Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/EEFoRrqlV9F1Xyh2-46CuUP17rI.roa
File: EEFoRrqlV9F1Xyh2-46CuUP17rI.roa (raw, json)
Hash identifier: 16qgYlSwCZS0gJ4ukZu5zK+xS5j5NkQp9o3R6QBTniU=
Subject key identifier: 10:41:68:46:BA:A5:57:D1:75:5F:28:76:FB:8E:82:B9:43:F5:EE:B2
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05B52034
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/EEFoRrqlV9F1Xyh2-46CuUP17rI.roa
Signing time: Sat 01 Jan 2022 07:57:17 +0000
ROA not before: Sat 01 Jan 2022 07:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208142
IP address blocks: 185.147.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95756340 (0x5b52034)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10416846baa557d1755f2876fb8e82b943f5eeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1f:c1:4a:6c:c0:af:f8:64:e0:86:04:4c:7d:
35:6a:4d:de:b6:48:3f:e3:63:fc:36:38:e3:3c:ba:
7a:36:f1:50:01:2a:c0:e0:25:92:90:bf:26:0f:9c:
64:c9:3b:67:94:5a:1c:96:2b:c0:a2:5c:8f:45:b0:
6c:b8:fb:ae:04:ef:ed:ad:0e:74:42:bf:0c:23:d1:
58:b6:91:eb:ed:49:5f:7c:97:9c:6f:4c:25:cd:22:
b7:26:eb:7e:2a:f5:29:c1:d1:e3:1a:fa:14:bd:6c:
c9:81:c9:55:3b:de:bb:ca:ce:48:ff:93:9b:56:77:
b7:a1:7e:cb:c7:b1:8e:6c:5d:41:14:32:37:72:99:
98:d9:0b:81:ae:02:17:e9:da:65:09:b3:83:d5:a4:
99:9a:39:fb:56:0d:cb:e5:25:c0:25:1c:41:62:02:
45:fd:6f:9c:b0:ab:a8:6f:bd:e7:5f:36:55:a9:ef:
a9:5f:82:92:98:e0:63:99:53:3d:9a:87:f8:b2:f8:
86:3c:13:58:ba:bb:0a:62:1b:7f:19:6d:b5:7d:58:
de:d7:13:0c:a1:cf:d8:e4:d1:fc:5d:d0:f3:c2:cf:
89:98:d5:3d:f5:f5:e9:db:f5:c7:38:1a:98:36:5a:
fc:db:2e:d6:05:70:83:be:d6:01:43:6a:23:85:90:
c1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:41:68:46:BA:A5:57:D1:75:5F:28:76:FB:8E:82:B9:43:F5:EE:B2
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/EEFoRrqlV9F1Xyh2-46CuUP17rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.38.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:39:5b:f5:06:84:b0:da:0c:19:c1:71:28:6b:9f:7b:9a:19:
e7:98:ac:c5:1b:40:8a:96:2f:a3:9a:e4:e9:63:06:57:7d:20:
4a:2c:46:ad:f3:73:2f:ed:cf:6a:1e:05:67:58:30:a2:02:36:
b5:6e:1f:cd:8b:ac:86:15:55:d4:ec:a4:da:83:72:97:77:9a:
23:1a:fc:a1:17:e4:71:a6:7a:b6:5a:96:d4:79:fa:af:51:b5:
59:49:37:7b:c5:1f:5b:d0:22:4f:cd:96:8a:7e:b2:a9:9d:8d:
65:4a:e6:51:d8:d1:c6:2f:a8:f7:0b:69:8e:81:21:fe:16:ed:
f3:a6:7a:dd:19:9f:ce:a6:f6:91:28:6f:b1:db:b2:98:0e:c4:
e2:c0:43:43:0a:fd:be:c8:63:64:eb:74:17:64:ed:15:25:93:
72:bb:51:74:ee:b6:ef:79:6a:9f:2f:8a:fc:cc:51:42:33:0f:
61:29:39:54:5f:bf:6f:6a:52:c7:81:d4:d1:9b:a6:09:e7:99:
a7:f8:04:89:8d:7a:11:3b:18:e2:86:2d:b0:11:8c:10:4a:67:
60:08:70:ab:18:31:ea:85:d4:f2:29:8c:e1:9b:4b:98:29:75:
0c:f7:b8:51:bd:99:6d:86:6f:ce:14:67:fc:36:3a:13:5c:7b:
98:29:d3:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbUgNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTA0MTY4NDZiYWE1
NTdkMTc1NWYyODc2ZmI4ZTgyYjk0M2Y1ZWViMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMfwUpswK/4ZOCGBEx9NWpN3rZIP+Nj/DY44zy6ejbxUAEq
wOAlkpC/Jg+cZMk7Z5RaHJYrwKJcj0WwbLj7rgTv7a0OdEK/DCPRWLaR6+1JX3yX
nG9MJc0itybrfir1KcHR4xr6FL1syYHJVTveu8rOSP+Tm1Z3t6F+y8exjmxdQRQy
N3KZmNkLga4CF+naZQmzg9WkmZo5+1YNy+UlwCUcQWICRf1vnLCrqG+95182Vanv
qV+CkpjgY5lTPZqH+LL4hjwTWLq7CmIbfxlttX1Y3tcTDKHP2OTR/F3Q88LPiZjV
PfX16dv1xzgamDZa/Nsu1gVwg77WAUNqI4WQwTcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQQQWhGuqVX0XVfKHb7joK5Q/XusjAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L0VFRm9ScnFsVjlGMVh5aDItNDZDdVVQMTdySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmTJjANBgkqhkiG9w0BAQsFAAOC
AQEAjTlb9QaEsNoMGcFxKGufe5oZ55isxRtAipYvo5rk6WMGV30gSixGrfNzL+3P
ah4FZ1gwogI2tW4fzYushhVV1Oyk2oNyl3eaIxr8oRfkcaZ6tlqW1Hn6r1G1WUk3
e8UfW9AiT82Win6yqZ2NZUrmUdjRxi+o9wtpjoEh/hbt86Z63Rmfzqb2kShvsduy
mA7E4sBDQwr9vshjZOt0F2TtFSWTcrtRdO6273lqny+K/MxRQjMPYSk5VF+/b2pS
x4HU0ZumCeeZp/gEiY16ETsY4oYtsBGMEEpnYAhwqxgx6oXU8imM4ZtLmCl1DPe4
Ub2ZbYZvzhRn/DY6E1x7mCnTiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org