Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/Sk1QqyjwsXNx9jnnJ8sB3hh7qJs.roa
File: Sk1QqyjwsXNx9jnnJ8sB3hh7qJs.roa (raw, json)
Hash identifier: /E/0Cc8AUZq4YFHDqPNHrpliiz05wURGoMJI72Jjpa0=
Subject key identifier: 4A:4D:50:AB:28:F0:B1:73:71:F6:39:E7:27:CB:01:DE:18:7B:A8:9B
Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Certificate serial: 018200F459E3866D41F10DE39B576AB7BDBB
Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/Sk1QqyjwsXNx9jnnJ8sB3hh7qJs.roa
Signing time: Fri 15 Jul 2022 08:23:09 +0000
ROA not before: Fri 15 Jul 2022 08:23:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206774
IP address blocks: 185.176.244.0/23 maxlen: 23
185.176.246.0/23 maxlen: 23
185.176.245.0/24 maxlen: 24
2a0a:2787::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a0a:2784::/32 maxlen: 32
2a0a:2780::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:00:f4:59:e3:86:6d:41:f1:0d:e3:9b:57:6a:b7:bd:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Validity
Not Before: Jul 15 08:23:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a4d50ab28f0b17371f639e727cb01de187ba89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:0a:0f:32:22:ca:01:31:be:64:22:cc:c4:
63:86:33:56:5e:02:4a:16:5b:d1:ce:14:11:eb:02:
bc:87:17:36:24:0e:7b:03:75:ca:e1:4b:f8:a4:5b:
19:55:42:14:e7:e7:54:cd:3b:00:17:43:0d:ac:69:
01:8c:d2:4d:ba:dd:ab:33:d5:2a:75:da:7f:4c:5e:
e0:65:ed:93:41:cd:e2:a5:11:9f:05:bf:e0:af:fb:
ea:b9:bd:9f:bd:0d:24:c1:be:64:56:83:fb:de:2b:
9a:c0:ed:bd:e6:d8:af:e0:98:ef:b4:20:1b:ac:3d:
f7:95:19:a8:38:b9:a9:78:5c:f5:46:dd:73:fe:42:
48:ef:35:80:f5:3a:51:eb:5f:09:cb:52:6e:09:11:
0e:18:57:e6:78:d6:df:29:0b:b5:c6:1a:fe:85:0e:
7b:ea:3b:26:11:09:46:e0:75:86:fd:a4:70:ee:e1:
f8:cb:b4:a5:78:88:80:2b:7a:9d:1c:5d:52:a4:fb:
5e:3d:fe:e5:72:72:ce:14:d1:79:2d:5b:77:eb:b9:
1a:55:9f:58:93:38:44:8b:6e:80:26:43:2b:3e:cf:
84:43:0f:09:6a:3c:15:51:36:19:3a:35:3f:e3:e1:
39:30:56:e5:b0:27:92:19:57:e0:a3:6e:71:64:2d:
81:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4D:50:AB:28:F0:B1:73:71:F6:39:E7:27:CB:01:DE:18:7B:A8:9B
X509v3 Authority Key Identifier:
keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/Sk1QqyjwsXNx9jnnJ8sB3hh7qJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.244.0/22
IPv6:
2a0a:2780::/31
2a0a:2784::/32
2a0a:2787::/32
Signature Algorithm: sha256WithRSAEncryption
1d:92:05:b4:d1:4f:4f:b6:2a:53:52:1b:44:1e:40:42:b1:d6:
12:47:6b:92:22:21:ee:9d:4e:08:6c:e4:be:c5:66:ea:b7:15:
74:d0:9b:b1:44:a5:28:cd:15:c7:aa:ed:95:d1:17:e0:fe:9a:
ae:df:b2:1e:00:c6:57:3f:19:5b:de:ff:63:19:f7:2f:68:e6:
a0:4c:83:61:ed:c1:80:44:bc:4f:56:15:af:c7:57:1d:69:40:
7d:2c:34:10:aa:28:3d:a6:08:6d:b6:2f:74:1b:d6:72:2b:30:
33:f2:f0:3f:1b:2a:56:9f:b6:74:c3:64:28:e1:d9:13:09:15:
c9:98:51:4f:b4:17:a6:6b:05:c0:b2:77:8c:2a:24:28:0f:0e:
a7:4c:4c:71:73:15:0c:07:6c:12:77:af:9b:28:c9:29:bf:2c:
6c:ab:d2:43:87:81:6a:78:3b:80:22:1e:71:49:4a:46:5a:c9:
f7:4b:12:1e:41:35:95:df:7c:ff:49:8c:43:b6:5c:d9:74:53:
fd:f2:b3:8a:24:8c:fc:83:c8:7e:3b:13:86:d4:ac:a3:1a:5f:
39:8e:a8:85:f1:a1:94:6d:6f:ef:16:af:3b:bc:87:39:71:31:
78:3e:94:9b:bd:67:4c:40:36:07:61:79:59:cc:08:75:c8:5e:
d3:1c:c4:e7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYIA9Fnjhm1B8Q3jm1dqt727MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGJhZTYwOTcwYTJkZmM4NmRkNjA3YzViOTE1YWQ1YzUz
NGI0MTMwHhcNMjIwNzE1MDgyMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTRkNTBhYjI4ZjBiMTczNzFmNjM5ZTcyN2NiMDFkZTE4N2JhODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQUKDzIiygExvmQizMRjhjNWXgJK
FlvRzhQR6wK8hxc2JA57A3XK4Uv4pFsZVUIU5+dUzTsAF0MNrGkBjNJNut2rM9Uq
ddp/TF7gZe2TQc3ipRGfBb/gr/vqub2fvQ0kwb5kVoP73iuawO295tiv4JjvtCAb
rD33lRmoOLmpeFz1Rt1z/kJI7zWA9TpR618Jy1JuCREOGFfmeNbfKQu1xhr+hQ57
6jsmEQlG4HWG/aRw7uH4y7SleIiAK3qdHF1SpPtePf7lcnLOFNF5LVt367kaVZ9Y
kzhEi26AJkMrPs+EQw8JajwVUTYZOjU/4+E5MFblsCeSGVfgo25xZC2BYQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEpNUKso8LFzcfY55yfLAd4Ye6ibMB8GA1UdIwQY
MBaAFPULrmCXCi38ht1gfFuRWtXFNLQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDIt
MzY2NTA2N2RiMjU2LzEvU2sxUXF5andzWE54OWpubko4c0IzaGg3cUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDItMzY2NTA2N2RiMjU2
LzEvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQCubD0MBsE
AgACMBUDBQEqCieAAwUAKgonhAMFACoKJ4cwDQYJKoZIhvcNAQELBQADggEBAB2S
BbTRT0+2KlNSG0QeQEKx1hJHa5IiIe6dTghs5L7FZuq3FXTQm7FEpSjNFceq7ZXR
F+D+mq7fsh4Axlc/GVve/2MZ9y9o5qBMg2HtwYBEvE9WFa/HVx1pQH0sNBCqKD2m
CG22L3Qb1nIrMDPy8D8bKlaftnTDZCjh2RMJFcmYUU+0F6ZrBcCyd4wqJCgPDqdM
THFzFQwHbBJ3r5soySm/LGyr0kOHgWp4O4AiHnFJSkZayfdLEh5BNZXffP9JjEO2
XNl0U/3ys4okjPyDyH47E4bUrKMaXzmOqIXxoZRtb+8Wrzu8hzlxMXg+lJu9Z0xA
NgdheVnMCHXIXtMcxOc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:49 2024 by rpki-client on console-ams.rpki-client.org