Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/i4EZiXkUsWTbY8HGdLrR0MYQnxU.roa
File: i4EZiXkUsWTbY8HGdLrR0MYQnxU.roa (raw, json)
Hash identifier: GvAkjAN5krrhUjgC3k3M10NvuEgssLf3MGFOSFQ74VM=
Subject key identifier: 8B:81:19:89:79:14:B1:64:DB:63:C1:C6:74:BA:D1:D0:C6:10:9F:15
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018C5D547A467AD94DB5623E17C703108D60
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/i4EZiXkUsWTbY8HGdLrR0MYQnxU.roa
Signing time: Tue 12 Dec 2023 09:21:06 +0000
ROA not before: Tue 12 Dec 2023 09:21:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212335
IP address blocks: 185.164.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:54:7a:46:7a:d9:4d:b5:62:3e:17:c7:03:10:8d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Dec 12 09:21:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b8119897914b164db63c1c674bad1d0c6109f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c9:51:1b:e0:00:6e:fb:ab:c3:4f:a2:3a:88:
5a:7a:ae:53:5b:d3:d7:ea:75:6a:c1:cb:35:4b:3b:
9a:9e:e8:fa:93:bf:29:09:1a:54:d0:06:b7:17:c0:
0e:61:5b:4d:42:be:24:3f:f6:88:45:6e:b2:d0:73:
29:10:1d:24:b9:c0:61:a6:96:32:5c:78:9a:31:52:
21:94:f5:1b:5f:62:71:a9:2a:bf:8b:04:53:69:98:
46:8b:cb:d0:d7:13:db:b5:fd:a4:7f:a4:97:9d:67:
f5:80:81:ee:cb:71:ff:39:10:b8:1e:c3:49:bc:4b:
93:f2:32:6b:21:a4:04:09:79:1e:ea:29:a4:3e:6a:
de:69:45:16:64:fc:65:ae:0e:7a:c8:2b:7b:0b:69:
1b:b1:8a:e0:23:48:25:3a:2b:88:bc:af:c0:f0:e9:
7d:74:13:7c:26:fd:86:86:c0:a4:f4:09:48:e4:cd:
61:1f:9f:72:6b:2e:49:a1:ec:3c:fe:42:a6:15:d3:
5a:ca:1c:a1:f8:4b:fb:ae:f8:fe:57:59:75:bf:c8:
5d:d9:a2:e3:0b:00:ad:45:db:31:e7:80:6e:46:fd:
9d:15:4b:74:95:b1:90:93:9e:ba:26:05:2d:b8:e5:
42:28:5f:dc:84:71:63:e4:ab:90:e7:ee:d2:6c:97:
47:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:81:19:89:79:14:B1:64:DB:63:C1:C6:74:BA:D1:D0:C6:10:9F:15
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/i4EZiXkUsWTbY8HGdLrR0MYQnxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.175.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:23:b6:c2:a3:b1:53:ce:d1:71:06:a3:9f:ad:4b:8a:2c:0b:
99:8f:fc:fc:b4:84:64:7a:31:44:2b:5c:6e:64:33:84:2b:b1:
4f:6d:f9:13:a7:7a:78:42:75:cb:e2:4e:87:53:56:07:24:19:
4c:f5:e7:19:18:da:db:d1:d9:d2:57:ca:e2:70:e7:eb:7e:0a:
bb:20:56:22:6c:ee:84:2f:21:98:26:b7:31:7f:2f:2b:12:55:
1b:94:00:af:d6:27:18:1b:77:5e:0f:d6:ed:4f:b2:a2:fb:e5:
b9:4b:fc:f3:42:21:75:ca:6a:d2:66:67:70:1d:78:69:33:ae:
19:97:07:c9:e6:a7:9c:18:a1:91:b4:4e:cb:37:db:b6:8e:26:
42:46:14:5b:37:84:51:33:84:69:33:a0:94:19:c4:7b:f4:c8:
42:29:9d:a2:b0:90:42:01:93:ca:ef:15:35:02:cc:9c:6d:7c:
fe:b1:0c:e4:ef:0c:76:33:a7:04:75:ee:f3:50:50:92:12:d1:
8a:da:ad:f3:ac:3d:d4:c0:f0:8c:08:1c:a6:19:f6:b1:56:60:
43:34:1a:22:4b:ae:40:3d:da:c3:91:91:70:db:d4:a0:90:36:
2c:02:ea:67:25:89:60:48:c2:b4:30:d0:59:44:2f:d7:9b:fa:
ae:68:cc:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxdVHpGetlNtWI+F8cDEI1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMxMjEyMDkyMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjgxMTk4OTc5MTRiMTY0ZGI2M2MxYzY3NGJhZDFkMGM2MTA5ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMlRG+AAbvurw0+iOohaeq5TW9PX
6nVqwcs1Szuanuj6k78pCRpU0Aa3F8AOYVtNQr4kP/aIRW6y0HMpEB0kucBhppYy
XHiaMVIhlPUbX2JxqSq/iwRTaZhGi8vQ1xPbtf2kf6SXnWf1gIHuy3H/ORC4HsNJ
vEuT8jJrIaQECXke6imkPmreaUUWZPxlrg56yCt7C2kbsYrgI0glOiuIvK/A8Ol9
dBN8Jv2GhsCk9AlI5M1hH59yay5Joew8/kKmFdNayhyh+Ev7rvj+V1l1v8hd2aLj
CwCtRdsx54BuRv2dFUt0lbGQk566JgUtuOVCKF/chHFj5KuQ5+7SbJdHJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuBGYl5FLFk22PBxnS60dDGEJ8VMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvaTRFWmlYa1VzV1RiWThIR2RMclIwTVlRbnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaSvMA0G
CSqGSIb3DQEBCwUAA4IBAQBfI7bCo7FTztFxBqOfrUuKLAuZj/z8tIRkejFEK1xu
ZDOEK7FPbfkTp3p4QnXL4k6HU1YHJBlM9ecZGNrb0dnSV8ricOfrfgq7IFYibO6E
LyGYJrcxfy8rElUblACv1icYG3deD9btT7Ki++W5S/zzQiF1ymrSZmdwHXhpM64Z
lwfJ5qecGKGRtE7LN9u2jiZCRhRbN4RRM4RpM6CUGcR79MhCKZ2isJBCAZPK7xU1
AsycbXz+sQzk7wx2M6cEde7zUFCSEtGK2q3zrD3UwPCMCBymGfaxVmBDNBoiS65A
PdrDkZFw29SgkDYsAupnJYlgSMK0MNBZRC/Xm/quaMxH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org