Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/CBtsxFW46vAiIEjaIRjwk1njN_Y.roa
File: CBtsxFW46vAiIEjaIRjwk1njN_Y.roa (raw, json)
Hash identifier: +Xis/vyeW9Oup94S1yesKZjDbF3jQX5n0i5VVLE7ogQ=
Subject key identifier: 08:1B:6C:C4:55:B8:EA:F0:22:20:48:DA:21:18:F0:93:59:E3:37:F6
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 018506E07D3F1C353071C9A7D68AB9E89DF9
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/CBtsxFW46vAiIEjaIRjwk1njN_Y.roa
Signing time: Mon 12 Dec 2022 15:07:33 +0000
ROA not before: Mon 12 Dec 2022 15:07:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 185.77.3.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:e0:7d:3f:1c:35:30:71:c9:a7:d6:8a:b9:e8:9d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Dec 12 15:07:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=081b6cc455b8eaf0222048da2118f09359e337f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2d:44:ca:4e:06:9a:fe:e4:67:ed:97:12:cf:
42:14:1a:c8:5d:63:28:a5:0c:28:4a:94:5f:b8:e1:
fb:b3:ec:8b:7a:23:b9:4d:72:07:e7:2c:96:6f:4d:
bd:f3:e9:2b:15:a8:eb:2a:81:48:68:96:7a:4c:28:
93:b9:d6:c4:f1:c2:96:5a:0a:c3:74:1e:4c:7a:0b:
d2:a6:14:d1:cb:6b:28:68:8e:3f:a5:41:10:4c:ec:
81:3e:12:49:06:4f:4c:e5:98:4e:43:c2:66:83:ef:
a0:fc:fe:4b:e0:17:f7:30:de:62:da:41:42:06:1b:
b6:ea:fc:67:92:66:9c:8f:bc:08:d0:9b:97:f9:a2:
ae:7f:0f:04:b0:7a:a1:ce:d8:df:fa:16:0e:b4:7e:
06:58:c3:d0:b4:3c:d1:f9:7e:47:bb:6e:bf:e7:f7:
59:7b:9c:86:28:58:b9:d8:eb:11:df:6e:d2:42:99:
36:9a:c5:12:f1:2d:db:01:d1:83:92:9d:34:3e:f8:
09:38:bc:60:0c:b7:ad:4f:97:8c:3a:c0:4d:d5:ad:
a4:7b:84:7f:60:c8:43:c9:5c:f0:30:43:e3:f0:eb:
79:36:4e:ec:5e:1a:f7:6e:2e:d6:a9:b8:e4:69:bd:
3d:16:ee:28:57:22:d3:89:eb:47:18:03:5f:96:2e:
33:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1B:6C:C4:55:B8:EA:F0:22:20:48:DA:21:18:F0:93:59:E3:37:F6
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/CBtsxFW46vAiIEjaIRjwk1njN_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:2a:f3:c9:b1:a5:11:90:e6:aa:27:1a:0c:26:74:a4:99:55:
99:82:b0:53:3e:a1:8e:45:bb:7f:b8:55:22:84:70:11:73:05:
44:b8:eb:29:df:73:5b:14:a4:9b:e4:40:63:24:09:7f:21:10:
e3:b2:cb:28:20:62:db:c0:17:d0:f0:16:9b:a1:29:dc:28:fc:
6f:38:1f:4c:be:70:b2:36:ee:68:e9:23:f5:51:60:f2:c9:76:
e4:f0:37:d9:ce:c3:7a:7c:12:a2:22:e6:5b:72:e7:c0:d0:47:
c6:5e:80:70:e3:0c:41:aa:c8:17:c1:a2:a0:a9:2c:0b:a0:ec:
4b:a3:9b:7b:9e:55:a3:83:84:63:a2:b2:9f:c0:be:63:04:41:
7a:0b:62:49:b9:30:7a:4e:ce:9a:72:4b:d8:71:1b:1e:d4:13:
bd:85:a9:88:05:13:ac:22:fc:aa:50:1f:a6:16:3e:5b:ed:72:
5e:65:82:71:22:64:2d:38:ae:1d:18:89:52:43:c7:d5:54:3e:
ef:40:f6:5e:47:eb:42:a1:32:f5:a9:3c:e9:d9:86:94:b4:e0:
39:5a:a2:84:57:05:5c:43:4c:53:ca:a5:50:03:8e:9b:21:75:
2e:54:e0:ed:b9:8f:73:dc:b3:47:c1:9f:7d:24:a1:c3:c3:01:
82:c4:1a:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUG4H0/HDUwccmn1oq56J35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjIxMjEyMTUwNzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFiNmNjNDU1YjhlYWYwMjIyMDQ4ZGEyMTE4ZjA5MzU5ZTMzN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC1Eyk4Gmv7kZ+2XEs9CFBrIXWMo
pQwoSpRfuOH7s+yLeiO5TXIH5yyWb0298+krFajrKoFIaJZ6TCiTudbE8cKWWgrD
dB5MegvSphTRy2soaI4/pUEQTOyBPhJJBk9M5ZhOQ8Jmg++g/P5L4Bf3MN5i2kFC
Bhu26vxnkmacj7wI0JuX+aKufw8EsHqhztjf+hYOtH4GWMPQtDzR+X5Hu26/5/dZ
e5yGKFi52OsR327SQpk2msUS8S3bAdGDkp00PvgJOLxgDLetT5eMOsBN1a2ke4R/
YMhDyVzwMEPj8Ot5Nk7sXhr3bi7Wqbjkab09Fu4oVyLTietHGANfli4zjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAgbbMRVuOrwIiBI2iEY8JNZ4zf2MB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvQ0J0c3hGVzQ2dkFpSUVqYUlSandrMW5qTl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU0DMA0G
CSqGSIb3DQEBCwUAA4IBAQA/KvPJsaURkOaqJxoMJnSkmVWZgrBTPqGORbt/uFUi
hHARcwVEuOsp33NbFKSb5EBjJAl/IRDjsssoIGLbwBfQ8BaboSncKPxvOB9MvnCy
Nu5o6SP1UWDyyXbk8DfZzsN6fBKiIuZbcufA0EfGXoBw4wxBqsgXwaKgqSwLoOxL
o5t7nlWjg4RjorKfwL5jBEF6C2JJuTB6Ts6ackvYcRse1BO9hamIBROsIvyqUB+m
Fj5b7XJeZYJxImQtOK4dGIlSQ8fVVD7vQPZeR+tCoTL1qTzp2YaUtOA5WqKEVwVc
Q0xTyqVQA46bIXUuVODtuY9z3LNHwZ99JKHDwwGCxBrs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:24 2024 by rpki-client on console-ams.rpki-client.org