Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/XDDNiz2U4jjVoGDwXhE8CxCq-BY.roa
File: XDDNiz2U4jjVoGDwXhE8CxCq-BY.roa (raw, json)
Hash identifier: 6BeLarh1EM7RWbY77ka/JlMS3QpcWXcDmoC68ic/mQ8=
Subject key identifier: 5C:30:CD:8B:3D:94:E2:38:D5:A0:60:F0:5E:11:3C:0B:10:AA:F8:16
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 049B796B
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/XDDNiz2U4jjVoGDwXhE8CxCq-BY.roa
Signing time: Thu 03 Feb 2022 17:15:21 +0000
ROA not before: Thu 03 Feb 2022 17:15:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204554
IP address blocks: 85.187.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77298027 (0x49b796b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Feb 3 17:15:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c30cd8b3d94e238d5a060f05e113c0b10aaf816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7a:10:a5:da:d3:69:f9:83:f4:b3:bc:c1:a9:
cf:a4:1b:73:de:d4:c7:13:69:ff:6d:d3:6f:6b:ff:
6e:94:57:6e:0e:83:38:ad:28:a7:9e:b9:6f:b1:1c:
ac:46:6a:4c:2f:be:8e:3e:ae:53:53:44:e6:76:f9:
cd:35:4c:70:82:eb:59:c6:23:a2:9b:79:3d:25:9b:
a7:7d:e5:f6:87:0b:27:0d:3b:c5:41:74:a0:a6:32:
8a:35:b4:bb:89:86:e3:7e:d1:b9:46:06:0a:18:e3:
f6:c2:b3:44:7b:14:cd:60:0e:5c:6b:56:77:00:bf:
2d:13:5b:aa:7e:f0:8b:3d:0d:0d:05:93:4b:50:51:
3e:92:37:b5:26:c0:99:87:81:e5:3d:e6:56:88:a9:
46:92:85:cf:6b:e7:8f:fb:1e:31:09:f6:bb:b6:10:
cf:18:85:3d:99:1f:61:a4:e3:48:e0:df:a0:8e:05:
99:dd:15:f1:6f:fb:9d:54:7b:50:89:16:6d:46:ef:
10:24:33:28:6c:6d:55:1f:e0:dd:f1:48:5c:18:2f:
81:f5:a9:01:ad:1b:66:e8:30:28:46:cb:eb:ae:63:
c9:2b:f2:99:4e:81:8a:9a:fd:c1:4a:b9:59:c9:21:
65:32:e6:b5:53:9e:d7:1c:e1:78:29:f7:b9:1a:c3:
9d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:30:CD:8B:3D:94:E2:38:D5:A0:60:F0:5E:11:3C:0B:10:AA:F8:16
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/XDDNiz2U4jjVoGDwXhE8CxCq-BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.215.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:78:ae:91:e1:07:ac:09:19:48:47:a2:83:91:c7:3a:97:3f:
32:a4:68:f9:36:01:1d:92:13:b3:ec:27:ba:77:c2:11:d0:b8:
64:91:25:73:dc:d0:e5:3e:69:a2:ef:0a:5e:d1:06:55:44:19:
67:5c:1b:d5:ab:16:98:be:41:3e:e7:79:e3:5f:af:aa:cd:1f:
45:32:2d:e1:13:d2:5c:22:84:6a:79:91:11:86:b2:54:3c:4d:
ca:81:72:d7:47:d8:05:b4:16:1f:83:31:22:2d:5d:4d:0d:ac:
a2:b5:6d:9d:8f:f8:2c:4d:5e:6b:68:73:03:40:dd:f8:1d:2d:
04:a8:76:58:14:b2:0c:6e:85:55:2e:22:8e:8d:79:4e:60:05:
85:5b:8a:b9:ff:f8:23:d5:49:86:ea:fa:1d:bf:bf:c6:b9:83:
ad:4d:39:6e:d8:e8:7a:24:85:59:00:7c:4c:6d:7d:e8:3e:f8:
bd:3d:38:fe:ee:88:cf:65:89:81:4a:79:89:0f:22:00:36:09:
ff:cb:53:95:3f:65:43:3b:48:fd:f0:33:91:be:10:f7:c0:c2:
b7:46:ab:6d:31:b9:93:fe:fc:c8:5a:8a:39:3b:4c:d4:38:b3:
a5:0a:4a:c3:80:66:5d:14:12:9a:79:39:64:e6:fb:95:86:8b:
04:77:9c:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBJt5azANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDdiNGJjYWJlYjI5NjA1ZWE1MTFkZTk3M2U0Njc1YzRiOGEyOWRmMB4XDTIyMDIw
MzE3MTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMzMGNkOGIzZDk0
ZTIzOGQ1YTA2MGYwNWUxMTNjMGIxMGFhZjgxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOF6EKXa02n5g/SzvMGpz6Qbc97UxxNp/23Tb2v/bpRXbg6D
OK0op565b7EcrEZqTC++jj6uU1NE5nb5zTVMcILrWcYjopt5PSWbp33l9ocLJw07
xUF0oKYyijW0u4mG437RuUYGChjj9sKzRHsUzWAOXGtWdwC/LRNbqn7wiz0NDQWT
S1BRPpI3tSbAmYeB5T3mVoipRpKFz2vnj/seMQn2u7YQzxiFPZkfYaTjSODfoI4F
md0V8W/7nVR7UIkWbUbvECQzKGxtVR/g3fFIXBgvgfWpAa0bZugwKEbL665jySvy
mU6Bipr9wUq5WckhZTLmtVOe1xzheCn3uRrDnW8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcMM2LPZTiONWgYPBeETwLEKr4FjAfBgNVHSMEGDAWgBR9e0vKvrKWBepR
Helz5GdcS4op3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZYdEx5cjZ5bGdYcVVSM3BjLVJuWEV1S0tkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0NC8x
L1hERE5pejJVNGpqVm9HRHdYaEU4Q3hDcS1CWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
ODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0NC8xL2ZYdEx5cjZ5bGdY
cVVSM3BjLVJuWEV1S0tkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFW71zANBgkqhkiG9w0BAQsFAAOC
AQEAK3iukeEHrAkZSEeig5HHOpc/MqRo+TYBHZITs+wnunfCEdC4ZJElc9zQ5T5p
ou8KXtEGVUQZZ1wb1asWmL5BPud541+vqs0fRTIt4RPSXCKEanmREYayVDxNyoFy
10fYBbQWH4MxIi1dTQ2sorVtnY/4LE1ea2hzA0Dd+B0tBKh2WBSyDG6FVS4ijo15
TmAFhVuKuf/4I9VJhur6Hb+/xrmDrU05btjoeiSFWQB8TG196D74vT04/u6Iz2WJ
gUp5iQ8iADYJ/8tTlT9lQztI/fAzkb4Q98DCt0arbTG5k/78yFqKOTtM1DizpQpK
w4BmXRQSmnk5ZOb7lYaLBHecmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org