Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/QmFQadxeDsMd0fA0BMwwrUQYWRc.roa
File: QmFQadxeDsMd0fA0BMwwrUQYWRc.roa (raw, json)
Hash identifier: E63c2Kwk9KYLVgkn+fjtFuoInmSjX0oQirRRutjkMuM=
Subject key identifier: 42:61:50:69:DC:5E:0E:C3:1D:D1:F0:34:04:CC:30:AD:44:18:59:17
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A8209A8
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/QmFQadxeDsMd0fA0BMwwrUQYWRc.roa
Signing time: Mon 14 Mar 2022 15:53:31 +0000
ROA not before: Mon 14 Mar 2022 15:53:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 185.149.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176294312 (0xa8209a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 14 15:53:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42615069dc5e0ec31dd1f03404cc30ad44185917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0e:3c:53:63:60:40:fd:24:a8:43:b4:06:59:
2f:d2:7b:e3:20:6e:ce:6b:8d:45:7d:80:85:de:8d:
b2:70:ec:15:aa:89:e6:33:51:0f:50:be:7e:36:8c:
56:49:80:d9:b3:71:96:26:ba:21:bd:c9:e1:96:13:
46:6d:83:c0:be:8f:c2:e7:07:eb:92:0d:1e:e3:3f:
37:12:40:56:1d:59:f8:62:b1:10:ee:ae:cc:0d:fc:
76:17:62:80:85:15:4b:ac:e7:bd:5a:88:a7:15:62:
ad:f0:06:82:05:b8:b1:47:37:b4:81:57:61:43:7d:
4b:ac:4d:35:ef:bf:60:5e:66:a7:fb:aa:40:68:28:
89:d6:d4:f0:50:cf:33:66:6d:a1:f6:ce:b1:f5:ef:
95:11:89:01:4c:a5:49:17:a7:4b:0b:74:c1:b3:60:
fb:92:8b:67:48:43:43:f7:05:69:34:10:b3:31:c8:
b8:93:92:ff:87:16:7d:20:14:16:40:64:4c:c7:b9:
25:0b:c5:c0:d3:1a:fc:6a:de:ff:9f:53:5b:c0:57:
10:2c:cf:49:88:dc:31:ce:fd:4b:65:c2:e6:f8:78:
56:0a:fa:d5:17:4c:16:af:65:bf:40:04:a0:e3:55:
8e:48:a9:54:0f:34:5c:ae:bc:87:74:5d:80:2f:9d:
98:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:61:50:69:DC:5E:0E:C3:1D:D1:F0:34:04:CC:30:AD:44:18:59:17
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/QmFQadxeDsMd0fA0BMwwrUQYWRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.13.0/24
Signature Algorithm: sha256WithRSAEncryption
58:1c:f6:65:f5:08:4b:79:2e:55:e8:bc:89:dc:d8:7b:55:b6:
99:8a:05:0e:d1:30:0e:01:29:30:05:51:c3:60:89:8b:a3:ac:
86:ec:2c:4c:e0:cd:87:88:6c:25:b2:d6:3b:d6:40:59:ba:cb:
b1:30:c1:6c:20:48:df:49:ce:a1:84:d7:9b:b7:14:57:9d:91:
c0:e6:00:e8:b2:2d:58:be:8c:6b:48:90:81:e8:2a:9a:a1:d8:
70:b0:64:f6:1c:d3:ad:33:46:00:b4:93:75:fb:31:5f:1f:9b:
28:1f:d9:87:62:bb:7d:4d:f2:e9:30:4b:74:02:f7:4e:37:e0:
ab:7b:9c:47:c1:42:12:85:09:83:4a:00:36:fb:4a:2c:f9:51:
dc:f3:bc:28:db:6a:ce:43:16:32:1a:43:44:fd:da:00:05:90:
09:68:2f:1f:76:ff:c2:0f:0f:90:8c:40:3d:26:cb:7c:46:ec:
24:f5:7b:63:52:25:47:28:af:64:66:dd:c3:f5:27:35:c7:bb:
07:fa:e3:81:63:4d:53:02:66:51:89:bd:12:d9:ba:78:d9:68:
f5:99:17:41:f9:df:82:ad:04:57:6c:0a:c9:85:73:71:3d:29:
ed:9d:6b:b4:b0:07:0a:f1:de:d1:fe:58:2d:e8:c5:e7:da:61:
a1:7b:72:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECoIJqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMx
NDE1NTMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI2MTUwNjlkYzVl
MGVjMzFkZDFmMDM0MDRjYzMwYWQ0NDE4NTkxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8OPFNjYED9JKhDtAZZL9J74yBuzmuNRX2Ahd6NsnDsFaqJ
5jNRD1C+fjaMVkmA2bNxlia6Ib3J4ZYTRm2DwL6PwucH65INHuM/NxJAVh1Z+GKx
EO6uzA38dhdigIUVS6znvVqIpxVirfAGggW4sUc3tIFXYUN9S6xNNe+/YF5mp/uq
QGgoidbU8FDPM2ZtofbOsfXvlRGJAUylSRenSwt0wbNg+5KLZ0hDQ/cFaTQQszHI
uJOS/4cWfSAUFkBkTMe5JQvFwNMa/Gre/59TW8BXECzPSYjcMc79S2XC5vh4Vgr6
1RdMFq9lv0AEoONVjkipVA80XK68h3RdgC+dmGkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCYVBp3F4Owx3R8DQEzDCtRBhZFzAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1FtRlFhZHhlRHNNZDBmQTBCTXd3clVRWVdSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmVDTANBgkqhkiG9w0BAQsFAAOC
AQEAWBz2ZfUIS3kuVei8idzYe1W2mYoFDtEwDgEpMAVRw2CJi6OshuwsTODNh4hs
JbLWO9ZAWbrLsTDBbCBI30nOoYTXm7cUV52RwOYA6LItWL6Ma0iQgegqmqHYcLBk
9hzTrTNGALSTdfsxXx+bKB/Zh2K7fU3y6TBLdAL3Tjfgq3ucR8FCEoUJg0oANvtK
LPlR3PO8KNtqzkMWMhpDRP3aAAWQCWgvH3b/wg8PkIxAPSbLfEbsJPV7Y1IlRyiv
ZGbdw/UnNce7B/rjgWNNUwJmUYm9Etm6eNlo9ZkXQfnfgq0EV2wKyYVzcT0p7Z1r
tLAHCvHe0f5YLejF59phoXtyGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org