Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/nwz-8rRvr7plHUrWH3Ljakd_1aQ.roa
File: nwz-8rRvr7plHUrWH3Ljakd_1aQ.roa (raw, json)
Hash identifier: omXY5wylNS9W9n05QQe7M42SIPtcgNYI5LTpfIjGki0=
Subject key identifier: 9F:0C:FE:F2:B4:6F:AF:BA:65:1D:4A:D6:1F:72:E3:6A:47:7F:D5:A4
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0185C8DAFE7406B9F78B4209454C222AB5D5
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/nwz-8rRvr7plHUrWH3Ljakd_1aQ.roa
Signing time: Thu 19 Jan 2023 07:07:53 +0000
ROA not before: Thu 19 Jan 2023 07:07:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 185.149.12.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c8:da:fe:74:06:b9:f7:8b:42:09:45:4c:22:2a:b5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 19 07:07:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f0cfef2b46fafba651d4ad61f72e36a477fd5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b0:c0:ba:be:f2:50:de:7f:f5:9e:46:54:db:
37:b5:be:2f:8f:1f:68:24:c2:1c:ab:5e:04:e5:c0:
e9:c4:65:9b:07:57:6d:f1:32:22:32:cc:f9:13:ce:
43:30:27:fc:45:5a:67:1f:80:27:35:34:7e:63:9a:
30:63:74:15:af:08:c0:c3:03:b4:b3:d2:d3:e1:ea:
5e:5b:6c:ad:4c:f0:93:25:ee:9b:7e:a4:e9:d8:73:
1e:b4:c4:19:ce:c9:13:72:28:45:37:f8:79:34:14:
08:da:c7:d8:25:cd:5a:5e:e2:32:de:6a:d5:cd:76:
b8:cc:75:c1:f6:35:34:e9:41:9d:66:d0:21:2c:af:
bc:86:25:d0:79:dd:e8:97:d3:67:80:7e:d2:98:c3:
6b:c3:6c:7e:b4:4b:17:71:54:7c:e0:21:cd:0f:fe:
14:ab:dc:ce:07:c7:30:b7:7d:b6:7d:44:c1:39:39:
21:62:a8:49:e3:d4:86:f2:3c:c5:2a:63:d4:3c:53:
3e:db:7c:92:29:c5:bb:92:4a:c8:10:a8:aa:86:d1:
da:5a:d6:d6:28:72:6c:dd:92:7c:70:03:0a:a8:2a:
06:a6:5a:c7:7a:d3:e4:e4:44:1f:4c:74:dd:b6:45:
85:2d:24:b1:bf:88:f6:39:7d:1d:1a:c0:6e:be:63:
bc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:0C:FE:F2:B4:6F:AF:BA:65:1D:4A:D6:1F:72:E3:6A:47:7F:D5:A4
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/nwz-8rRvr7plHUrWH3Ljakd_1aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.12.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:d6:38:20:7c:77:fa:3f:3b:a5:20:6f:01:a5:8a:03:21:8f:
26:70:e8:2e:8f:43:90:54:bc:6d:2a:b9:a6:59:ab:7b:df:43:
9b:40:d7:b0:4a:58:2c:68:d7:cc:09:13:44:1b:27:0d:ea:cb:
d8:a7:b9:8a:89:00:9c:ee:92:be:bf:60:f9:74:91:56:89:21:
a8:54:d9:e5:36:3f:aa:29:d7:41:70:8c:6f:8f:da:6e:f3:75:
ca:7e:1c:63:d9:30:38:17:4d:19:e8:44:f8:b1:e0:e3:6c:53:
d2:c5:bd:1c:14:23:1f:95:af:b8:be:18:b8:62:2c:07:6a:f3:
0b:82:72:ed:c4:95:4a:ba:6f:89:fb:3d:4c:09:c3:26:63:c6:
4a:a3:e6:2f:65:a8:9f:be:1f:2a:b8:22:97:fe:17:f1:0c:cf:
29:2f:9f:cb:4e:1e:2a:85:ed:68:7e:0e:c5:a3:95:98:4b:80:
34:32:45:81:d5:a6:2f:59:a4:56:11:e4:27:e1:e2:21:d9:e4:
7b:eb:bd:af:b0:68:33:62:6d:1d:f5:f4:41:7d:f8:f1:4e:48:
26:a3:f3:5b:d2:3b:a6:ba:c6:c4:87:11:cd:2a:8c:07:bc:56:
b8:63:40:74:e4:03:12:27:7c:c3:31:f0:e4:6d:98:9f:ca:7f:
1f:2a:5f:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXI2v50Brn3i0IJRUwiKrXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwMTE5MDcwNzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjBjZmVmMmI0NmZhZmJhNjUxZDRhZDYxZjcyZTM2YTQ3N2ZkNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7DAur7yUN5/9Z5GVNs3tb4vjx9o
JMIcq14E5cDpxGWbB1dt8TIiMsz5E85DMCf8RVpnH4AnNTR+Y5owY3QVrwjAwwO0
s9LT4epeW2ytTPCTJe6bfqTp2HMetMQZzskTcihFN/h5NBQI2sfYJc1aXuIy3mrV
zXa4zHXB9jU06UGdZtAhLK+8hiXQed3ol9NngH7SmMNrw2x+tEsXcVR84CHND/4U
q9zOB8cwt322fUTBOTkhYqhJ49SG8jzFKmPUPFM+23ySKcW7kkrIEKiqhtHaWtbW
KHJs3ZJ8cAMKqCoGplrHetPk5EQfTHTdtkWFLSSxv4j2OX0dGsBuvmO83wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8M/vK0b6+6ZR1K1h9y42pHf9WkMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvbnd6LThyUnZyN3BsSFVyV0gzTGpha2RfMWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZUMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/1jggfHf6PzulIG8BpYoDIY8mcOguj0OQVLxtKrmm
Wat730ObQNewSlgsaNfMCRNEGycN6svYp7mKiQCc7pK+v2D5dJFWiSGoVNnlNj+q
KddBcIxvj9pu83XKfhxj2TA4F00Z6ET4seDjbFPSxb0cFCMfla+4vhi4YiwHavML
gnLtxJVKum+J+z1MCcMmY8ZKo+YvZaifvh8quCKX/hfxDM8pL5/LTh4qhe1ofg7F
o5WYS4A0MkWB1aYvWaRWEeQn4eIh2eR7672vsGgzYm0d9fRBffjxTkgmo/Nb0jum
usbEhxHNKowHvFa4Y0B05AMSJ3zDMfDkbZifyn8fKl9V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org