Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/DZDnIIEKpms7blT6V0R2PSPkPjs.roa
File: DZDnIIEKpms7blT6V0R2PSPkPjs.roa (raw, json)
Hash identifier: q9QVyjtTcPbxSJDisoc5JUZKzJfFrIUdGpMI6ZNj+8k=
Subject key identifier: 0D:90:E7:20:81:0A:A6:6B:3B:6E:54:FA:57:44:76:3D:23:E4:3E:3B
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 09B6E913
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/DZDnIIEKpms7blT6V0R2PSPkPjs.roa
Signing time: Wed 27 Apr 2022 20:44:40 +0000
ROA not before: Wed 27 Apr 2022 20:44:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42337
IP address blocks: 185.232.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162982163 (0x9b6e913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Apr 27 20:44:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d90e720810aa66b3b6e54fa5744763d23e43e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c8:d0:55:8b:4b:0c:17:09:25:55:33:bf:cf:
99:8d:26:6b:17:70:b9:dc:54:ed:66:0b:d0:0e:ef:
f9:48:76:d9:a3:ee:40:3b:53:68:34:59:62:f9:4a:
bb:08:46:4c:c9:c6:31:b3:21:1f:b6:79:f5:22:12:
f6:83:1c:f3:0d:9b:f6:54:77:8f:dd:8f:6d:28:4a:
fa:31:9a:5f:fd:16:f4:da:67:e7:29:0d:04:f7:16:
42:0c:44:75:ff:53:54:ce:1c:94:6a:83:30:ce:e3:
65:6d:21:fd:52:78:2d:83:b3:85:cd:e9:b3:63:8e:
28:9c:1b:92:ec:bb:70:82:5b:75:ed:9e:4d:b5:c7:
bc:9e:cd:6f:41:91:90:d5:c3:fa:39:67:b2:8a:8d:
76:f3:2d:c0:fc:97:a9:3f:01:9d:7c:48:97:65:94:
fc:64:0b:1f:d4:a4:28:55:98:f0:ca:3e:1b:00:5a:
c7:f7:03:00:c0:04:dc:0e:c0:15:3c:c4:af:e4:1d:
bf:62:f2:29:f3:68:ba:44:d8:0c:b7:0e:42:e9:81:
54:8f:06:0f:80:2e:2f:2b:fd:bc:67:38:8d:ac:0c:
b6:cc:9f:3e:e1:07:a0:f4:34:71:53:c1:2c:b1:da:
c4:3f:75:43:c2:5e:0a:b7:91:18:bb:16:42:c1:02:
39:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:90:E7:20:81:0A:A6:6B:3B:6E:54:FA:57:44:76:3D:23:E4:3E:3B
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/DZDnIIEKpms7blT6V0R2PSPkPjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.152.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:3b:a3:a5:9f:26:7c:c7:ce:e7:cd:b0:ef:96:da:0f:30:11:
a7:ae:94:62:b3:db:19:4d:9f:99:e8:7e:b4:7f:78:38:56:21:
18:b3:19:10:cc:30:aa:06:17:01:4c:1d:ab:cd:08:6b:b5:dc:
4e:e8:d1:76:2e:4d:7b:64:b3:a9:99:92:e8:c7:01:9c:c1:c3:
25:f0:a7:23:d9:76:b4:5c:76:06:01:5c:a6:7b:97:fe:20:2d:
39:ce:0c:c7:87:de:88:5f:a7:6f:18:e6:db:cb:f8:46:c1:f0:
ed:99:96:6b:77:13:ab:f8:04:ae:6d:64:1a:03:34:c8:75:73:
ae:f2:41:7f:c2:f8:31:76:90:30:e6:5f:42:74:7c:72:9e:a1:
85:65:2f:c7:29:fc:bc:e5:3d:fb:c1:6e:e7:73:3a:77:82:ec:
25:69:64:3b:b6:bf:ce:71:fd:7a:a9:8c:2c:86:47:16:88:4c:
09:2a:e9:60:b7:2e:c0:b2:54:24:c6:c7:81:df:7d:f8:fa:44:
60:91:0d:f0:53:6d:9e:39:82:f7:54:91:fb:31:92:e6:6f:9c:
0c:0f:73:2c:83:80:88:91:4f:52:79:1b:9d:0f:cf:c0:bd:e8:
41:9d:06:ff:64:91:25:6f:1e:bf:9d:0c:c9:40:d7:1d:a2:00:
3b:08:eb:8e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECbbpEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTNlMDUxY2I4MzFkMTk4OTYwN2JiNzZjMGJjNTY5M2ZmOTQ3YjUzMB4XDTIyMDQy
NzIwNDQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ5MGU3MjA4MTBh
YTY2YjNiNmU1NGZhNTc0NDc2M2QyM2U0M2UzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrI0FWLSwwXCSVVM7/PmY0maxdwudxU7WYL0A7v+Uh22aPu
QDtTaDRZYvlKuwhGTMnGMbMhH7Z59SIS9oMc8w2b9lR3j92PbShK+jGaX/0W9Npn
5ykNBPcWQgxEdf9TVM4clGqDMM7jZW0h/VJ4LYOzhc3ps2OOKJwbkuy7cIJbde2e
TbXHvJ7Nb0GRkNXD+jlnsoqNdvMtwPyXqT8BnXxIl2WU/GQLH9SkKFWY8Mo+GwBa
x/cDAMAE3A7AFTzEr+Qdv2LyKfNoukTYDLcOQumBVI8GD4AuLyv9vGc4jawMtsyf
PuEHoPQ0cVPBLLHaxD91Q8JeCreRGLsWQsECOQkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQNkOcggQqmaztuVPpXRHY9I+Q+OzAfBgNVHSMEGDAWgBSBPgUcuDHRmJYH
u3bAvFaT/5R7UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dUNEZITGd4MFppV0I3dDJ3THhXa18tVWUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8x
L0RaRG5JSUVLcG1zN2JsVDZWMFIyUFNQa1Bqcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8xL2dUNEZITGd4MFpp
V0I3dDJ3THhXa18tVWUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnomDANBgkqhkiG9w0BAQsFAAOC
AQEALzujpZ8mfMfO582w75baDzARp66UYrPbGU2fmeh+tH94OFYhGLMZEMwwqgYX
AUwdq80Ia7XcTujRdi5Ne2SzqZmS6McBnMHDJfCnI9l2tFx2BgFcpnuX/iAtOc4M
x4feiF+nbxjm28v4RsHw7ZmWa3cTq/gErm1kGgM0yHVzrvJBf8L4MXaQMOZfQnR8
cp6hhWUvxyn8vOU9+8Fu53M6d4LsJWlkO7a/znH9eqmMLIZHFohMCSrpYLcuwLJU
JMbHgd99+PpEYJEN8FNtnjmC91SR+zGS5m+cDA9zLIOAiJFPUnkbnQ/PwL3oQZ0G
/2SRJW8ev50MyUDXHaIAOwjrjg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:48 2023 by rpki-client on console-fra.rpki-client.org