
87:c0:3a:eb:7a:88:19:2f:6b:ca:06:79:fe:b0:e0:1a:59:2b:
22:97:08:d8:c5:3c:98:3a:62:38:b9:0b:c8:f7:70:84:b1:4d:
da:79:c5:8f:83:d2:8e:ac:2b:9c:e8:26:cc:20:89:af:25:e9:
bd:0e:90:e5:ed:9b:b3:5c:7b:13:6c:a3:ca:fb:22:80:96:62:
53:f4:83:9b:a9:dc:40:84:68:9f:d1:3d:0d:ce:c0:db:99:cc:
a8:0f:80:52:91:77:43:29:df:75:cd:f6:4a:af:fc:b7:c4:43:
23:19:51:fe
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE5uv2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
NDE2NTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFlZTI0MmYxMDBm
OTIyNDgxMWFlZmUzMzZkMGFmNDY3NGVkNGZmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvDJwlJ8IDPhi1StdWDPxhgut8k8rtirGm9upBFRCFIyeDZ
pxXKozmqerSHI9xoD09Zsp1/kIbZ6ZQCqmQIZh53bbvm4lLa4u6e4wFLVGJs+/51
SU75zRnzdYPLtOitpitb1t+KhW1KYuQRpmmLXoX62CZdS1z0kAohI7M/o6JHLUMc
sIZa1x8W2gDuzCi4TgaoAf3q0z7PPWu6wCt21ESIIlNAcyxNyurImYafKSIEizmQ
eerM+mkfOWawHz8hJd0rb7D7HvzyXsAqMQxFE1C9k0+RtCZiDLbPbGz3hc1MgyVs
bGmmwY/DMEaVGXyCPflNjIeT6bnYeXkWKhqFsgECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRx7iQvEA+SJIEa7+M20K9GdO1P/TAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L2NlNGtMeEFQa2lTQkd1X2pOdEN2Um5UdFRfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkPiDANBgkqhkiG9w0BAQsFAAOC
AQEAaJv8w27zPFJy8t+Zrw55tSRmZJRqqVGVNfsbPbJq9U2k8cGZw5a7BFOHHS/n
sMnJJFtYesaE2xJOdFIggC2ecwk7NWLoKZZduoac0Us5691YMJOJ7XL6a17r7YwZ
aZVNbpAOv6BRlt6VgfNhJOvZs1t+OQ9YjNvoXreqnsc5dRHNJ5pY8rPxcqcZLV2v
JE4yh8A663qIGS9rygZ5/rDgGlkrIpcI2MU8mDpiOLkLyPdwhLFN2nnFj4PSjqwr
nOgmzCCJryXpvQ6Q5e2bs1x7E2yjyvsigJZiU/SDm6ncQIRon9E9Dc7A25nMqA+A
UpF3Qynfdc32Sq/8t8RDIxlR/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org