Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/za5G8PU11vqgX02M31n6atz2NtM.roa
File: za5G8PU11vqgX02M31n6atz2NtM.roa (raw, json)
Hash identifier: pXCMlybG7WR6f6qfE1vip48q/eaCDvf++AtyApGKOSs=
Subject key identifier: CD:AE:46:F0:F5:35:D6:FA:A0:5F:4D:8C:DF:59:FA:6A:DC:F6:36:D3
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7B77E7083C8CDA2A2ABB0EE78CD55
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/za5G8PU11vqgX02M31n6atz2NtM.roa
Signing time: Mon 02 Jan 2023 08:44:54 +0000
ROA not before: Mon 02 Jan 2023 08:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206535
IP address blocks: 185.15.137.0/24 maxlen: 24
185.243.140.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b7:7e:70:83:c8:cd:a2:a2:ab:b0:ee:78:cd:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdae46f0f535d6faa05f4d8cdf59fa6adcf636d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e2:fe:c7:8f:5e:87:21:d2:2f:b4:6e:4c:dc:
a0:29:d0:78:53:82:46:dd:1c:ca:53:1c:77:96:5b:
8f:94:f7:7e:76:f9:67:da:27:7c:71:aa:2c:f8:a1:
e6:19:d2:d7:09:12:62:c9:a9:f4:67:ab:26:e0:39:
f0:65:e0:a8:ab:b7:c4:a6:31:3d:6f:7c:53:74:0a:
0b:39:0a:08:44:1c:e1:27:8b:06:ad:f9:25:c6:0e:
4a:bc:1b:6c:6c:94:f0:54:15:a0:2c:f3:dd:d1:ab:
d6:b9:bf:35:1e:0e:af:e8:d5:c2:d5:d9:cc:3e:0f:
07:fc:21:ac:cd:cc:3b:8f:f4:3e:c0:b9:a6:68:ea:
a9:f1:4f:e4:32:d9:88:55:38:a1:ee:51:83:a8:c6:
43:bb:58:69:31:97:64:8a:5d:95:66:9b:cd:c2:8f:
f7:00:15:ac:04:a5:c5:d2:57:a1:84:b5:94:02:a5:
9d:88:3d:83:ff:29:b1:26:88:c6:b1:81:52:07:3c:
54:63:27:87:56:f9:99:e8:00:1c:f2:16:a9:28:f4:
22:ae:84:60:be:33:e8:e5:de:b5:64:40:69:84:a4:
c0:58:54:03:7b:89:ed:e2:8c:8f:a2:b3:36:1e:ae:
14:5c:f4:5f:63:09:8d:d2:a0:c5:c9:64:b2:e7:db:
7c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AE:46:F0:F5:35:D6:FA:A0:5F:4D:8C:DF:59:FA:6A:DC:F6:36:D3
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/za5G8PU11vqgX02M31n6atz2NtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.137.0/24
185.243.140.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:ea:76:5e:59:45:0b:36:07:15:9b:35:2d:4e:e7:72:40:4b:
ab:0a:8e:43:d2:b6:9d:5e:eb:ae:d9:11:2e:7f:c9:10:3e:dd:
09:5b:a1:c5:f8:af:4a:fc:ca:13:3f:05:c9:e3:8e:e9:c0:fa:
ce:04:5d:b7:5a:fb:74:3b:ca:86:56:02:c2:2f:3a:fb:e1:fc:
d6:35:2c:cd:e8:a3:c7:52:f8:50:ae:d0:c6:c9:f2:37:ac:b1:
42:82:7f:ad:63:0c:15:af:80:8e:2c:e0:fb:dd:d9:25:23:13:
f7:8a:8d:e8:80:84:3a:b1:95:cd:d9:6e:e2:f5:fe:bc:9f:2b:
46:cd:af:4d:3f:6e:ba:f3:d2:c8:bd:18:9d:46:7b:1f:b3:3f:
da:e0:cf:d3:b3:5d:86:cb:db:e6:ea:11:9a:54:6e:af:30:14:
85:7a:44:6a:3c:b2:7b:a2:b9:78:6a:76:e7:72:8c:57:77:4b:
f9:aa:5b:8c:39:25:ab:5c:e8:9d:49:36:b6:45:9b:df:34:33:
80:05:53:9b:39:1b:7d:ff:7e:74:88:6a:85:f9:9b:dc:c6:d9:
0a:5f:60:33:fa:8c:dc:82:cc:16:8f:93:eb:0d:9b:f0:ec:53:
8b:5b:f7:d4:fe:32:61:4c:fd:d7:59:75:17:0d:41:26:8a:e2:
cc:75:80:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp7d+cIPIzaKiq7DueM1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFlNDZmMGY1MzVkNmZhYTA1ZjRkOGNkZjU5ZmE2YWRjZjYzNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeL+x49ehyHSL7RuTNygKdB4U4JG
3RzKUxx3lluPlPd+dvln2id8caos+KHmGdLXCRJiyan0Z6sm4DnwZeCoq7fEpjE9
b3xTdAoLOQoIRBzhJ4sGrfklxg5KvBtsbJTwVBWgLPPd0avWub81Hg6v6NXC1dnM
Pg8H/CGszcw7j/Q+wLmmaOqp8U/kMtmIVTih7lGDqMZDu1hpMZdkil2VZpvNwo/3
ABWsBKXF0lehhLWUAqWdiD2D/ymxJojGsYFSBzxUYyeHVvmZ6AAc8hapKPQiroRg
vjPo5d61ZEBphKTAWFQDe4nt4oyPorM2Hq4UXPRfYwmN0qDFyWSy59t8kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM2uRvD1Ndb6oF9NjN9Z+mrc9jbTMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvemE1RzhQVTExdnFnWDAyTTMxbjZhdHoyTnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQ+JAwQC
ufOMMA0GCSqGSIb3DQEBCwUAA4IBAQCK6nZeWUULNgcVmzUtTudyQEurCo5D0rad
Xuuu2REuf8kQPt0JW6HF+K9K/MoTPwXJ447pwPrOBF23Wvt0O8qGVgLCLzr74fzW
NSzN6KPHUvhQrtDGyfI3rLFCgn+tYwwVr4COLOD73dklIxP3io3ogIQ6sZXN2W7i
9f68nytGza9NP26689LIvRidRnsfsz/a4M/Ts12Gy9vm6hGaVG6vMBSFekRqPLJ7
orl4anbncoxXd0v5qluMOSWrXOidSTa2RZvfNDOABVObORt9/350iGqF+ZvcxtkK
X2Az+ozcgswWj5PrDZvw7FOLW/fU/jJhTP3XWXUXDUEmiuLMdYCl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org