Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/DPB71UtzAjdDV_1AXJ96BfnU5qQ.roa
File: DPB71UtzAjdDV_1AXJ96BfnU5qQ.roa (raw, json)
Hash identifier: cOtbd1PMksadqXrQcK9O8cJf6AAEdJVtRuqVoHbY+TM=
Subject key identifier: 0C:F0:7B:D5:4B:73:02:37:43:57:FD:40:5C:9F:7A:05:F9:D4:E6:A4
Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Certificate serial: 01856D8AC8F84B3FEFA6F7B092C7DC236F3C
Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/DPB71UtzAjdDV_1AXJ96BfnU5qQ.roa
Signing time: Sun 01 Jan 2023 13:34:49 +0000
ROA not before: Sun 01 Jan 2023 13:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206774
IP address blocks: 185.176.244.0/23 maxlen: 23
185.176.246.0/23 maxlen: 23
185.176.245.0/24 maxlen: 24
2a0a:2787::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a0a:2784::/32 maxlen: 32
2a0a:2780::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:c8:f8:4b:3f:ef:a6:f7:b0:92:c7:dc:23:6f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Validity
Not Before: Jan 1 13:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cf07bd54b7302374357fd405c9f7a05f9d4e6a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:df:7f:66:95:ff:e8:f3:90:72:4e:06:d4:1a:
74:e4:0e:b7:f7:c2:36:83:0c:3c:b1:1c:f9:1b:34:
1b:c6:4f:5a:de:58:17:c0:95:45:3a:45:17:07:c4:
12:4c:dd:2f:9b:20:76:27:e8:fa:12:d4:e9:53:b8:
a2:36:ef:98:c2:f5:59:79:64:28:be:fb:35:04:d3:
60:5b:37:f7:a1:4e:a7:3b:18:b8:66:4a:15:e4:60:
fc:8d:ef:c6:c5:3b:f7:9b:25:65:ef:80:04:4f:4e:
4a:19:7c:a4:30:d3:f8:22:6e:5d:5d:2e:a8:d1:5d:
20:3d:c6:8c:b0:b4:94:7b:31:4d:f5:15:43:6a:ca:
38:58:df:93:21:f4:28:26:7e:b9:ac:1a:dc:06:1a:
26:5f:ba:e9:60:c6:aa:19:62:1c:fa:b6:f6:09:a8:
9f:ea:63:52:a0:2d:a5:9f:fd:e4:f7:86:18:a1:b3:
d8:73:b0:0c:6a:24:4f:44:4f:fa:d6:66:ff:ee:96:
0b:8e:6c:cf:89:29:92:a2:cd:1b:35:ab:34:68:de:
8a:ca:da:13:07:05:13:59:54:11:0f:91:dc:d9:24:
a8:e7:25:b6:8a:83:43:c2:f5:35:0a:88:0a:9b:38:
e9:dc:3d:b5:b6:14:a9:55:0d:cf:3b:f6:35:e7:09:
43:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F0:7B:D5:4B:73:02:37:43:57:FD:40:5C:9F:7A:05:F9:D4:E6:A4
X509v3 Authority Key Identifier:
keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/DPB71UtzAjdDV_1AXJ96BfnU5qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.244.0/22
IPv6:
2a0a:2780::/31
2a0a:2784::/32
2a0a:2787::/32
Signature Algorithm: sha256WithRSAEncryption
26:43:e4:86:43:21:37:4f:db:c5:c2:3b:01:a8:26:e9:a4:59:
38:47:46:6c:3e:55:b4:85:30:03:2b:b2:08:fd:4a:f7:a9:21:
dc:64:2c:5d:06:f8:6a:8a:11:47:a6:15:3a:8a:d7:8a:99:66:
7f:1c:b4:47:67:1d:51:98:87:37:02:c4:b6:30:af:5b:a9:f2:
ff:f7:ce:d5:5c:bf:7b:e1:d9:57:ff:b6:81:3f:9b:11:78:c2:
ec:21:6a:0c:c2:7d:af:a6:f9:6a:6d:5a:42:dd:2a:e7:8f:7f:
7a:c7:65:cd:83:54:ab:4f:e2:40:de:70:b2:33:82:52:6e:34:
7b:0a:7a:48:d1:4d:d1:bb:d5:c9:ae:0d:3c:c4:2f:0b:6e:eb:
e9:e0:d0:b3:70:62:bf:75:82:39:c0:a4:cc:09:b1:54:4e:f4:
33:9c:4e:7c:69:cb:ce:5c:48:ff:7f:50:11:00:03:23:2e:c8:
48:f1:a3:f7:cd:4a:73:e8:38:9b:c4:d8:14:66:4d:fd:60:83:
ec:af:b5:b2:2e:2f:fa:dc:10:f5:42:c4:b5:8f:c4:d0:1f:93:
c4:62:f0:49:1f:8a:7a:df:93:00:93:a2:fb:54:c5:21:06:73:
95:ef:4b:a6:47:a8:0b:80:27:24:13:8a:e1:43:e6:bf:82:a3:
1c:f9:42:80
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtisj4Sz/vpvewksfcI288MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGJhZTYwOTcwYTJkZmM4NmRkNjA3YzViOTE1YWQ1YzUz
NGI0MTMwHhcNMjMwMTAxMTMzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2YwN2JkNTRiNzMwMjM3NDM1N2ZkNDA1YzlmN2EwNWY5ZDRlNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt9/ZpX/6POQck4G1Bp05A6398I2
gww8sRz5GzQbxk9a3lgXwJVFOkUXB8QSTN0vmyB2J+j6EtTpU7iiNu+YwvVZeWQo
vvs1BNNgWzf3oU6nOxi4ZkoV5GD8je/GxTv3myVl74AET05KGXykMNP4Im5dXS6o
0V0gPcaMsLSUezFN9RVDaso4WN+TIfQoJn65rBrcBhomX7rpYMaqGWIc+rb2Caif
6mNSoC2ln/3k94YYobPYc7AMaiRPRE/61mb/7pYLjmzPiSmSos0bNas0aN6KytoT
BwUTWVQRD5Hc2SSo5yW2ioNDwvU1CogKmzjp3D21thSpVQ3PO/Y15wlDeQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAzwe9VLcwI3Q1f9QFyfegX51OakMB8GA1UdIwQY
MBaAFPULrmCXCi38ht1gfFuRWtXFNLQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDIt
MzY2NTA2N2RiMjU2LzEvRFBCNzFVdHpBamREVl8xQVhKOTZCZm5VNXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDItMzY2NTA2N2RiMjU2
LzEvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQCubD0MBsE
AgACMBUDBQEqCieAAwUAKgonhAMFACoKJ4cwDQYJKoZIhvcNAQELBQADggEBACZD
5IZDITdP28XCOwGoJumkWThHRmw+VbSFMAMrsgj9SvepIdxkLF0G+GqKEUemFTqK
14qZZn8ctEdnHVGYhzcCxLYwr1up8v/3ztVcv3vh2Vf/toE/mxF4wuwhagzCfa+m
+WptWkLdKuePf3rHZc2DVKtP4kDecLIzglJuNHsKekjRTdG71cmuDTzELwtu6+ng
0LNwYr91gjnApMwJsVRO9DOcTnxpy85cSP9/UBEAAyMuyEjxo/fNSnPoOJvE2BRm
Tf1gg+yvtbIuL/rcEPVCxLWPxNAfk8Ri8EkfinrfkwCTovtUxSEGc5XvS6ZHqAuA
JyQTiuFD5r+Coxz5QoA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:49 2024 by rpki-client on console-ams.rpki-client.org