Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/9KEgO05Js1tFWWZanItZFeLZnWA.roa
File: 9KEgO05Js1tFWWZanItZFeLZnWA.roa (raw, json)
Hash identifier: nSPdcNt3qairAynwA+Nym8gKnQjACZIGAyH/XuyG1sg=
Subject key identifier: F4:A1:20:3B:4E:49:B3:5B:45:59:66:5A:9C:8B:59:15:E2:D9:9D:60
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 01857082B6E47EC4C2F7B9AED9F255746A48
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/9KEgO05Js1tFWWZanItZFeLZnWA.roa
Signing time: Mon 02 Jan 2023 03:24:52 +0000
ROA not before: Mon 02 Jan 2023 03:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41280
IP address blocks: 85.187.213.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:b6:e4:7e:c4:c2:f7:b9:ae:d9:f2:55:74:6a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Jan 2 03:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4a1203b4e49b35b4559665a9c8b5915e2d99d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2b:f1:95:58:0f:c0:dc:70:22:cc:a4:fb:00:
5c:f0:e9:f7:47:d2:09:49:67:c0:fc:8e:38:56:45:
bd:64:f6:4d:e8:bf:e2:80:25:4c:64:02:d5:0c:98:
97:8d:63:5b:e4:e4:0f:1e:87:83:04:fd:06:a3:22:
13:50:80:4c:30:cd:90:74:1c:0f:d5:71:be:94:ef:
52:30:13:9b:58:7b:75:55:cd:53:e7:4b:93:fd:83:
eb:3c:e6:bf:99:08:2d:37:8f:a1:ba:0d:08:5d:4b:
84:f3:8a:94:b4:5d:a3:b6:29:ad:e6:44:2a:e1:58:
98:fe:3a:aa:04:06:4f:c9:fb:9e:1e:08:8d:80:bf:
96:14:8f:ba:2b:1a:7f:00:ca:88:f5:2a:d6:4e:cf:
f7:bb:01:82:18:e1:f6:43:d7:e2:8a:8b:d8:37:0d:
38:c4:e8:8b:37:9a:60:be:57:73:3a:c0:89:bc:43:
e6:72:4d:80:45:9b:94:81:a5:62:1c:92:3b:33:f3:
af:aa:c4:e3:e5:5c:d2:aa:5a:b9:b5:0f:74:aa:22:
36:57:fe:72:3a:2b:26:a3:22:ca:8e:94:70:ec:ae:
26:df:c4:22:81:da:6f:f7:e9:97:3a:7b:29:25:a0:
41:ba:4d:09:93:b0:b9:7c:a6:a1:ec:b6:dc:83:c2:
3b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A1:20:3B:4E:49:B3:5B:45:59:66:5A:9C:8B:59:15:E2:D9:9D:60
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/9KEgO05Js1tFWWZanItZFeLZnWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.213.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c6:2b:38:51:90:1a:cc:f9:60:ff:de:df:27:df:fe:7c:25:
2e:81:1c:3a:3a:db:6c:de:fc:1a:2b:42:fb:de:9c:db:61:c3:
45:2a:81:d9:b2:31:4f:d9:08:8f:bd:5a:fe:2d:3c:26:75:d1:
d3:80:26:76:45:c5:89:6a:d5:e4:6a:51:4a:df:fc:6b:55:eb:
87:b4:15:f7:c2:6d:8a:77:41:68:bd:45:7e:a8:8f:58:3f:18:
8d:00:e0:17:b4:33:3a:28:75:1c:9c:df:1a:d1:7e:52:66:a2:
ec:5c:ed:a7:ab:79:37:2e:d2:17:94:66:7d:6d:e1:88:32:b4:
b7:49:3e:8f:6c:3c:7d:75:a2:cc:39:d0:a8:4e:a8:9b:f7:06:
c3:7f:45:60:81:a1:c1:9f:3a:44:9c:63:fd:ae:6c:76:a7:f8:
a4:d6:c7:ee:e1:d9:44:62:a2:83:56:8b:cb:6d:22:db:29:ed:
08:87:9d:be:1a:31:86:2d:97:e9:b7:c4:92:27:54:bf:8f:10:
98:64:cf:00:ba:d3:e0:89:61:b2:c2:fc:7b:bb:3d:a2:bd:af:
df:18:fb:e7:37:a1:0a:25:fd:03:69:3f:70:cb:9c:90:4c:2c:
21:e2:29:66:f2:f8:a6:9a:ca:5c:f1:0b:65:7c:88:6a:15:52:
fa:c3:07:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgrbkfsTC97mu2fJVdGpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2I0YmNhYmViMjk2MDVlYTUxMWRlOTczZTQ2NzVjNGI4
YTI5ZGYwHhcNMjMwMTAyMDMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGExMjAzYjRlNDliMzViNDU1OTY2NWE5YzhiNTkxNWUyZDk5ZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlivxlVgPwNxwIsyk+wBc8On3R9IJ
SWfA/I44VkW9ZPZN6L/igCVMZALVDJiXjWNb5OQPHoeDBP0GoyITUIBMMM2QdBwP
1XG+lO9SMBObWHt1Vc1T50uT/YPrPOa/mQgtN4+hug0IXUuE84qUtF2jtimt5kQq
4ViY/jqqBAZPyfueHgiNgL+WFI+6Kxp/AMqI9SrWTs/3uwGCGOH2Q9fiiovYNw04
xOiLN5pgvldzOsCJvEPmck2ARZuUgaViHJI7M/OvqsTj5VzSqlq5tQ90qiI2V/5y
OismoyLKjpRw7K4m38Qigdpv9+mXOnspJaBBuk0Jk7C5fKah7Lbcg8I7EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPShIDtOSbNbRVlmWpyLWRXi2Z1gMB8GA1UdIwQY
MBaAFH17S8q+spYF6lEd6XPkZ1xLiinfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGIt
NDQ3NjE3YTRhNzQ0LzEvOUtFZ08wNUpzMXRGV1daYW5JdFpGZUxabldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGItNDQ3NjE3YTRhNzQ0
LzEvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVbvVMA0G
CSqGSIb3DQEBCwUAA4IBAQAoxis4UZAazPlg/97fJ9/+fCUugRw6Otts3vwaK0L7
3pzbYcNFKoHZsjFP2QiPvVr+LTwmddHTgCZ2RcWJatXkalFK3/xrVeuHtBX3wm2K
d0FovUV+qI9YPxiNAOAXtDM6KHUcnN8a0X5SZqLsXO2nq3k3LtIXlGZ9beGIMrS3
ST6PbDx9daLMOdCoTqib9wbDf0VggaHBnzpEnGP9rmx2p/ik1sfu4dlEYqKDVovL
bSLbKe0Ih52+GjGGLZfpt8SSJ1S/jxCYZM8AutPgiWGywvx7uz2iva/fGPvnN6EK
Jf0DaT9wy5yQTCwh4ilm8vimmspc8QtlfIhqFVL6wwdJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org