Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Cm0czMZsvNBbZKO_Ok_qAWZfenw.roa
File: Cm0czMZsvNBbZKO_Ok_qAWZfenw.roa (raw, json)
Hash identifier: tQLXo/inDauwh5rkn4wNDU3lBQHkt3Hoee6r2hC29RY=
Subject key identifier: 0A:6D:1C:CC:C6:6C:BC:D0:5B:64:A3:BF:3A:4F:EA:01:66:5F:7A:7C
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B671A5F
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Cm0czMZsvNBbZKO_Ok_qAWZfenw.roa
Signing time: Wed 08 Jun 2022 16:35:02 +0000
ROA not before: Wed 08 Jun 2022 16:35:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200435
IP address blocks: 185.149.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 191306335 (0xb671a5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 8 16:35:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a6d1cccc66cbcd05b64a3bf3a4fea01665f7a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:93:0b:cd:13:4f:73:4b:25:51:b9:eb:af:42:
7d:72:80:b6:af:7c:2d:bd:ee:7b:63:d6:54:23:c0:
31:6c:d5:f1:db:63:09:2d:42:91:e8:45:25:a7:ed:
48:0d:85:91:c0:5c:45:a7:7b:d2:7f:15:d4:aa:7f:
5a:2c:28:ca:1d:3d:bf:d6:dc:2f:f1:98:9a:03:5c:
13:ac:80:ba:d9:21:9c:51:54:64:df:1b:b6:11:2f:
5e:63:8e:d0:a4:f4:c5:91:e4:f5:5e:62:7f:80:e7:
5d:08:f8:f0:4f:01:b7:90:72:1a:f6:6d:ce:cc:ea:
ee:6f:a4:40:b4:17:55:73:d0:4d:44:88:ce:ba:34:
a9:d3:c9:e7:ab:08:53:cb:17:be:1e:0a:2c:93:03:
c7:d8:db:00:96:98:9b:1a:24:04:0f:b4:a2:81:c5:
aa:9b:a2:dd:d0:00:5e:86:3c:70:21:93:90:5f:3b:
89:ed:90:95:7f:a5:80:aa:43:08:9c:ac:c5:ca:7f:
a2:f9:f3:ef:40:b3:15:72:a8:06:ef:d6:9c:77:f1:
32:75:ce:d8:c5:f7:a0:64:46:88:4a:a8:65:8e:51:
ad:d9:bc:20:d0:01:ab:52:3f:95:4d:a6:d0:41:28:
61:8f:7b:b6:6b:c9:66:75:32:b1:f6:43:01:c0:d7:
17:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6D:1C:CC:C6:6C:BC:D0:5B:64:A3:BF:3A:4F:EA:01:66:5F:7A:7C
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Cm0czMZsvNBbZKO_Ok_qAWZfenw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.13.0/24
Signature Algorithm: sha256WithRSAEncryption
22:96:15:29:bd:20:74:74:2e:91:a1:03:e6:05:90:ac:a4:f6:
17:d3:93:f2:08:85:39:7c:51:b9:9f:ba:b0:7d:6e:20:9e:28:
2c:80:b0:27:ed:90:38:9a:4c:b2:d6:5d:64:cb:43:8f:b2:32:
ef:d4:5c:75:bc:7b:47:8d:0e:13:63:06:51:af:7d:e3:79:c4:
da:1b:94:34:46:7a:86:63:19:f1:65:3d:c8:c9:b8:0f:f7:a3:
19:77:0b:19:5a:72:5a:db:fc:04:6b:87:b9:45:95:7f:27:6e:
83:b4:11:6e:f3:84:64:80:55:a3:a8:34:6b:7b:7f:49:31:85:
34:de:ba:72:38:cc:c2:45:1f:d8:47:3e:72:d5:06:ef:cb:a3:
4a:ba:68:a8:e7:88:ca:08:4a:55:a1:c3:6a:13:24:ae:2d:1c:
f7:86:c6:b6:8d:fb:42:a1:1f:a1:fc:05:2d:c8:1f:fa:f4:f5:
b8:5b:af:94:dd:64:4a:fa:dd:9d:ea:d9:51:d4:b7:07:90:25:
ff:c7:c3:f6:cf:79:66:dc:08:a1:71:4f:48:10:44:ec:e3:4b:
55:3c:82:48:de:b0:20:35:2b:26:87:95:72:4b:fa:29:bc:9a:
27:1b:f8:58:27:d8:1d:3c:f9:5a:ae:a2:19:43:74:9d:58:c8:
f5:0b:c6:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC2caXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDYw
ODE2MzUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE2ZDFjY2NjNjZj
YmNkMDViNjRhM2JmM2E0ZmVhMDE2NjVmN2E3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJiTC80TT3NLJVG5669CfXKAtq98Lb3ue2PWVCPAMWzV8dtj
CS1CkehFJaftSA2FkcBcRad70n8V1Kp/Wiwoyh09v9bcL/GYmgNcE6yAutkhnFFU
ZN8bthEvXmOO0KT0xZHk9V5if4DnXQj48E8Bt5ByGvZtzszq7m+kQLQXVXPQTUSI
zro0qdPJ56sIU8sXvh4KLJMDx9jbAJaYmxokBA+0ooHFqpui3dAAXoY8cCGTkF87
ie2QlX+lgKpDCJysxcp/ovnz70CzFXKoBu/WnHfxMnXO2MX3oGRGiEqoZY5Rrdm8
INABq1I/lU2m0EEoYY97tmvJZnUysfZDAcDXF30CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQKbRzMxmy80Ftko786T+oBZl96fDAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0NtMGN6TVpzdk5CYlpLT19Pa19xQVdaZmVudy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmVDTANBgkqhkiG9w0BAQsFAAOC
AQEAIpYVKb0gdHQukaED5gWQrKT2F9OT8giFOXxRuZ+6sH1uIJ4oLICwJ+2QOJpM
stZdZMtDj7Iy79Rcdbx7R40OE2MGUa9943nE2huUNEZ6hmMZ8WU9yMm4D/ejGXcL
GVpyWtv8BGuHuUWVfydug7QRbvOEZIBVo6g0a3t/STGFNN66cjjMwkUf2Ec+ctUG
78ujSrpoqOeIyghKVaHDahMkri0c94bGto37QqEfofwFLcgf+vT1uFuvlN1kSvrd
nerZUdS3B5Al/8fD9s95ZtwIoXFPSBBE7ONLVTyCSN6wIDUrJoeVckv6KbyaJxv4
WCfYHTz5Wq6iGUN0nVjI9QvGYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org