Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pJpr7nWqs98Qjj4gA4wc-n3l3-0.roa
File: pJpr7nWqs98Qjj4gA4wc-n3l3-0.roa (raw, json)
Hash identifier: qw/bHmYIYL1SJH4BEm7GLLhVu/8trqWb/dFS+1FB8z0=
Subject key identifier: A4:9A:6B:EE:75:AA:B3:DF:10:8E:3E:20:03:8C:1C:FA:7D:E5:DF:ED
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05AA8C98
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pJpr7nWqs98Qjj4gA4wc-n3l3-0.roa
Signing time: Sat 01 Jan 2022 07:57:10 +0000
ROA not before: Sat 01 Jan 2022 07:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41957
IP address blocks: 185.21.141.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95063192 (0x5aa8c98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a49a6bee75aab3df108e3e20038c1cfa7de5dfed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9b:7a:3f:d8:92:a1:f0:09:6a:d7:e1:da:30:
5f:6d:7a:59:29:ef:1a:ab:7c:67:50:91:ed:7c:72:
16:c8:c6:fe:e6:c1:4c:2d:e1:31:81:49:52:e3:d1:
b6:d6:81:61:a5:6f:84:e9:3b:9e:fd:52:98:e0:52:
5e:47:9c:4c:a5:9b:d8:c6:c8:e6:77:8c:07:99:a4:
4c:d9:38:38:66:a3:1f:f4:12:5e:46:81:65:60:dd:
67:52:c1:c0:40:89:53:01:f9:b4:db:45:22:92:a6:
da:ca:b8:23:af:76:6d:da:5b:a1:89:eb:8c:e1:0e:
dc:29:d8:30:6f:46:f4:63:f8:dc:ad:7f:a6:84:2e:
ff:ce:56:30:4a:8b:23:0c:c0:7f:28:82:cd:2f:54:
d5:e6:19:5d:28:a0:dd:78:45:b5:ec:e9:8c:a6:8e:
da:26:57:4f:bb:98:2c:c9:b6:f9:e8:34:cc:61:40:
6e:bc:f3:ce:10:cf:43:96:00:fb:46:c0:54:81:da:
8f:80:2a:ab:4e:62:52:7c:c6:56:c5:6f:9c:49:84:
22:0e:4f:e7:f5:c1:fe:23:5a:31:23:09:06:0f:92:
61:49:bc:b4:7d:68:b2:93:53:99:fd:92:d0:a9:00:
9a:ee:8c:1c:19:2b:5c:0c:87:ba:53:32:e5:55:7e:
36:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9A:6B:EE:75:AA:B3:DF:10:8E:3E:20:03:8C:1C:FA:7D:E5:DF:ED
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pJpr7nWqs98Qjj4gA4wc-n3l3-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.141.0/24
Signature Algorithm: sha256WithRSAEncryption
47:76:30:75:5c:93:52:9d:d0:c9:e5:09:fb:d5:a1:a2:a9:ae:
f8:69:c1:5c:bc:6f:93:35:8d:32:e4:98:38:b1:2b:9f:3c:e8:
4a:2a:55:75:83:1e:fe:d4:d8:b0:4d:6a:9e:60:53:34:dc:20:
a5:4c:6d:4a:35:89:1c:d8:db:22:35:4d:a6:52:7c:ed:36:f9:
e8:fc:e4:71:84:46:e7:af:22:56:fd:41:57:5f:73:f7:8a:ea:
cb:48:91:54:2c:c7:b7:3d:11:09:f7:60:02:1e:95:b0:e3:5b:
4f:bf:7e:02:25:d9:38:d1:eb:7b:04:b2:87:96:15:62:c0:e1:
a2:9d:74:38:75:8c:a1:fb:ff:21:d0:cc:55:f4:f7:eb:f8:58:
06:30:82:06:a2:6c:e5:5c:26:e0:7c:18:35:cb:0c:34:55:52:
43:80:23:bc:64:70:19:57:b5:a0:83:1d:16:59:90:4d:39:01:
5d:c5:e8:72:38:ea:7c:e1:b8:9d:fa:8c:79:9a:70:ab:a3:80:
0e:50:81:28:7b:f5:3d:da:1f:67:c3:11:14:c4:27:ba:f3:f1:
86:65:24:46:22:55:d0:22:1d:0a:aa:33:79:64:ac:d7:0b:d9:
77:a9:67:9a:5f:4c:0d:cb:5b:1e:20:a9:5c:cd:30:f7:5d:cb:
a8:8e:87:c4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaqMmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ5YTZiZWU3NWFh
YjNkZjEwOGUzZTIwMDM4YzFjZmE3ZGU1ZGZlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANybej/YkqHwCWrX4dowX216WSnvGqt8Z1CR7XxyFsjG/ubB
TC3hMYFJUuPRttaBYaVvhOk7nv1SmOBSXkecTKWb2MbI5neMB5mkTNk4OGajH/QS
XkaBZWDdZ1LBwECJUwH5tNtFIpKm2sq4I692bdpboYnrjOEO3CnYMG9G9GP43K1/
poQu/85WMEqLIwzAfyiCzS9U1eYZXSig3XhFtezpjKaO2iZXT7uYLMm2+eg0zGFA
brzzzhDPQ5YA+0bAVIHaj4Aqq05iUnzGVsVvnEmEIg5P5/XB/iNaMSMJBg+SYUm8
tH1ospNTmf2S0KkAmu6MHBkrXAyHulMy5VV+NsMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkmmvudaqz3xCOPiADjBz6feXf7TAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L3BKcHI3bldxczk4UWpqNGdBNHdjLW4zbDMtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkVjTANBgkqhkiG9w0BAQsFAAOC
AQEAR3YwdVyTUp3QyeUJ+9Whoqmu+GnBXLxvkzWNMuSYOLErnzzoSipVdYMe/tTY
sE1qnmBTNNwgpUxtSjWJHNjbIjVNplJ87Tb56PzkcYRG568iVv1BV19z94rqy0iR
VCzHtz0RCfdgAh6VsONbT79+AiXZONHrewSyh5YVYsDhop10OHWMofv/IdDMVfT3
6/hYBjCCBqJs5Vwm4HwYNcsMNFVSQ4AjvGRwGVe1oIMdFlmQTTkBXcXocjjqfOG4
nfqMeZpwq6OADlCBKHv1PdofZ8MRFMQnuvPxhmUkRiJV0CIdCqozeWSs1wvZd6ln
ml9MDctbHiCpXM0w913LqI6HxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org