Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/CZugY9G6NTpRYDgMD55DsL78Kds.roa
File: CZugY9G6NTpRYDgMD55DsL78Kds.roa (raw, json)
Hash identifier: vBVtKpnEU2KNsO8KzeeNPP8hrJ2i5C1MmGoMgLDumPM=
Subject key identifier: 09:9B:A0:63:D1:BA:35:3A:51:60:38:0C:0F:9E:43:B0:BE:FC:29:DB
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 08C3F621
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/CZugY9G6NTpRYDgMD55DsL78Kds.roa
Signing time: Sat 15 Jan 2022 08:53:26 +0000
ROA not before: Sat 15 Jan 2022 08:53:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206065
IP address blocks: 185.232.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147060257 (0x8c3f621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Jan 15 08:53:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=099ba063d1ba353a5160380c0f9e43b0befc29db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:12:36:58:25:a7:56:ca:f9:ab:72:f7:30:c5:
50:76:df:1d:9c:2c:ac:0a:00:cd:0e:3b:5a:b9:36:
31:71:74:b7:c6:0d:42:e7:e0:5d:65:5c:05:a1:67:
c4:ed:b1:a7:2a:79:b1:ef:a7:68:49:fe:56:9c:3b:
8d:36:25:5c:e2:1a:25:8b:28:c4:1f:e7:e2:2d:4f:
5b:89:80:d0:71:67:fd:6d:09:57:da:b7:69:e7:60:
9a:65:51:d1:db:8b:41:0e:bc:b3:87:98:8a:7d:6e:
e0:cb:df:60:3a:dd:dd:15:c6:7b:c7:05:dd:49:ac:
cb:19:f3:ef:bc:e3:88:4e:a0:49:9f:61:9d:33:f1:
c8:f4:af:f4:f1:42:41:13:1f:89:da:ae:52:11:17:
91:99:9b:fe:06:c5:8d:a8:0a:9d:5b:52:1b:f5:48:
b0:64:7f:7a:20:16:b0:f3:6f:5f:1a:fe:00:06:b7:
a4:6c:a0:78:d0:79:ce:4d:dc:f8:e5:c2:b8:18:28:
c6:a5:38:74:9c:ea:22:51:b4:2e:fb:13:ea:72:67:
a5:e0:8c:c8:34:9a:cb:c0:c3:9a:10:a0:1c:12:a9:
af:0c:35:b6:71:f4:d3:35:20:4a:b2:f5:74:82:6a:
d4:bf:34:2a:29:1d:6a:5a:23:45:5b:b6:94:98:42:
25:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9B:A0:63:D1:BA:35:3A:51:60:38:0C:0F:9E:43:B0:BE:FC:29:DB
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/CZugY9G6NTpRYDgMD55DsL78Kds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.152.0/24
Signature Algorithm: sha256WithRSAEncryption
51:cb:55:ba:5d:94:de:a0:bc:80:80:65:0e:16:98:eb:40:42:
bf:90:bc:07:93:80:79:53:2e:c5:2c:06:b5:fb:40:bc:27:ed:
82:6d:34:44:4e:a1:fc:0e:0d:05:22:80:79:07:dc:a2:a6:e0:
86:7e:04:e0:d7:8b:fb:e8:fb:d3:6c:49:ed:20:1b:c1:3a:44:
fa:e6:8e:6d:f2:8d:2d:ee:7c:5f:39:da:33:9d:1b:23:a3:19:
be:c6:b2:91:03:00:f1:a3:e2:c7:e1:1d:f2:8b:d6:7b:b4:7f:
0a:7e:c4:5f:6e:31:8e:5f:ae:fc:94:87:f1:fc:69:8e:f7:68:
be:dd:03:a7:8b:33:c4:a4:c2:45:41:f0:2a:f9:66:21:0c:2e:
55:01:0f:f9:1e:9f:5c:67:e0:0c:fb:65:a5:6b:17:1d:89:d4:
a5:49:3d:fc:99:cf:77:ca:90:61:cf:8f:c3:18:19:9e:12:56:
4e:bf:6c:7f:8f:ad:84:54:10:52:f3:87:7a:8e:d9:d9:5b:e5:
93:3b:fd:24:81:29:1a:8d:48:82:88:84:84:0e:79:56:ad:ac:
ae:87:c6:eb:8a:ac:29:05:56:1f:c5:f4:a4:63:6e:3a:7b:1f:
9b:bc:57:72:8e:4e:67:3f:51:35:c0:8e:38:c8:21:7d:d3:b2:
25:c8:66:8a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMP2ITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTNlMDUxY2I4MzFkMTk4OTYwN2JiNzZjMGJjNTY5M2ZmOTQ3YjUzMB4XDTIyMDEx
NTA4NTMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk5YmEwNjNkMWJh
MzUzYTUxNjAzODBjMGY5ZTQzYjBiZWZjMjlkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYSNlglp1bK+aty9zDFUHbfHZwsrAoAzQ47Wrk2MXF0t8YN
QufgXWVcBaFnxO2xpyp5se+naEn+Vpw7jTYlXOIaJYsoxB/n4i1PW4mA0HFn/W0J
V9q3aedgmmVR0duLQQ68s4eYin1u4MvfYDrd3RXGe8cF3Umsyxnz77zjiE6gSZ9h
nTPxyPSv9PFCQRMfidquUhEXkZmb/gbFjagKnVtSG/VIsGR/eiAWsPNvXxr+AAa3
pGygeNB5zk3c+OXCuBgoxqU4dJzqIlG0LvsT6nJnpeCMyDSay8DDmhCgHBKprww1
tnH00zUgSrL1dIJq1L80KikdalojRVu2lJhCJd0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJm6Bj0bo1OlFgOAwPnkOwvvwp2zAfBgNVHSMEGDAWgBSBPgUcuDHRmJYH
u3bAvFaT/5R7UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dUNEZITGd4MFppV0I3dDJ3THhXa18tVWUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8x
L0NadWdZOUc2TlRwUllEZ01ENTVEc0w3OEtkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8xL2dUNEZITGd4MFpp
V0I3dDJ3THhXa18tVWUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnomDANBgkqhkiG9w0BAQsFAAOC
AQEAUctVul2U3qC8gIBlDhaY60BCv5C8B5OAeVMuxSwGtftAvCftgm00RE6h/A4N
BSKAeQfcoqbghn4E4NeL++j702xJ7SAbwTpE+uaObfKNLe58XznaM50bI6MZvsay
kQMA8aPix+Ed8ovWe7R/Cn7EX24xjl+u/JSH8fxpjvdovt0Dp4szxKTCRUHwKvlm
IQwuVQEP+R6fXGfgDPtlpWsXHYnUpUk9/JnPd8qQYc+PwxgZnhJWTr9sf4+thFQQ
UvOHeo7Z2Vvlkzv9JIEpGo1IgoiEhA55Vq2srofG64qsKQVWH8X0pGNuOnsfm7xX
co5OZz9RNcCOOMghfdOyJchmig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:34 2023 by rpki-client on console-ams.rpki-client.org