Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/60L3jnpiNXQT1DBo_R9LX4YPR2I.roa
File: 60L3jnpiNXQT1DBo_R9LX4YPR2I.roa (raw, json)
Hash identifier: hOg7mS/9E5zQahakS9UBiltDBGnNacXeFDVdTmc/aOk=
Subject key identifier: EB:42:F7:8E:7A:62:35:74:13:D4:30:68:FD:1F:4B:5F:86:0F:47:62
Certificate issuer: /CN=e1baf90ed13d175452cf5e5a1632a794bf1f4c9a
Certificate serial: 1559E31F
Authority key identifier: E1:BA:F9:0E:D1:3D:17:54:52:CF:5E:5A:16:32:A7:94:BF:1F:4C:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4br5DtE9F1RSz15aFjKnlL8fTJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/60L3jnpiNXQT1DBo_R9LX4YPR2I.roa
Signing time: Sat 01 Jan 2022 09:53:10 +0000
ROA not before: Sat 01 Jan 2022 09:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201608
IP address blocks: 185.69.68.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358212383 (0x1559e31f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1baf90ed13d175452cf5e5a1632a794bf1f4c9a
Validity
Not Before: Jan 1 09:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb42f78e7a62357413d43068fd1f4b5f860f4762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a0:d4:09:60:9f:bf:74:4e:d5:fa:6f:a6:39:
a2:ef:37:9b:09:9b:07:e3:ba:fa:c4:b5:f4:ad:d5:
8f:73:92:68:c1:04:27:d7:a2:1d:96:01:1c:e2:d1:
3c:e4:82:de:27:0d:17:99:3d:1b:00:47:9b:91:da:
95:7d:3e:4f:92:26:7c:38:1d:7d:2c:65:9e:45:63:
c2:46:46:1f:89:21:a2:5c:cf:b8:0f:c4:b8:4d:ab:
c8:fd:b7:af:30:b1:e7:dc:65:57:69:0b:db:bf:c4:
48:f3:fb:d6:75:d7:74:e4:34:0b:e4:7f:56:32:38:
ea:5d:24:cb:e0:a7:de:c6:d4:cc:49:a4:fc:a6:14:
73:ba:f2:b7:21:1e:bd:8c:1a:82:0e:ca:44:38:9e:
df:da:b5:93:c4:c1:92:b9:14:97:db:7e:e6:9f:7e:
d3:56:7a:63:6b:d8:c5:cc:19:a2:de:49:f1:6e:51:
ae:ff:ad:6a:a3:6f:1f:a9:28:c8:3c:b6:7f:5a:ee:
75:e8:ec:5d:d5:6c:f6:58:29:49:2a:a4:cf:3c:18:
58:1f:de:75:12:ed:6d:11:73:9c:2e:d7:48:4d:da:
a3:b2:48:74:01:9b:4e:9e:15:5d:63:e7:36:ac:c4:
48:58:f5:7e:d7:00:f8:86:32:6a:62:7c:8a:2d:55:
35:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:42:F7:8E:7A:62:35:74:13:D4:30:68:FD:1F:4B:5F:86:0F:47:62
X509v3 Authority Key Identifier:
keyid:E1:BA:F9:0E:D1:3D:17:54:52:CF:5E:5A:16:32:A7:94:BF:1F:4C:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4br5DtE9F1RSz15aFjKnlL8fTJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/60L3jnpiNXQT1DBo_R9LX4YPR2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/4br5DtE9F1RSz15aFjKnlL8fTJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.68.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:06:bc:f4:de:ad:57:e7:c3:b3:6b:fb:10:e1:e7:6e:2f:1e:
