Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/4AzAl5in3mud34oTxTn4GukS-Vc.roa
File: 4AzAl5in3mud34oTxTn4GukS-Vc.roa (raw, json)
Hash identifier: 6usMkBkyrXguUtVAQHBbUWoa2pOY96M2ZFNmcmOkrnM=
Subject key identifier: E0:0C:C0:97:98:A7:DE:6B:9D:DF:8A:13:C5:39:F8:1A:E9:12:F9:57
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A77DACD
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/4AzAl5in3mud34oTxTn4GukS-Vc.roa
Signing time: Mon 14 Mar 2022 13:42:29 +0000
ROA not before: Mon 14 Mar 2022 13:42:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395111
IP address blocks: 185.149.12.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175626957 (0xa77dacd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 14 13:42:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e00cc09798a7de6b9ddf8a13c539f81ae912f957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dc:f1:75:08:55:d4:f0:5c:8e:2a:de:1d:f0:
da:53:73:6f:74:62:30:9e:c7:3c:54:54:a2:6b:f0:
25:49:5a:52:f1:45:b9:93:48:85:1a:1f:1e:e6:e1:
1a:1f:d1:3f:b1:24:81:fb:36:72:86:76:42:69:f0:
8a:29:53:59:4e:a6:1d:16:d0:1b:ab:11:89:79:d8:
06:1e:ee:c5:31:19:b5:7d:e4:5c:28:dd:c9:c8:4a:
74:ca:4f:ad:03:8c:72:aa:36:3f:a8:c9:2e:a6:18:
8a:3e:71:75:9a:e6:53:e6:a9:44:de:71:a5:ba:7d:
1d:85:86:f1:61:a5:38:5d:0c:26:f0:cc:cd:cc:29:
e6:1e:90:14:9c:e1:87:1e:a4:26:aa:4e:89:8e:07:
5b:25:5e:ec:fa:46:7b:4e:e1:18:52:32:9f:ba:06:
31:af:ed:1a:3e:4a:6f:2b:c5:88:c4:a0:da:b6:2b:
50:99:cc:6e:ea:1d:b4:67:e0:cb:5a:62:d4:c5:42:
1a:d2:2c:a6:eb:f1:a7:03:25:31:5e:22:92:fe:69:
34:8f:cb:80:3e:45:f2:b6:eb:28:ac:49:b7:64:07:
4d:98:10:1f:5b:f8:81:b9:77:01:40:dd:28:0b:01:
ae:f9:47:63:f9:f1:64:d7:bc:66:26:05:7e:35:c1:
56:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:0C:C0:97:98:A7:DE:6B:9D:DF:8A:13:C5:39:F8:1A:E9:12:F9:57
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/4AzAl5in3mud34oTxTn4GukS-Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.12.0/24
Signature Algorithm: sha256WithRSAEncryption
39:d5:53:43:cf:c0:d9:f5:89:ad:ba:c4:3e:9f:2c:98:78:2a:
76:79:5a:03:ca:e4:ea:c8:19:61:c9:9a:09:fd:d9:67:c9:e7:
0f:5d:23:62:b7:1e:8d:50:ed:04:6c:f2:d2:f8:c9:88:7c:d6:
72:66:5a:3f:e7:99:6e:3c:d1:8d:ad:3b:30:6d:c4:40:d1:86:
c4:61:d2:f8:3e:b7:39:b7:e0:86:56:8a:eb:7d:1b:b5:85:fa:
be:8d:42:79:7e:25:a1:a3:73:01:3a:54:3c:21:62:77:46:f2:
bb:c5:68:ec:bb:51:da:45:c2:9c:9c:63:fe:09:33:77:fe:1f:
35:0c:4c:3e:dd:b5:1e:86:73:6f:6a:76:94:6a:84:55:07:67:
74:18:c6:07:ca:e1:10:e0:2a:e9:43:36:37:1e:68:29:88:13:
cf:b7:c9:4f:ca:61:30:1c:a9:d7:64:c2:51:19:7c:b7:de:3f:
c6:7e:e3:cb:10:31:a6:99:21:56:ca:e3:26:1a:7e:88:8e:17:
95:d2:f7:31:34:02:bc:2d:ec:18:3f:bc:af:b5:ac:19:25:4a:
04:a3:39:b1:d9:06:0f:25:b2:fd:98:1b:e4:04:ff:22:06:8c:
b7:0a:d3:5c:7d:5d:0d:81:31:d7:5f:76:f8:65:46:2a:96:c2:
e6:2e:21:e2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECnfazTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMx
NDEzNDIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAwY2MwOTc5OGE3
ZGU2YjlkZGY4YTEzYzUzOWY4MWFlOTEyZjk1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXc8XUIVdTwXI4q3h3w2lNzb3RiMJ7HPFRUomvwJUlaUvFF
uZNIhRofHubhGh/RP7Ekgfs2coZ2QmnwiilTWU6mHRbQG6sRiXnYBh7uxTEZtX3k
XCjdychKdMpPrQOMcqo2P6jJLqYYij5xdZrmU+apRN5xpbp9HYWG8WGlOF0MJvDM
zcwp5h6QFJzhhx6kJqpOiY4HWyVe7PpGe07hGFIyn7oGMa/tGj5KbyvFiMSg2rYr
UJnMbuodtGfgy1pi1MVCGtIspuvxpwMlMV4ikv5pNI/LgD5F8rbrKKxJt2QHTZgQ
H1v4gbl3AUDdKAsBrvlHY/nxZNe8ZiYFfjXBVu0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTgDMCXmKfea53fihPFOfga6RL5VzAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzRBekFsNWluM211ZDM0b1R4VG40R3VrUy1WYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmVDDANBgkqhkiG9w0BAQsFAAOC
AQEAOdVTQ8/A2fWJrbrEPp8smHgqdnlaA8rk6sgZYcmaCf3ZZ8nnD10jYrcejVDt
BGzy0vjJiHzWcmZaP+eZbjzRja07MG3EQNGGxGHS+D63ObfghlaK630btYX6vo1C
eX4loaNzATpUPCFid0byu8Vo7LtR2kXCnJxj/gkzd/4fNQxMPt21HoZzb2p2lGqE
VQdndBjGB8rhEOAq6UM2Nx5oKYgTz7fJT8phMByp12TCURl8t94/xn7jyxAxppkh
VsrjJhp+iI4XldL3MTQCvC3sGD+8r7WsGSVKBKM5sdkGDyWy/Zgb5AT/IgaMtwrT
XH1dDYEx1192+GVGKpbC5i4h4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org