Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/2JQxe1FBQ_CuBKd_Sg11I4uVlnc.roa
File: 2JQxe1FBQ_CuBKd_Sg11I4uVlnc.roa (raw, json)
Hash identifier: iefPSUH7MXvUlt/enqW9rlQ9iVsTYBfS2ZxhYCp8HG8=
Subject key identifier: D8:94:31:7B:51:41:43:F0:AE:04:A7:7F:4A:0D:75:23:8B:95:96:77
Certificate issuer: /CN=e123860e20cdb2cfdf2cefb3753a15b822829266
Certificate serial: 0189C0025A0E6AB01E4A8AD7FDBCB0F9DF2C
Authority key identifier: E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/2JQxe1FBQ_CuBKd_Sg11I4uVlnc.roa
Signing time: Fri 04 Aug 2023 10:05:26 +0000
ROA not before: Fri 04 Aug 2023 10:05:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56974
IP address blocks: 185.44.229.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:02:5a:0e:6a:b0:1e:4a:8a:d7:fd:bc:b0:f9:df:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e123860e20cdb2cfdf2cefb3753a15b822829266
Validity
Not Before: Aug 4 10:05:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d894317b514143f0ae04a77f4a0d75238b959677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:45:df:82:39:8b:ba:23:96:e6:dc:c7:8d:1c:
b9:b3:41:6c:4a:ac:d0:c2:2d:49:70:0e:00:59:f3:
33:80:e4:c6:18:30:cc:e9:8a:a2:e6:5c:af:be:34:
fe:8a:2d:5b:f7:6e:7b:6d:fc:bf:4e:81:7c:0a:89:
74:31:9c:63:2f:d2:90:05:45:ba:01:12:36:45:66:
09:91:20:1d:e1:61:04:84:27:d7:5f:97:4a:be:26:
e0:e1:e2:56:fa:b3:30:e8:76:0b:7d:4d:5e:4f:25:
98:5f:56:97:2b:8c:0c:28:26:62:eb:18:ef:cf:7c:
c4:29:fc:dc:18:ec:b2:04:86:f3:78:14:5a:52:49:
bb:36:95:3f:77:19:34:7a:1d:dc:4f:f1:26:ae:50:
08:48:23:8a:ac:1a:5d:95:e7:3b:e7:23:6c:0f:db:
b1:b2:c5:ff:ea:b1:ab:61:cc:fc:9d:fd:5a:9b:46:
c9:94:4d:07:b9:f7:69:9c:4b:ae:c6:4d:09:f7:4a:
26:05:0b:2a:7e:f9:c6:26:fe:93:2d:a7:fb:c3:76:
65:ca:79:61:a8:ba:dd:4b:d3:6f:dc:a3:63:dc:9e:
9e:db:9b:f2:0a:b8:9a:ac:ea:76:9b:ef:02:cc:3c:
34:44:08:12:2e:46:da:a0:19:19:89:78:31:28:8f:
85:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:94:31:7B:51:41:43:F0:AE:04:A7:7F:4A:0D:75:23:8B:95:96:77
X509v3 Authority Key Identifier:
keyid:E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/2JQxe1FBQ_CuBKd_Sg11I4uVlnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/4SOGDiDNss_fLO-zdToVuCKCkmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.229.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c8:1f:34:06:79:70:68:5a:cb:58:17:57:fb:c0:9b:9e:52:
4f:40:e1:20:99:ed:45:3f:ec:27:c8:09:63:c4:6d:ec:be:27:
c6:c4:d7:23:c6:d1:38:d7:9c:42:d2:7c:a3:26:9a:eb:df:81:
97:b7:15:62:f7:eb:cf:34:f7:8e:56:63:9d:f0:6b:57:9e:91:
89:08:27:7c:f6:2d:e5:50:b3:45:f2:57:f7:da:21:db:43:75:
c1:56:60:3d:b0:8f:5e:d6:2c:18:48:36:f5:24:aa:76:20:d0:
46:4b:37:cf:63:58:8f:a7:18:b0:34:c8:36:05:32:e3:24:cd:
2f:36:43:c0:84:53:26:fc:3a:e0:2f:c5:e1:a4:95:f6:21:01:
91:2c:9a:c2:a4:7e:15:51:5f:45:13:da:3f:66:92:55:ee:73:
b2:97:d6:e6:80:64:78:94:8a:ec:02:f7:55:16:05:83:b4:1f:
a0:dc:2a:de:75:68:97:be:be:b5:4b:5d:d9:97:6e:08:ef:bd:
5a:9b:ae:4e:85:ea:8d:e5:23:27:b4:af:e3:9e:86:a7:5c:cb:
98:cc:b5:9e:08:d1:e0:80:79:5a:f1:3d:ca:2d:f5:5c:5d:69:
e4:7b:ea:7b:30:75:ee:b7:26:55:08:b0:c3:c0:0a:13:e2:57:
ed:f0:ae:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnAAloOarAeSorX/byw+d8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjM4NjBlMjBjZGIyY2ZkZjJjZWZiMzc1M2ExNWI4MjI4
MjkyNjYwHhcNMjMwODA0MTAwNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk0MzE3YjUxNDE0M2YwYWUwNGE3N2Y0YTBkNzUyMzhiOTU5Njc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EXfgjmLuiOW5tzHjRy5s0FsSqzQ
wi1JcA4AWfMzgOTGGDDM6Yqi5lyvvjT+ii1b9257bfy/ToF8Col0MZxjL9KQBUW6
ARI2RWYJkSAd4WEEhCfXX5dKvibg4eJW+rMw6HYLfU1eTyWYX1aXK4wMKCZi6xjv
z3zEKfzcGOyyBIbzeBRaUkm7NpU/dxk0eh3cT/EmrlAISCOKrBpdlec75yNsD9ux
ssX/6rGrYcz8nf1am0bJlE0HufdpnEuuxk0J90omBQsqfvnGJv6TLaf7w3Zlynlh
qLrdS9Nv3KNj3J6e25vyCriarOp2m+8CzDw0RAgSLkbaoBkZiXgxKI+FDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiUMXtRQUPwrgSnf0oNdSOLlZZ3MB8GA1UdIwQY
MBaAFOEjhg4gzbLP3yzvs3U6FbgigpJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNPR0RpRE5zc19mTE8temRUb1Z1Q0tDa21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84MTA1OTktNzMxYS00ODZhLWIyM2Yt
NDc1MzdlYjY0NGY1LzEvMkpReGUxRkJRX0N1QktkX1NnMTFJNHVWbG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84MTA1OTktNzMxYS00ODZhLWIyM2YtNDc1MzdlYjY0NGY1
LzEvNFNPR0RpRE5zc19mTE8temRUb1Z1Q0tDa21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSzlMA0G
CSqGSIb3DQEBCwUAA4IBAQBdyB80BnlwaFrLWBdX+8CbnlJPQOEgme1FP+wnyAlj
xG3svifGxNcjxtE415xC0nyjJprr34GXtxVi9+vPNPeOVmOd8GtXnpGJCCd89i3l
ULNF8lf32iHbQ3XBVmA9sI9e1iwYSDb1JKp2INBGSzfPY1iPpxiwNMg2BTLjJM0v
NkPAhFMm/DrgL8XhpJX2IQGRLJrCpH4VUV9FE9o/ZpJV7nOyl9bmgGR4lIrsAvdV
FgWDtB+g3CredWiXvr61S13Zl24I771am65OheqN5SMntK/jnoanXMuYzLWeCNHg
gHla8T3KLfVcXWnke+p7MHXutyZVCLDDwAoT4lft8K7o
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:08 2025 by rpki-client