Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/q_otHiu3RPRI3QgPAGqCgEhq6P8.roa
File: q_otHiu3RPRI3QgPAGqCgEhq6P8.roa (raw, json)
Hash identifier: g2sQ/DRamgwjAL5X0FfSz6hHkimzQgppGhD7l9UH3wA=
Subject key identifier: AB:FA:2D:1E:2B:B7:44:F4:48:DD:08:0F:00:6A:82:80:48:6A:E8:FF
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 01857082B7AFB57E63E621FAB57FCB7A8805
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/q_otHiu3RPRI3QgPAGqCgEhq6P8.roa
Signing time: Mon 02 Jan 2023 03:24:52 +0000
ROA not before: Mon 02 Jan 2023 03:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210212
IP address blocks: 85.187.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:b7:af:b5:7e:63:e6:21:fa:b5:7f:cb:7a:88:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Jan 2 03:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abfa2d1e2bb744f448dd080f006a8280486ae8ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:28:0d:9f:e9:87:4a:0b:06:9f:6c:04:72:ab:
55:64:bf:8d:c7:f2:39:3e:dd:0f:4f:2b:5f:f5:42:
74:69:15:be:b2:f1:69:aa:bb:04:6e:e7:c8:68:81:
57:99:5d:e3:13:f0:3d:2d:14:0f:00:26:61:33:84:
29:2d:c1:52:35:c8:b6:28:96:18:90:83:18:ab:15:
e8:bf:7d:ec:56:c3:07:ca:4d:cc:df:e7:43:c3:df:
7f:a7:38:ae:77:14:2d:5f:03:97:30:87:cf:c1:05:
90:7e:d7:d8:8f:d3:dc:50:56:77:f6:dc:b7:37:50:
b2:cd:f3:95:b6:0b:39:f3:5e:e9:10:da:44:2b:11:
40:94:b1:9b:ff:c4:d4:fc:c4:04:b7:fe:83:1e:61:
f4:49:7e:d0:ec:60:c7:7e:78:11:3f:d6:21:83:8c:
f9:c9:1f:5c:a4:75:29:99:f1:c2:fe:b6:56:5b:1f:
ac:bf:e4:b9:fb:8a:d8:9c:23:34:f9:1a:3f:2a:37:
fa:3c:05:f4:53:4f:3e:8a:76:29:e1:4a:ea:00:16:
36:e8:66:d3:02:88:b4:cd:73:7b:4f:de:3f:a1:0f:
a5:f0:60:de:ea:ab:7b:29:23:37:50:65:a4:24:99:
94:0f:c5:a1:87:4c:2f:3b:36:fe:31:36:12:e9:6d:
e7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:FA:2D:1E:2B:B7:44:F4:48:DD:08:0F:00:6A:82:80:48:6A:E8:FF
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/q_otHiu3RPRI3QgPAGqCgEhq6P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.214.0/24
Signature Algorithm: sha256WithRSAEncryption
69:e9:07:dd:5e:86:a7:15:28:d0:b4:55:1e:c1:cb:7b:d4:e8:
7c:bf:3a:6e:e8:d9:8f:80:05:52:cc:7e:86:e8:8f:71:e4:b7:
92:b9:72:9e:48:f2:07:ca:da:5d:50:d3:24:e7:f3:eb:01:7f:
80:74:e6:39:f2:ea:50:02:6c:09:67:6f:c1:c1:f1:b9:9c:3b:
de:e7:2f:79:8b:b4:18:bc:ef:a7:ce:c6:ed:ce:fa:35:8e:8c:
0e:28:11:7c:cd:c8:a8:73:6b:fe:6f:47:ae:f5:a8:94:ed:64:
5c:6b:67:b2:18:24:24:cb:0a:fa:d5:6e:70:77:2d:f1:4b:de:
d7:ea:eb:cd:c7:2d:ed:93:87:e4:74:2c:e0:ef:ed:e2:4d:90:
2f:05:f2:f8:87:e8:17:23:85:56:60:93:02:fa:80:cb:90:8b:
9a:54:36:64:cb:76:f6:27:47:81:4c:35:de:67:45:76:31:5b:
78:e0:34:54:f9:20:78:37:31:cd:12:b3:2f:34:e8:1a:66:d7:
de:0e:23:0d:73:b3:87:a0:34:33:64:25:35:35:f8:3b:9f:45:
f0:ba:27:20:fd:6a:8e:ef:d3:b5:46:0b:f1:bc:08:c3:fa:c2:
0a:83:67:8d:a5:94:56:23:8e:8e:60:83:2d:df:13:89:39:b8:
81:8e:db:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgrevtX5j5iH6tX/LeogFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2I0YmNhYmViMjk2MDVlYTUxMWRlOTczZTQ2NzVjNGI4
YTI5ZGYwHhcNMjMwMTAyMDMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmZhMmQxZTJiYjc0NGY0NDhkZDA4MGYwMDZhODI4MDQ4NmFlOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2igNn+mHSgsGn2wEcqtVZL+Nx/I5
Pt0PTytf9UJ0aRW+svFpqrsEbufIaIFXmV3jE/A9LRQPACZhM4QpLcFSNci2KJYY
kIMYqxXov33sVsMHyk3M3+dDw99/pziudxQtXwOXMIfPwQWQftfYj9PcUFZ39ty3
N1CyzfOVtgs5817pENpEKxFAlLGb/8TU/MQEt/6DHmH0SX7Q7GDHfngRP9Yhg4z5
yR9cpHUpmfHC/rZWWx+sv+S5+4rYnCM0+Ro/Kjf6PAX0U08+inYp4UrqABY26GbT
Aoi0zXN7T94/oQ+l8GDe6qt7KSM3UGWkJJmUD8Whh0wvOzb+MTYS6W3nNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKv6LR4rt0T0SN0IDwBqgoBIauj/MB8GA1UdIwQY
MBaAFH17S8q+spYF6lEd6XPkZ1xLiinfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGIt
NDQ3NjE3YTRhNzQ0LzEvcV9vdEhpdTNSUFJJM1FnUEFHcUNnRWhxNlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGItNDQ3NjE3YTRhNzQ0
LzEvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVbvWMA0G
CSqGSIb3DQEBCwUAA4IBAQBp6QfdXoanFSjQtFUewct71Oh8vzpu6NmPgAVSzH6G
6I9x5LeSuXKeSPIHytpdUNMk5/PrAX+AdOY58upQAmwJZ2/BwfG5nDve5y95i7QY
vO+nzsbtzvo1jowOKBF8zcioc2v+b0eu9aiU7WRca2eyGCQkywr61W5wdy3xS97X
6uvNxy3tk4fkdCzg7+3iTZAvBfL4h+gXI4VWYJMC+oDLkIuaVDZky3b2J0eBTDXe
Z0V2MVt44DRU+SB4NzHNErMvNOgaZtfeDiMNc7OHoDQzZCU1Nfg7n0Xwuicg/WqO
79O1RgvxvAjD+sIKg2eNpZRWI46OYIMt3xOJObiBjtsb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org