Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vGqNvGmroiG124cxNaLaknKX9zY.roa
File: vGqNvGmroiG124cxNaLaknKX9zY.roa (raw, json)
Hash identifier: GdwsHJnz5U1+UXMXzKAIT/G18GukYzfl1nEkMbhrsUA=
Subject key identifier: BC:6A:8D:BC:69:AB:A2:21:B5:DB:87:31:35:A2:DA:92:72:97:F7:36
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB26B3B562DCF675D369DCAF108080
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vGqNvGmroiG124cxNaLaknKX9zY.roa
Signing time: Mon 01 Jan 2024 02:29:51 +0000
ROA not before: Mon 01 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15836
IP address blocks: 185.195.4.0/23 maxlen: 23
185.195.6.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:26:b3:b5:62:dc:f6:75:d3:69:dc:af:10:80:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc6a8dbc69aba221b5db873135a2da927297f736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8b:72:bf:6a:08:82:c9:f6:15:82:22:8d:b1:
5f:1d:6f:9d:6c:92:b4:a2:67:02:ca:24:13:53:c5:
81:a6:7a:fc:2b:00:0a:8b:f5:e7:83:2e:da:34:66:
47:9f:77:8b:db:b4:eb:82:6b:52:2b:83:d1:5b:db:
63:45:9e:81:a8:b1:5e:3f:1a:02:54:99:f4:04:ee:
6e:c9:f3:e3:64:a4:26:2a:91:5f:82:96:7b:47:a1:
0d:0d:44:b8:6f:ad:dd:82:69:19:c3:66:06:20:fb:
9f:7c:11:ac:d6:53:92:ff:09:e2:b7:93:94:85:44:
a4:4f:94:03:2a:98:ef:56:36:ea:58:56:05:9f:09:
9f:72:15:fd:e8:bb:f3:64:72:7e:34:da:d0:63:12:
05:95:63:3e:9c:ae:74:a2:c5:71:94:78:31:49:7b:
a7:ec:b4:3a:f3:53:26:13:2c:a9:46:f8:2e:a9:53:
a3:88:d3:c5:ac:dc:5a:2f:18:39:fd:6c:c2:13:7a:
46:41:cd:51:b8:c5:11:7d:47:6e:f4:c1:65:ce:05:
1a:c2:ee:eb:4d:52:78:55:e8:47:cc:08:6d:22:bc:
96:4b:74:58:5d:d4:87:b6:71:fe:b0:3c:59:e2:4d:
aa:aa:70:4d:6f:b0:53:aa:30:9b:c3:9a:2c:cc:f1:
4c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:6A:8D:BC:69:AB:A2:21:B5:DB:87:31:35:A2:DA:92:72:97:F7:36
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vGqNvGmroiG124cxNaLaknKX9zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.4.0/22
Signature Algorithm: sha256WithRSAEncryption
25:01:76:6f:b0:4b:66:af:de:a2:13:3d:4a:cc:f0:75:d3:d1:
f3:45:dc:45:07:fa:fa:47:f9:50:1b:77:1b:14:0c:f9:17:29:
2b:24:42:4a:3c:02:90:d4:d3:b4:7e:fc:55:19:30:97:44:b4:
b5:9e:87:73:da:7c:5b:9c:e0:e4:9a:dc:20:94:25:1c:e3:3c:
f3:c5:0c:92:42:33:1a:28:b2:e0:ed:41:16:82:6e:7e:14:ac:
4c:71:e5:51:3b:6e:30:6b:31:14:0e:5f:7f:a7:54:1c:fa:87:
ef:7f:e3:17:ec:07:7e:41:d6:da:df:56:7b:7d:2f:f6:b3:e6:
de:15:a9:60:07:45:57:5e:4a:dc:26:54:72:d1:18:0d:37:ef:
41:d4:6a:80:d4:59:22:6d:97:f3:0f:cd:77:ff:12:4f:01:82:
6f:58:bd:70:68:52:c1:1e:96:8b:7f:29:92:fa:94:9d:d6:07:
2f:8b:15:c8:ff:87:3d:91:03:01:5e:13:d1:e1:a0:d3:d2:89:
d0:d6:82:3e:8b:01:68:20:b6:2f:a7:3b:60:9f:e6:d4:7a:5d:
9c:ad:80:24:5c:58:47:25:29:dc:02:45:27:08:b7:a1:9d:7a:
8a:e3:59:51:74:7e:38:5b:fa:70:31:b9:00:2d:8f:e8:91:03:
19:b8:3a:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2yaztWLc9nXTadyvEICAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzZhOGRiYzY5YWJhMjIxYjVkYjg3MzEzNWEyZGE5MjcyOTdmNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ytyv2oIgsn2FYIijbFfHW+dbJK0
omcCyiQTU8WBpnr8KwAKi/Xngy7aNGZHn3eL27TrgmtSK4PRW9tjRZ6BqLFePxoC
VJn0BO5uyfPjZKQmKpFfgpZ7R6ENDUS4b63dgmkZw2YGIPuffBGs1lOS/wnit5OU
hUSkT5QDKpjvVjbqWFYFnwmfchX96LvzZHJ+NNrQYxIFlWM+nK50osVxlHgxSXun
7LQ681MmEyypRvguqVOjiNPFrNxaLxg5/WzCE3pGQc1RuMURfUdu9MFlzgUawu7r
TVJ4VehHzAhtIryWS3RYXdSHtnH+sDxZ4k2qqnBNb7BTqjCbw5oszPFMXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxqjbxpq6IhtduHMTWi2pJyl/c2MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdkdxTnZHbXJvaUcxMjRjeE5hTGFrbktYOXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucMEMA0G
CSqGSIb3DQEBCwUAA4IBAQAlAXZvsEtmr96iEz1KzPB109HzRdxFB/r6R/lQG3cb
FAz5FykrJEJKPAKQ1NO0fvxVGTCXRLS1nodz2nxbnODkmtwglCUc4zzzxQySQjMa
KLLg7UEWgm5+FKxMceVRO24wazEUDl9/p1Qc+ofvf+MX7Ad+Qdba31Z7fS/2s+be
FalgB0VXXkrcJlRy0RgNN+9B1GqA1FkibZfzD813/xJPAYJvWL1waFLBHpaLfymS
+pSd1gcvixXI/4c9kQMBXhPR4aDT0onQ1oI+iwFoILYvpztgn+bUel2crYAkXFhH
JSncAkUnCLehnXqK41lRdH44W/pwMbkALY/okQMZuDq5
-----END CERTIFICATE-----
Generated at Tue Jun 25 16:30:43 2024 by rpki-client on console-ams.rpki-client.org