Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/QqrIvuIT-nMHz9HuPXQvQjj5Az0.roa
File: QqrIvuIT-nMHz9HuPXQvQjj5Az0.roa (raw, json)
Hash identifier: mR/PXv+nbPtdnE2fbSlGrHrnI9yfPEhvTK27NIzh84o=
Subject key identifier: 42:AA:C8:BE:E2:13:FA:73:07:CF:D1:EE:3D:74:2F:42:38:F9:03:3D
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A7EA256
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/QqrIvuIT-nMHz9HuPXQvQjj5Az0.roa
Signing time: Mon 14 Mar 2022 15:15:05 +0000
ROA not before: Mon 14 Mar 2022 15:15:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.149.12.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176071254 (0xa7ea256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 14 15:15:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42aac8bee213fa7307cfd1ee3d742f4238f9033d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b9:e5:46:ed:67:3c:ac:31:f9:f8:39:c9:63:
06:67:81:cd:8e:0b:bb:2f:07:64:fa:0d:3c:8d:ae:
89:26:9b:11:c4:e3:86:4b:fa:6d:78:00:6e:52:ea:
3c:c0:52:13:f0:1a:21:69:2c:95:c5:11:e5:7b:69:
f1:b2:70:50:8c:f6:e8:a6:9c:af:29:8a:e4:b9:8a:
3e:e7:e8:2e:4d:ec:e2:f7:f0:52:f9:bc:5a:c1:68:
0e:25:05:da:59:5a:09:1a:e4:1d:84:01:ce:5a:61:
be:1e:1e:c2:0e:65:0c:cd:d4:be:37:8f:54:a9:6a:
80:3d:b4:b3:45:30:ba:7a:2d:09:59:bb:97:b9:7b:
fc:dc:05:9a:76:f7:b4:ca:ad:8b:6e:c1:b1:8c:c5:
d9:7e:9b:8c:bf:f3:53:b4:05:bf:4c:71:60:e7:0e:
64:9f:1a:7d:d1:0d:21:70:0f:a6:a6:4d:d9:42:db:
1f:3e:a6:84:69:10:05:db:f0:84:85:0a:4c:4c:b0:
5b:6a:a5:4d:d9:a6:df:76:ef:ea:df:1f:76:27:67:
aa:b6:ad:4f:ce:bd:c8:c5:93:cd:15:16:64:b5:ed:
92:a7:ed:41:7e:5c:2b:4f:94:f6:13:68:5a:0d:22:
ba:a4:da:11:7d:48:9c:3f:aa:2d:22:ab:30:88:cb:
bc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AA:C8:BE:E2:13:FA:73:07:CF:D1:EE:3D:74:2F:42:38:F9:03:3D
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/QqrIvuIT-nMHz9HuPXQvQjj5Az0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.12.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:57:aa:e2:89:7d:3b:d2:cb:8c:5f:ad:64:fd:ce:b4:0c:fa:
1e:d8:b6:34:90:94:f6:38:24:ee:ed:48:09:d8:ad:4f:7d:e4:
24:26:2a:13:08:b0:46:49:7c:6d:8d:d9:5d:11:85:4d:e0:70:
bf:de:33:08:85:f9:46:3a:af:89:7a:fb:8a:e3:87:f1:39:03:
27:ae:98:c9:f7:1e:a1:99:58:49:52:82:98:c2:4d:29:e7:db:
3b:ec:43:c7:d6:ee:d4:61:36:3a:44:97:7e:16:87:4b:4e:69:
d4:0b:ef:bc:4b:da:16:d7:cd:c7:0a:b0:ce:13:f8:48:3a:fe:
22:ec:c9:da:64:3d:80:42:3b:15:38:02:da:a5:f7:63:1a:49:
59:79:e4:96:88:7d:b2:9d:da:d1:92:b3:bb:18:95:94:a9:bd:
4b:21:3e:3b:a6:fa:17:3d:a4:76:c4:5e:df:90:77:a1:c0:a7:
6c:ad:77:3f:e5:0f:d5:03:c3:bb:c9:a4:7c:a2:62:78:c2:bb:
0e:ea:0f:78:24:c5:89:de:ce:80:52:35:a8:97:d4:c1:35:42:
d4:5d:87:d7:e8:48:ed:5a:5d:00:29:f5:bb:df:b3:0a:57:71:
81:05:f6:f7:db:ae:0a:8a:04:b5:c9:7f:a5:b8:d8:45:7e:20:
98:36:a0:25
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECn6iVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMx
NDE1MTUwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDJhYWM4YmVlMjEz
ZmE3MzA3Y2ZkMWVlM2Q3NDJmNDIzOGY5MDMzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMe55UbtZzysMfn4OcljBmeBzY4Luy8HZPoNPI2uiSabEcTj
hkv6bXgAblLqPMBSE/AaIWkslcUR5Xtp8bJwUIz26KacrymK5LmKPufoLk3s4vfw
Uvm8WsFoDiUF2llaCRrkHYQBzlphvh4ewg5lDM3UvjePVKlqgD20s0UwunotCVm7
l7l7/NwFmnb3tMqti27BsYzF2X6bjL/zU7QFv0xxYOcOZJ8afdENIXAPpqZN2ULb
Hz6mhGkQBdvwhIUKTEywW2qlTdmm33bv6t8fdidnqratT869yMWTzRUWZLXtkqft
QX5cK0+U9hNoWg0iuqTaEX1InD+qLSKrMIjLvF0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCqsi+4hP6cwfP0e49dC9COPkDPTAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1Fxckl2dUlULW5NSHo5SHVQWFF2UWpqNUF6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmVDDANBgkqhkiG9w0BAQsFAAOC
AQEAeleq4ol9O9LLjF+tZP3OtAz6Hti2NJCU9jgk7u1ICditT33kJCYqEwiwRkl8
bY3ZXRGFTeBwv94zCIX5RjqviXr7iuOH8TkDJ66YyfceoZlYSVKCmMJNKefbO+xD
x9bu1GE2OkSXfhaHS05p1AvvvEvaFtfNxwqwzhP4SDr+IuzJ2mQ9gEI7FTgC2qX3
YxpJWXnkloh9sp3a0ZKzuxiVlKm9SyE+O6b6Fz2kdsRe35B3ocCnbK13P+UP1QPD
u8mkfKJieMK7DuoPeCTFid7OgFI1qJfUwTVC1F2H1+hI7VpdACn1u9+zCldxgQX2
99uuCooEtcl/pbjYRX4gmDagJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org