Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Z0VsBP9WT8XCdgcNDgQ-wBoUa1Y.roa
File: Z0VsBP9WT8XCdgcNDgQ-wBoUa1Y.roa (raw, json)
Hash identifier: LDLePFcBCOZQYVxuJO8nwptrwTGLett8MEylVhnStrw=
Subject key identifier: 67:45:6C:04:FF:56:4F:C5:C2:76:07:0D:0E:04:3E:C0:1A:14:6B:56
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B7B21E1
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Z0VsBP9WT8XCdgcNDgQ-wBoUa1Y.roa
Signing time: Wed 15 Jun 2022 16:02:44 +0000
ROA not before: Wed 15 Jun 2022 16:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200435
IP address blocks: 185.149.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192618977 (0xb7b21e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 15 16:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67456c04ff564fc5c276070d0e043ec01a146b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:15:b5:75:6b:91:a0:b1:b9:41:d2:b7:fc:1a:
23:a9:b2:19:fc:d5:01:c3:62:13:90:3c:17:1e:b8:
42:6f:e9:26:5f:04:a5:99:fd:48:01:02:06:23:7b:
19:f9:cd:de:be:7d:07:54:3b:8e:7f:8d:3d:64:9a:
e3:42:c0:81:f3:9d:05:92:4b:f0:65:fd:1d:c7:a1:
f2:fb:5e:d2:d6:2e:66:36:27:6c:b7:ad:48:b7:56:
59:7a:7b:17:72:46:a0:95:9c:d5:27:c5:a7:f5:80:
0a:7f:8c:41:9d:9f:f6:2e:0f:35:73:54:fb:95:ad:
31:5d:89:09:2a:37:87:6c:88:8c:2b:05:bc:af:f0:
98:31:d4:1d:41:5a:54:63:e3:74:ea:d8:48:e8:58:
50:21:64:5a:83:14:4b:ff:e4:4d:f9:15:3e:ad:79:
1e:c2:ed:74:f4:54:4b:77:27:01:c4:ac:be:e4:fb:
97:46:fe:f6:4f:12:3f:4d:be:f0:72:66:0a:08:b3:
6b:21:a9:e1:5d:2c:5a:77:ea:a1:77:bb:69:97:7c:
36:4b:f0:ae:ce:66:40:e3:0a:5d:6f:d6:c3:24:fa:
bd:3a:a7:b7:61:95:06:b8:cc:1b:68:6c:76:ce:d9:
b4:f2:f9:4e:62:1f:91:7b:df:04:89:2f:10:a5:69:
ca:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:45:6C:04:FF:56:4F:C5:C2:76:07:0D:0E:04:3E:C0:1A:14:6B:56
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Z0VsBP9WT8XCdgcNDgQ-wBoUa1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.13.0/24
Signature Algorithm: sha256WithRSAEncryption
50:22:17:09:a7:24:b6:20:94:02:57:a8:07:bf:8d:f5:16:c2:
2d:73:bc:d9:9a:f1:31:de:e2:8d:e8:d8:1d:a8:a5:81:f5:71:
9e:53:24:73:99:1c:92:22:80:5a:79:c0:3b:8f:0e:68:f1:4a:
f2:e4:f2:6d:1b:cf:74:ec:aa:32:75:00:f2:12:c9:38:03:eb:
06:41:34:e3:cf:bd:fc:ee:93:15:45:dc:85:66:81:25:5c:ce:
7b:b0:ab:e6:67:09:53:5e:20:f8:85:47:8a:0a:4b:6c:b0:f4:
d5:8d:26:c4:8c:5c:b7:30:73:aa:72:6e:e3:e7:ca:58:f6:d9:
06:cf:f9:6f:cf:47:cd:2b:ff:7c:19:6b:87:50:38:14:76:da:
be:cc:42:60:2a:f4:a0:70:f2:da:06:58:f1:5a:49:ba:29:0e:
a0:f1:b8:dd:17:39:f7:fc:df:59:67:86:6e:44:06:30:8d:c1:
9a:7f:9b:02:39:ab:4c:c9:7d:af:39:10:f9:b7:cc:5a:a9:f8:
ae:53:54:a9:62:06:a0:69:66:73:67:97:34:ec:bd:05:46:b6:
97:d3:09:37:6d:39:31:76:93:60:22:b7:e1:d0:f8:62:b6:70:
8a:82:b5:7f:cf:80:5a:0c:a5:5a:b2:60:c5:48:95:a6:8d:83:
b3:ed:b6:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC3sh4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDYx
NTE2MDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc0NTZjMDRmZjU2
NGZjNWMyNzYwNzBkMGUwNDNlYzAxYTE0NmI1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQVtXVrkaCxuUHSt/waI6myGfzVAcNiE5A8Fx64Qm/pJl8E
pZn9SAECBiN7GfnN3r59B1Q7jn+NPWSa40LAgfOdBZJL8GX9Hceh8vte0tYuZjYn
bLetSLdWWXp7F3JGoJWc1SfFp/WACn+MQZ2f9i4PNXNU+5WtMV2JCSo3h2yIjCsF
vK/wmDHUHUFaVGPjdOrYSOhYUCFkWoMUS//kTfkVPq15HsLtdPRUS3cnAcSsvuT7
l0b+9k8SP02+8HJmCgizayGp4V0sWnfqoXe7aZd8Nkvwrs5mQOMKXW/WwyT6vTqn
t2GVBrjMG2hsds7ZtPL5TmIfkXvfBIkvEKVpykkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRnRWwE/1ZPxcJ2Bw0OBD7AGhRrVjAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1owVnNCUDlXVDhYQ2RnY05EZ1Etd0JvVWExWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmVDTANBgkqhkiG9w0BAQsFAAOC
AQEAUCIXCacktiCUAleoB7+N9RbCLXO82ZrxMd7ijejYHailgfVxnlMkc5kckiKA
WnnAO48OaPFK8uTybRvPdOyqMnUA8hLJOAPrBkE048+9/O6TFUXchWaBJVzOe7Cr
5mcJU14g+IVHigpLbLD01Y0mxIxctzBzqnJu4+fKWPbZBs/5b89HzSv/fBlrh1A4
FHbavsxCYCr0oHDy2gZY8VpJuikOoPG43Rc59/zfWWeGbkQGMI3Bmn+bAjmrTMl9
rzkQ+bfMWqn4rlNUqWIGoGlmc2eXNOy9BUa2l9MJN205MXaTYCK34dD4YrZwioK1
f8+AWgylWrJgxUiVpo2Ds+225A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org