Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/NnsAJd1SywJ_om_yxBRiwzCTWQg.roa
File: NnsAJd1SywJ_om_yxBRiwzCTWQg.roa (raw, json)
Hash identifier: OqvqDL1SqtJdF9TXwZul3pNe2YLQP5XXpA3gticSEc4=
Subject key identifier: 36:7B:00:25:DD:52:CB:02:7F:A2:6F:F2:C4:14:62:C3:30:93:59:08
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 094E5303
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/NnsAJd1SywJ_om_yxBRiwzCTWQg.roa
Signing time: Mon 14 Mar 2022 07:52:24 +0000
ROA not before: Mon 14 Mar 2022 07:52:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25124
IP address blocks: 185.232.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156128003 (0x94e5303)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Mar 14 07:52:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=367b0025dd52cb027fa26ff2c41462c330935908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:46:2c:a6:36:b4:1e:5f:78:c8:ee:aa:9a:4e:
bc:70:98:1b:c9:66:aa:29:8d:3c:1f:01:23:a9:a3:
aa:57:04:f8:ef:80:90:08:24:30:11:e2:26:59:b4:
bc:42:31:eb:a7:a2:06:e9:88:6d:71:c6:28:e9:c2:
74:01:9f:78:19:8f:e0:84:5b:88:4c:4f:84:fa:9e:
8a:f7:75:6a:42:c1:13:73:5a:02:78:10:61:36:52:
77:74:ed:64:25:6a:f8:be:a2:d1:c3:72:0a:1b:14:
cf:67:1d:2d:6e:01:4e:26:86:ab:ad:81:7f:a4:47:
66:c0:7d:d3:1b:43:a3:69:93:0b:52:22:5a:ff:11:
54:3a:b1:10:a7:71:5a:49:c3:ab:11:69:78:f8:b7:
c4:72:42:21:c9:11:3d:cf:5c:7f:02:85:ba:22:60:
07:73:bb:77:2e:47:0c:33:97:a3:36:72:86:64:31:
30:b3:4f:c0:e5:63:b4:42:e5:35:38:dd:9b:b4:db:
16:73:8e:39:ca:6d:2e:20:c1:4a:ae:79:6c:6c:71:
aa:0d:f4:f6:1d:a0:8d:74:08:76:e1:0e:2f:53:65:
f8:05:37:a6:57:78:49:fb:eb:80:39:10:72:35:b6:
c7:aa:d9:a4:bf:03:a6:0a:fa:0c:b6:0e:76:b5:b8:
66:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7B:00:25:DD:52:CB:02:7F:A2:6F:F2:C4:14:62:C3:30:93:59:08
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/NnsAJd1SywJ_om_yxBRiwzCTWQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.152.0/24
Signature Algorithm: sha256WithRSAEncryption
24:c1:a4:21:34:f8:d8:90:d0:5c:e2:8e:a3:81:14:5b:e9:36:
51:fd:5c:40:ee:13:11:0f:7d:75:33:8c:53:b8:86:f3:e9:17:
af:0e:d1:79:62:7a:db:5e:4c:58:72:a5:6d:87:2b:c7:86:50:
7d:bd:2c:c4:8c:0b:5a:1f:ba:d1:32:73:48:dc:3f:31:5a:5d:
a2:c8:3c:a5:54:c7:24:3c:ef:7d:0c:2a:35:f5:51:5b:e9:3d:
80:3a:57:f8:31:f2:c9:16:35:8e:4a:cb:0e:98:bd:ff:4c:88:
df:04:a7:75:54:b4:9f:15:05:43:cb:15:33:22:70:15:bd:64:
77:ab:42:1a:10:1b:75:79:f8:8c:d4:20:98:98:53:23:b3:1f:
79:bb:fe:61:6c:75:67:e0:f1:0c:61:96:5c:4d:e1:00:f5:ea:
21:68:08:08:48:42:bb:de:48:8a:91:ec:f6:c6:d1:68:a3:09:
e3:77:8c:51:54:9c:5c:73:71:a8:66:a7:10:c6:b4:f8:b6:5a:
39:7c:91:66:f1:8e:fe:89:b9:f4:5f:47:a3:4e:7d:d2:6e:c4:
a5:5f:f0:c4:62:44:49:bd:56:d7:0e:d1:8b:a1:47:4f:e5:2d:
10:e5:77:57:63:ae:b0:0d:c9:24:4f:a0:9a:16:be:58:e3:fa:
69:98:0d:80
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECU5TAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTNlMDUxY2I4MzFkMTk4OTYwN2JiNzZjMGJjNTY5M2ZmOTQ3YjUzMB4XDTIyMDMx
NDA3NTIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY3YjAwMjVkZDUy
Y2IwMjdmYTI2ZmYyYzQxNDYyYzMzMDkzNTkwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFGLKY2tB5feMjuqppOvHCYG8lmqimNPB8BI6mjqlcE+O+A
kAgkMBHiJlm0vEIx66eiBumIbXHGKOnCdAGfeBmP4IRbiExPhPqeivd1akLBE3Na
AngQYTZSd3TtZCVq+L6i0cNyChsUz2cdLW4BTiaGq62Bf6RHZsB90xtDo2mTC1Ii
Wv8RVDqxEKdxWknDqxFpePi3xHJCIckRPc9cfwKFuiJgB3O7dy5HDDOXozZyhmQx
MLNPwOVjtELlNTjdm7TbFnOOOcptLiDBSq55bGxxqg309h2gjXQIduEOL1Nl+AU3
pld4SfvrgDkQcjW2x6rZpL8Dpgr6DLYOdrW4ZucCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ2ewAl3VLLAn+ib/LEFGLDMJNZCDAfBgNVHSMEGDAWgBSBPgUcuDHRmJYH
u3bAvFaT/5R7UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dUNEZITGd4MFppV0I3dDJ3THhXa18tVWUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8x
L05uc0FKZDFTeXdKX29tX3l4QlJpd3pDVFdRZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8xL2dUNEZITGd4MFpp
V0I3dDJ3THhXa18tVWUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnomDANBgkqhkiG9w0BAQsFAAOC
AQEAJMGkITT42JDQXOKOo4EUW+k2Uf1cQO4TEQ99dTOMU7iG8+kXrw7ReWJ6215M
WHKlbYcrx4ZQfb0sxIwLWh+60TJzSNw/MVpdosg8pVTHJDzvfQwqNfVRW+k9gDpX
+DHyyRY1jkrLDpi9/0yI3wSndVS0nxUFQ8sVMyJwFb1kd6tCGhAbdXn4jNQgmJhT
I7Mfebv+YWx1Z+DxDGGWXE3hAPXqIWgICEhCu95IipHs9sbRaKMJ43eMUVScXHNx
qGanEMa0+LZaOXyRZvGO/om59F9Ho0590m7EpV/wxGJESb1W1w7Ri6FHT+UtEOV3
V2OusA3JJE+gmha+WOP6aZgNgA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:50 2024 by rpki-client on console-fra.rpki-client.org