Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xEWLiet9yv2ev05JBs5FXDnP4lg.roa
File: xEWLiet9yv2ev05JBs5FXDnP4lg.roa (raw, json)
Hash identifier: ZFyAFicN4vsh9btxL9P54zeABzIOSNkKBrdMpvIfk4U=
Subject key identifier: C4:45:8B:89:EB:7D:CA:FD:9E:BF:4E:49:06:CE:45:5C:39:CF:E2:58
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB36FB13928C2FCD3B2091B70C4327
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xEWLiet9yv2ev05JBs5FXDnP4lg.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206340
IP address blocks: 185.195.4.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:36:fb:13:92:8c:2f:cd:3b:20:91:b7:0c:43:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4458b89eb7dcafd9ebf4e4906ce455c39cfe258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a5:1a:fc:ce:65:6d:e5:79:76:91:4b:41:fa:
fb:62:4d:25:23:4a:1b:fb:7c:b1:68:24:df:45:3c:
a7:f1:54:ff:c8:44:a6:6d:6f:9a:c0:e4:a1:d7:36:
32:6c:51:02:f8:b2:d4:26:50:c9:ee:b0:3e:7a:61:
4e:36:03:36:54:e7:53:17:36:86:62:ca:2d:62:e9:
9a:4f:9c:11:59:ed:5c:20:27:2c:d1:13:fb:ce:6f:
c5:d3:4f:e6:11:99:db:af:c7:80:a0:f8:9d:42:9f:
51:83:5f:7e:78:d4:19:bd:26:12:7e:ff:d4:10:09:
7f:a0:ed:e3:53:d0:f1:39:42:1b:99:02:02:e5:3a:
9e:49:37:c0:bf:27:db:20:13:ee:90:90:65:bc:e7:
4e:ef:c5:ea:d4:94:39:8d:ea:b1:bc:a0:9e:42:6f:
b4:78:f4:3e:78:a8:f6:8a:02:8f:68:62:b2:04:66:
98:90:c2:fd:08:06:96:08:b7:63:d6:20:83:df:2d:
73:e4:4e:66:32:e2:a4:b8:e0:7d:c6:dc:1b:77:4a:
d9:2f:ac:06:b3:f0:bd:15:83:d2:b6:4a:fa:78:78:
74:70:4a:2c:52:e5:12:99:2c:17:27:75:71:8d:d6:
ba:b5:6c:be:e1:f2:52:04:4a:89:b6:93:55:87:ae:
37:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:45:8B:89:EB:7D:CA:FD:9E:BF:4E:49:06:CE:45:5C:39:CF:E2:58
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xEWLiet9yv2ev05JBs5FXDnP4lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.4.0/22
Signature Algorithm: sha256WithRSAEncryption
31:76:37:75:33:f5:39:6f:08:b9:a2:04:27:35:be:3a:e2:f9:
62:51:ec:05:f0:d2:f2:92:66:27:72:6c:51:3b:e9:79:5d:91:
dd:a5:d4:cf:4d:fe:a6:4f:ed:d2:8e:82:6a:ff:7b:ff:c3:0f:
1f:f4:80:e8:00:be:f0:c5:87:93:4d:1a:a2:b3:d4:f3:d9:a4:
f4:b3:b8:4b:3c:d6:51:1a:0b:fc:dd:64:30:25:c5:52:49:d0:
0b:5f:72:91:33:71:85:d8:e7:c1:2e:19:ff:c0:35:37:9a:b0:
c5:de:c8:e6:b9:cc:5f:ba:36:0c:29:fd:44:de:f5:26:e7:b1:
6f:b3:ec:4e:20:da:fa:17:6f:0b:cd:7e:0b:25:89:e1:6b:ef:
84:b2:7a:e4:6a:f8:88:fc:6b:14:7f:1f:dd:87:79:e3:72:40:
f8:1d:74:c0:14:98:e7:cb:a6:1a:aa:a4:fe:f1:bf:e4:b8:2c:
22:10:5e:e2:ce:05:de:c0:ec:97:8a:b8:0f:c9:06:31:94:95:
61:f2:f3:81:24:4f:86:6c:e4:26:e2:08:53:93:87:c7:03:52:
0c:1c:de:60:1e:05:76:d6:b9:c2:db:d9:b5:1a:0f:6e:96:64:
96:d3:ab:f8:ca:3d:ef:ae:cc:b6:e0:97:7e:3a:22:d6:84:5e:
0b:53:ea:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zb7E5KML807IJG3DEMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ1OGI4OWViN2RjYWZkOWViZjRlNDkwNmNlNDU1YzM5Y2ZlMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaUa/M5lbeV5dpFLQfr7Yk0lI0ob
+3yxaCTfRTyn8VT/yESmbW+awOSh1zYybFEC+LLUJlDJ7rA+emFONgM2VOdTFzaG
YsotYumaT5wRWe1cICcs0RP7zm/F00/mEZnbr8eAoPidQp9Rg19+eNQZvSYSfv/U
EAl/oO3jU9DxOUIbmQIC5TqeSTfAvyfbIBPukJBlvOdO78Xq1JQ5jeqxvKCeQm+0
ePQ+eKj2igKPaGKyBGaYkML9CAaWCLdj1iCD3y1z5E5mMuKkuOB9xtwbd0rZL6wG
s/C9FYPStkr6eHh0cEosUuUSmSwXJ3Vxjda6tWy+4fJSBEqJtpNVh643YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRFi4nrfcr9nr9OSQbORVw5z+JYMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEveEVXTGlldDl5djJldjA1SkJzNUZYRG5QNGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucMEMA0G
CSqGSIb3DQEBCwUAA4IBAQAxdjd1M/U5bwi5ogQnNb464vliUewF8NLykmYncmxR
O+l5XZHdpdTPTf6mT+3SjoJq/3v/ww8f9IDoAL7wxYeTTRqis9Tz2aT0s7hLPNZR
Ggv83WQwJcVSSdALX3KRM3GF2OfBLhn/wDU3mrDF3sjmucxfujYMKf1E3vUm57Fv
s+xOINr6F28LzX4LJYnha++EsnrkaviI/GsUfx/dh3njckD4HXTAFJjny6YaqqT+
8b/kuCwiEF7izgXewOyXirgPyQYxlJVh8vOBJE+GbOQm4ghTk4fHA1IMHN5gHgV2
1rnC29m1Gg9ulmSW06v4yj3vrsy24Jd+OiLWhF4LU+rQ
-----END CERTIFICATE-----
Generated at Tue Jun 25 18:30:27 2024 by rpki-client on console-fra.rpki-client.org