Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tEIXbtyzn4TLOZjoQ2hU2oDCTz4.roa
File: tEIXbtyzn4TLOZjoQ2hU2oDCTz4.roa (raw, json)
Hash identifier: kajktCzEJ2YZmVIVqVeW+kybs1SERj1kiaR+NgCfF/c=
Subject key identifier: B4:42:17:6E:DC:B3:9F:84:CB:39:98:E8:43:68:54:DA:80:C2:4F:3E
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0189545D5D7CF8E3601A6D447DF2DF62C17C
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tEIXbtyzn4TLOZjoQ2hU2oDCTz4.roa
Signing time: Fri 14 Jul 2023 12:25:52 +0000
ROA not before: Fri 14 Jul 2023 12:25:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 185.149.12.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:5d:5d:7c:f8:e3:60:1a:6d:44:7d:f2:df:62:c1:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jul 14 12:25:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b442176edcb39f84cb3998e8436854da80c24f3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7d:f2:60:a0:60:9c:c7:3a:6d:21:19:82:c1:
ae:3a:a8:a4:de:ee:08:5b:b0:a0:ae:9a:d0:d5:92:
25:90:69:38:e6:91:80:ea:6f:0c:89:83:8d:d4:fb:
af:29:ae:68:a7:9f:96:d1:5e:af:cd:56:c1:b4:c8:
d7:9d:2c:36:5a:cc:15:6e:24:71:18:61:94:40:e2:
0b:c3:6d:ad:ef:b4:b9:00:b1:6b:11:10:52:75:aa:
b3:58:d0:bc:d4:7b:1d:cd:6c:92:ec:d5:1d:0e:dd:
bc:ca:84:b6:d4:6f:8d:8d:30:ac:e8:47:69:02:0a:
cf:e6:b6:86:93:4c:66:6e:6f:8a:1e:3f:dd:59:58:
47:58:f5:1a:b9:fa:9c:4b:37:a4:fb:ea:f8:6d:ee:
08:dc:c1:6e:5f:99:8b:61:df:9e:7c:2a:b2:a8:f6:
d7:ed:61:9c:6e:b1:68:6d:61:ae:cc:67:4b:93:9c:
fa:cb:7b:24:e5:1e:5c:fc:85:d1:8a:de:df:c5:07:
28:32:52:0a:9f:fb:05:96:d2:fa:9b:cf:de:ee:7c:
c9:a0:71:47:ff:38:63:3c:8f:09:a0:76:87:93:20:
34:a6:2d:3d:c7:3f:6d:cf:be:04:04:a5:ad:0d:58:
8e:4c:ce:78:af:17:54:8e:5e:6d:d9:1a:d1:d2:fb:
ca:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:42:17:6E:DC:B3:9F:84:CB:39:98:E8:43:68:54:DA:80:C2:4F:3E
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tEIXbtyzn4TLOZjoQ2hU2oDCTz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:49:57:7c:e1:24:e3:ec:3e:03:99:dd:c4:34:99:66:03:04:
88:52:c8:cb:fe:c5:f3:63:30:9b:df:e2:a5:5c:9e:db:8f:24:
75:c3:c2:2f:fe:6b:68:4e:59:0a:bb:07:56:10:87:6b:7d:47:
6b:32:a9:bd:ae:f7:30:55:06:e8:3c:1d:1d:c3:cb:50:8f:8c:
23:69:64:1e:de:15:92:b0:9c:9d:2e:95:a8:0d:78:14:14:1b:
71:9d:44:fb:49:49:9b:b9:2a:05:e8:eb:94:0f:39:4c:91:6f:
96:ff:54:78:cb:11:36:29:b8:f6:14:9e:6f:ed:22:c2:69:59:
80:69:ff:16:7b:a3:1e:84:96:8a:d9:aa:2f:b1:8b:a5:26:4c:
01:4d:e3:d2:df:f2:83:13:30:5d:b4:75:01:58:42:2d:34:14:
69:77:14:00:23:fe:68:00:bd:47:bf:ad:e5:0e:cb:6e:5c:e8:
9f:8a:06:24:b2:62:20:53:2d:f7:91:41:7a:f3:e4:9f:65:75:
2e:e7:9d:29:f6:2b:1d:c7:3c:8e:93:98:8d:97:fc:1a:18:0a:
17:70:97:af:40:df:2d:87:e1:93:d2:fa:2f:2b:77:e3:a5:97:
72:2f:14:f8:cd:ea:d7:e1:46:61:32:9d:f5:4e:9a:5b:6a:d3:
2d:fa:ca:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlUXV18+ONgGm1EffLfYsF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNzE0MTIyNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDQyMTc2ZWRjYjM5Zjg0Y2IzOTk4ZTg0MzY4NTRkYTgwYzI0ZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg33yYKBgnMc6bSEZgsGuOqik3u4I
W7CgrprQ1ZIlkGk45pGA6m8MiYON1PuvKa5op5+W0V6vzVbBtMjXnSw2WswVbiRx
GGGUQOILw22t77S5ALFrERBSdaqzWNC81HsdzWyS7NUdDt28yoS21G+NjTCs6Edp
AgrP5raGk0xmbm+KHj/dWVhHWPUaufqcSzek++r4be4I3MFuX5mLYd+efCqyqPbX
7WGcbrFobWGuzGdLk5z6y3sk5R5c/IXRit7fxQcoMlIKn/sFltL6m8/e7nzJoHFH
/zhjPI8JoHaHkyA0pi09xz9tz74EBKWtDViOTM54rxdUjl5t2RrR0vvK6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRCF27cs5+EyzmY6ENoVNqAwk8+MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvdEVJWGJ0eXpuNFRMT1pqb1EyaFUyb0RDVHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZUMMA0G
CSqGSIb3DQEBCwUAA4IBAQBtSVd84STj7D4Dmd3ENJlmAwSIUsjL/sXzYzCb3+Kl
XJ7bjyR1w8Iv/mtoTlkKuwdWEIdrfUdrMqm9rvcwVQboPB0dw8tQj4wjaWQe3hWS
sJydLpWoDXgUFBtxnUT7SUmbuSoF6OuUDzlMkW+W/1R4yxE2Kbj2FJ5v7SLCaVmA
af8We6MehJaK2aovsYulJkwBTePS3/KDEzBdtHUBWEItNBRpdxQAI/5oAL1Hv63l
DstuXOifigYksmIgUy33kUF68+SfZXUu550p9isdxzyOk5iNl/waGAoXcJevQN8t
h+GT0vovK3fjpZdyLxT4zerX4UZhMp31TppbatMt+sps
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org