Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/BY_9P1rwh99lZpTnWHq55i1PBIc.roa
File: BY_9P1rwh99lZpTnWHq55i1PBIc.roa (raw, json)
Hash identifier: TimEleVkNbKlz2u/f0RfQIFiXVdKZnqXyIizKBmvHhw=
Subject key identifier: 05:8F:FD:3F:5A:F0:87:DF:65:66:94:E7:58:7A:B9:E6:2D:4F:04:87
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A5BF80B
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/BY_9P1rwh99lZpTnWHq55i1PBIc.roa
Signing time: Mon 07 Mar 2022 14:19:35 +0000
ROA not before: Mon 07 Mar 2022 14:19:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395111
IP address blocks: 185.149.12.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173799435 (0xa5bf80b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 7 14:19:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=058ffd3f5af087df656694e7587ab9e62d4f0487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:86:d3:22:b3:65:86:74:1f:fc:56:50:f7:04:
7c:3a:3b:c9:56:52:a8:f3:d4:37:0a:2a:14:f3:65:
72:7c:60:5a:7a:5c:a3:c1:05:01:d9:b5:c3:94:e3:
33:f7:9d:2b:ee:9f:1d:71:5d:35:18:a3:ca:45:e6:
41:d8:ad:6a:0b:e4:1d:0d:05:30:49:54:b9:98:0e:
51:81:fb:f2:61:87:4f:00:d6:13:4c:4a:21:e3:27:
d1:45:65:b6:a6:65:1f:32:42:52:16:5a:e4:c9:25:
32:9e:59:99:62:5f:50:62:a3:3c:28:4f:1b:13:30:
1e:f6:3f:f8:f6:60:3b:2b:d2:4d:3f:12:97:b0:06:
cf:ab:20:ca:e6:bb:f9:42:0c:e9:6e:cc:35:5d:4e:
b2:db:7b:19:76:a4:6e:16:8e:11:29:b9:ae:a6:02:
6c:6c:bf:b5:2e:26:56:14:87:fc:a5:49:84:9b:4d:
ed:5f:98:43:f2:51:43:01:b0:68:d0:95:25:7f:d2:
9e:e8:cc:5f:ac:f8:73:3c:68:13:fb:fa:c9:7e:66:
3d:67:b1:50:d4:1d:19:83:9f:bb:55:70:45:80:ec:
db:63:f7:70:1d:15:ba:23:3d:2a:26:82:30:65:aa:
4b:96:e6:71:f0:98:22:77:c0:e7:3d:2e:73:78:68:
e9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8F:FD:3F:5A:F0:87:DF:65:66:94:E7:58:7A:B9:E6:2D:4F:04:87
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/BY_9P1rwh99lZpTnWHq55i1PBIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.12.0/24
Signature Algorithm: sha256WithRSAEncryption
75:44:eb:5c:0d:5c:08:34:bd:03:a8:e6:35:c3:f6:e8:8b:81:
a7:49:39:83:02:26:81:73:e0:bc:37:d3:ff:8a:b7:05:55:22:
3d:53:3f:38:69:73:e3:52:6e:e5:0a:68:ad:ab:bf:03:4c:68:
a1:a4:ba:89:7d:41:63:33:5d:a6:ec:1f:b8:54:f1:3c:5f:af:
db:ab:18:1b:8d:38:21:44:6e:32:0c:7b:1e:44:df:3e:0e:e3:
7c:5a:60:66:9f:f0:d2:6d:c0:7d:b7:bb:5c:99:73:45:59:30:
81:fa:f8:79:82:a3:c8:a6:86:6e:eb:09:89:19:01:f6:f8:19:
ce:e8:58:45:9a:55:05:a2:65:72:41:79:5e:6d:c9:8d:5d:24:
25:49:68:16:c8:94:c0:60:7b:b5:99:24:65:2a:81:ce:d5:d9:
b6:37:6f:f1:9e:05:c5:0f:ec:d2:69:0e:8b:d8:e9:8a:67:fc:
a2:ed:12:fb:60:39:ff:41:14:b1:91:dd:2e:67:7b:66:a7:14:
bf:ce:74:3e:d6:de:5e:55:67:17:af:9e:e2:13:43:12:d8:b7:
50:76:0f:34:6a:38:fd:f4:5c:be:4d:f7:60:ba:04:8e:2f:61:
c8:23:14:8d:4c:f3:3c:38:34:5d:4d:99:bf:f6:66:d2:7c:be:
08:82:7c:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEClv4CzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMw
NzE0MTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU4ZmZkM2Y1YWYw
ODdkZjY1NjY5NGU3NTg3YWI5ZTYyZDRmMDQ4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+G0yKzZYZ0H/xWUPcEfDo7yVZSqPPUNwoqFPNlcnxgWnpc
o8EFAdm1w5TjM/edK+6fHXFdNRijykXmQditagvkHQ0FMElUuZgOUYH78mGHTwDW
E0xKIeMn0UVltqZlHzJCUhZa5MklMp5ZmWJfUGKjPChPGxMwHvY/+PZgOyvSTT8S
l7AGz6sgyua7+UIM6W7MNV1Ostt7GXakbhaOESm5rqYCbGy/tS4mVhSH/KVJhJtN
7V+YQ/JRQwGwaNCVJX/SnujMX6z4czxoE/v6yX5mPWexUNQdGYOfu1VwRYDs22P3
cB0VuiM9KiaCMGWqS5bmcfCYInfA5z0uc3ho6XECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQFj/0/WvCH32VmlOdYernmLU8EhzAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0JZXzlQMXJ3aDk5bFpwVG5XSHE1NWkxUEJJYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmVDDANBgkqhkiG9w0BAQsFAAOC
AQEAdUTrXA1cCDS9A6jmNcP26IuBp0k5gwImgXPgvDfT/4q3BVUiPVM/OGlz41Ju
5Qporau/A0xooaS6iX1BYzNdpuwfuFTxPF+v26sYG404IURuMgx7HkTfPg7jfFpg
Zp/w0m3Afbe7XJlzRVkwgfr4eYKjyKaGbusJiRkB9vgZzuhYRZpVBaJlckF5Xm3J
jV0kJUloFsiUwGB7tZkkZSqBztXZtjdv8Z4FxQ/s0mkOi9jpimf8ou0S+2A5/0EU
sZHdLmd7ZqcUv850PtbeXlVnF6+e4hNDEti3UHYPNGo4/fRcvk33YLoEji9hyCMU
jUzzPDg0XU2Zv/Zm0ny+CIJ8hQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org