Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/JoV5eZr7aGyYp43Q2YjRZ7si54Y.roa
File: JoV5eZr7aGyYp43Q2YjRZ7si54Y.roa (raw, json)
Hash identifier: Ncy1SDTTrv5HS+w8R0qX47az05U1YlyeKJIp/LJkw94=
Subject key identifier: 26:85:79:79:9A:FB:68:6C:98:A7:8D:D0:D9:88:D1:67:BB:22:E7:86
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0188340CF660FA671568FB8D585933C7DA3E
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/JoV5eZr7aGyYp43Q2YjRZ7si54Y.roa
Signing time: Fri 19 May 2023 12:47:24 +0000
ROA not before: Fri 19 May 2023 12:47:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 185.149.14.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:34:0c:f6:60:fa:67:15:68:fb:8d:58:59:33:c7:da:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: May 19 12:47:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=268579799afb686c98a78dd0d988d167bb22e786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cf:24:85:78:87:d9:7d:08:1e:e6:8b:dd:36:
c3:f7:17:a6:ee:72:66:28:47:cd:00:9a:6e:32:73:
a3:21:f4:90:a2:cd:ce:ec:6d:a7:53:c7:7e:1f:4d:
57:50:f6:63:92:b1:fd:3d:13:e3:60:74:fe:af:cd:
32:e0:05:3f:7b:f8:f8:c4:ae:21:47:2c:d1:89:11:
6c:f9:9b:7d:ee:e2:a0:be:3e:21:4e:02:04:8b:d6:
da:d8:ab:11:fe:32:53:90:b0:4e:c8:40:1b:05:27:
cb:5b:8b:ef:c2:21:f4:14:a6:54:c2:fa:65:e5:98:
68:b3:c6:60:a1:d2:6a:f0:cb:aa:aa:5e:9e:2e:9a:
7d:fd:37:90:74:fe:7c:da:4c:f9:94:30:2b:0c:33:
a5:88:c6:5b:50:47:bd:90:0a:c7:93:6d:82:3f:d9:
19:c2:88:62:44:df:67:d2:51:ff:9f:5f:0e:1d:31:
4e:7b:3c:3d:84:25:70:26:16:8e:00:4e:c6:fd:72:
56:5c:c2:f4:98:5b:23:49:cb:71:d2:76:24:a3:b2:
08:f6:9c:bd:5a:1b:77:f7:fc:37:97:60:ba:a4:89:
66:87:0e:e8:ef:d5:42:ee:bb:3d:43:23:67:ff:51:
78:6a:4a:0e:b5:7c:bb:8a:d7:7f:14:78:c6:bb:41:
df:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:85:79:79:9A:FB:68:6C:98:A7:8D:D0:D9:88:D1:67:BB:22:E7:86
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/JoV5eZr7aGyYp43Q2YjRZ7si54Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.14.0/24
Signature Algorithm: sha256WithRSAEncryption
51:dc:87:de:fc:1c:d0:8b:33:8b:72:4d:e4:5a:95:4b:e7:0f:
cf:2b:b0:97:1f:a7:91:29:f8:bb:0b:a6:c4:73:69:33:0b:a5:
ec:2a:17:17:e9:32:a8:69:63:83:0c:44:8e:de:17:36:6b:e6:
36:25:6a:50:b7:05:bb:cc:1b:02:2b:94:70:61:e8:02:6e:23:
88:23:00:ef:5a:c8:c2:87:be:53:3f:ab:6d:83:fd:a2:a0:03:
d5:f1:97:e8:69:78:55:86:49:a3:4f:c3:0a:db:1b:15:86:38:
5d:f3:26:6f:54:6f:81:0e:db:d1:ca:f3:1e:86:cd:b2:04:38:
5a:7b:ae:61:36:68:2e:ea:10:6d:15:76:4a:cd:b3:a4:e7:d4:
2d:31:e6:62:0b:ae:43:56:5d:52:91:6d:ed:f3:a2:a8:7d:b2:
79:8c:db:33:96:ef:ec:59:98:f6:87:d9:a7:5c:f1:db:23:9e:
22:c0:ab:20:b2:43:bd:40:07:78:fb:bc:4a:c1:d2:18:fd:14:
bf:24:ae:d2:4d:cc:35:a5:a3:63:4b:3b:13:7c:e8:bc:60:cc:
4e:ff:4b:a4:1b:1e:bd:78:8a:60:59:04:7c:b5:3b:3b:ac:53:
a1:46:0f:62:0a:98:94:d9:6e:ed:a8:7d:5a:3b:8c:cb:08:7e:
46:67:81:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYg0DPZg+mcVaPuNWFkzx9o+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNTE5MTI0NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjg1Nzk3OTlhZmI2ODZjOThhNzhkZDBkOTg4ZDE2N2JiMjJlNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn88khXiH2X0IHuaL3TbD9xem7nJm
KEfNAJpuMnOjIfSQos3O7G2nU8d+H01XUPZjkrH9PRPjYHT+r80y4AU/e/j4xK4h
RyzRiRFs+Zt97uKgvj4hTgIEi9ba2KsR/jJTkLBOyEAbBSfLW4vvwiH0FKZUwvpl
5Zhos8ZgodJq8Muqql6eLpp9/TeQdP582kz5lDArDDOliMZbUEe9kArHk22CP9kZ
wohiRN9n0lH/n18OHTFOezw9hCVwJhaOAE7G/XJWXML0mFsjSctx0nYko7II9py9
Wht39/w3l2C6pIlmhw7o79VC7rs9QyNn/1F4akoOtXy7itd/FHjGu0HfEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCaFeXma+2hsmKeN0NmI0We7IueGMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvSm9WNWVacjdhR3lZcDQzUTJZalJaN3NpNTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZUOMA0G
CSqGSIb3DQEBCwUAA4IBAQBR3Ife/BzQizOLck3kWpVL5w/PK7CXH6eRKfi7C6bE
c2kzC6XsKhcX6TKoaWODDESO3hc2a+Y2JWpQtwW7zBsCK5RwYegCbiOIIwDvWsjC
h75TP6ttg/2ioAPV8ZfoaXhVhkmjT8MK2xsVhjhd8yZvVG+BDtvRyvMehs2yBDha
e65hNmgu6hBtFXZKzbOk59QtMeZiC65DVl1SkW3t86KofbJ5jNszlu/sWZj2h9mn
XPHbI54iwKsgskO9QAd4+7xKwdIY/RS/JK7STcw1paNjSzsTfOi8YMxO/0ukGx69
eIpgWQR8tTs7rFOhRg9iCpiU2W7tqH1aO4zLCH5GZ4H+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org