d0:4d:f8:d0:4e:b2:20:c4:4a:65:5e:e4:60:6e:12:10:ec:f8:
c9:d1:da:4d:26:19:37:18:e8:08:41:46:da:d7:56:05:7e:89:
79:05:17:38:b6:9c:0e:c5:09:f7:03:5c:21:7a:eb:8e:0c:a9:
2c:41:a1:ce:6b:76:7b:15:90:5c:28:03:19:dc:da:d8:1b:39:
c7:ce:cf:ca:bf:5f:50:02:0d:31:b3:16:1a:d1:84:86:65:01:
6e:d4:a1:3b:bc:cd:f4:4b:b9:4d:ad:af:83:30:ae:58:6e:73:
ca:a4:5d:8d:a3:28:62:cc:88:2e:1e:76:3e:ed:d9:aa:cd:3c:
24:ba:fa:b7:6e:42:a8:39:f4:7f:af:6c:35:8c:cf:6e:d3:f1:
5a:9c:b7:81:64:d6:1a:c0:11:ca:e7:8f:af:c2:90:78:a3:ff:
9d:71:67:b0:37:2a:e6:8b:df:aa:81:0f:b2:37:65:e8:80:4b:
ea:a3:c3:6a:46:1d:99:37:59:b1:4d:64:61:ca:53:a6:98:99:
14:bd:96:bc:b1:80:72:c7:ee:7a:7d:cc:12:65:4d:46:56:96:
2c:71:fd:5d:8d:e8:84:72:bf:69:d6:50:f7:3b:5a:0f:46:1f:
cb:1d:62:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFVnjHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MWJhZjkwZWQxM2QxNzU0NTJjZjVlNWExNjMyYTc5NGJmMWY0YzlhMB4XDTIyMDEw
MTA5NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWI0MmY3OGU3YTYy
MzU3NDEzZDQzMDY4ZmQxZjRiNWY4NjBmNDc2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyg1Algn790TtX6b6Y5ou83mwmbB+O6+sS19K3Vj3OSaMEE
J9eiHZYBHOLRPOSC3icNF5k9GwBHm5HalX0+T5ImfDgdfSxlnkVjwkZGH4kholzP
uA/EuE2ryP23rzCx59xlV2kL27/ESPP71nXXdOQ0C+R/VjI46l0ky+Cn3sbUzEmk
/KYUc7rytyEevYwagg7KRDie39q1k8TBkrkUl9t+5p9+01Z6Y2vYxcwZot5J8W5R
rv+taqNvH6koyDy2f1rudejsXdVs9lgpSSqkzzwYWB/edRLtbRFznC7XSE3ao7JI
dAGbTp4VXWPnNqzESFj1ftcA+IYyamJ8ii1VNWkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTrQveOemI1dBPUMGj9H0tfhg9HYjAfBgNVHSMEGDAWgBThuvkO0T0XVFLP
XloWMqeUvx9MmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRicjVEdEU5RjFSU3oxNWFGaktubEw4ZlRKby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvZTZlZmNmLWU1ZDktNDlmMC1iMTFmLWQ1MmZkYzllODI4Ny8x
LzYwTDNqbnBpTlhRVDFEQm9fUjlMWDRZUFIySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
ZTZlZmNmLWU1ZDktNDlmMC1iMTFmLWQ1MmZkYzllODI4Ny8xLzRicjVEdEU5RjFS
U3oxNWFGaktubEw4ZlRKby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblFRDANBgkqhkiG9w0BAQsFAAOC
AQEAsga89N6tV+fDs2v7EOHnbi8e0E340E6yIMRKZV7kYG4SEOz4ydHaTSYZNxjo
CEFG2tdWBX6JeQUXOLacDsUJ9wNcIXrrjgypLEGhzmt2exWQXCgDGdza2Bs5x87P
yr9fUAINMbMWGtGEhmUBbtShO7zN9Eu5Ta2vgzCuWG5zyqRdjaMoYsyILh52Pu3Z
qs08JLr6t25CqDn0f69sNYzPbtPxWpy3gWTWGsARyuePr8KQeKP/nXFnsDcq5ovf
qoEPsjdl6IBL6qPDakYdmTdZsU1kYcpTppiZFL2WvLGAcsfuen3MEmVNRlaWLHH9
XY3ohHK/adZQ9ztaD0Yfyx1iIg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:49 2023 by rpki-client on console-ams.rpki-client.org