Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/pxPb8lMA435mhWCUHOhXhVDfCng.roa
File: pxPb8lMA435mhWCUHOhXhVDfCng.roa (raw, json)
Hash identifier: cltvl2LlwGZDF1PmCDw+gMLKatBkCd8UOd2uBglUiKE=
Subject key identifier: A7:13:DB:F2:53:00:E3:7E:66:85:60:94:1C:E8:57:85:50:DF:0A:78
Certificate issuer: /CN=e1baf90ed13d175452cf5e5a1632a794bf1f4c9a
Certificate serial: 01856EEFCFC99D54CDCC78DD6420D70362DC
Authority key identifier: E1:BA:F9:0E:D1:3D:17:54:52:CF:5E:5A:16:32:A7:94:BF:1F:4C:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4br5DtE9F1RSz15aFjKnlL8fTJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/pxPb8lMA435mhWCUHOhXhVDfCng.roa
Signing time: Sun 01 Jan 2023 20:04:48 +0000
ROA not before: Sun 01 Jan 2023 20:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201608
IP address blocks: 185.69.68.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:cf:c9:9d:54:cd:cc:78:dd:64:20:d7:03:62:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1baf90ed13d175452cf5e5a1632a794bf1f4c9a
Validity
Not Before: Jan 1 20:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a713dbf25300e37e668560941ce8578550df0a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d9:f8:7e:97:c1:05:27:eb:96:8e:42:45:fc:
1d:ae:90:1c:65:3b:30:a4:b3:e8:3e:d7:cc:cb:41:
2b:48:6a:08:0f:76:ad:73:14:8d:22:f7:e3:d3:68:
67:51:ca:40:f7:96:d4:16:55:4a:3c:20:55:3e:2a:
17:a7:f9:89:56:38:f2:d9:6a:c7:e0:20:a3:c1:b1:
7b:8e:35:0f:e0:2f:44:17:a0:83:cc:fe:11:ee:3e:
07:0f:3d:0e:82:f2:68:10:65:f8:36:c0:e5:38:9e:
85:f7:f7:69:4b:1f:3c:64:e7:cf:09:67:f4:8e:ab:
fb:02:66:80:ee:7d:e6:37:7c:5c:70:bc:dd:9d:fd:
46:7c:2c:be:85:7e:5a:6e:1e:fc:3f:10:9f:a5:34:
5d:e9:51:71:a6:39:eb:4b:cd:97:82:ef:6f:2f:33:
ed:da:bf:ae:8c:c7:00:ce:ee:ed:58:13:c7:c5:6b:
c9:59:ff:e2:81:15:84:47:33:de:76:1c:0f:9f:07:
7c:40:55:5a:78:6f:f7:1c:b2:e9:f7:39:94:9f:ec:
7b:c9:2f:29:b9:52:99:da:2e:34:43:0d:22:e4:6c:
5e:67:cd:8a:64:56:ed:44:36:0d:72:e0:38:76:b1:
1d:ff:4b:b8:76:a1:0e:17:27:af:ce:f2:74:56:84:
b0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:13:DB:F2:53:00:E3:7E:66:85:60:94:1C:E8:57:85:50:DF:0A:78
X509v3 Authority Key Identifier:
keyid:E1:BA:F9:0E:D1:3D:17:54:52:CF:5E:5A:16:32:A7:94:BF:1F:4C:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4br5DtE9F1RSz15aFjKnlL8fTJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/pxPb8lMA435mhWCUHOhXhVDfCng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/4br5DtE9F1RSz15aFjKnlL8fTJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.68.0/23
Signature Algorithm: sha256WithRSAEncryption
89:a1:98:ad:a4:0f:10:44:6e:3f:83:f2:04:aa:49:76:2d:e2:
c8:de:28:04:c9:f3:f9:a6:0a:83:72:fe:2f:c8:0f:9a:2a:f5:
4d:d5:90:20:3e:f9:dd:49:dd:78:cd:7f:e8:b7:44:ba:3e:48:
db:99:14:45:53:67:8e:22:77:8a:ec:31:fa:f7:e4:65:f3:a8:
40:ff:41:1f:8b:2f:f1:46:f5:1a:8f:3f:d2:55:ac:6f:7a:ca:
bc:17:d2:75:16:14:bd:f8:be:55:f5:a2:09:fd:32:ca:8b:86:
f8:e5:24:33:1a:b6:f9:24:86:83:68:20:5d:c4:3b:c6:a4:e8:
43:0e:01:19:be:c6:f9:51:37:dc:fa:f4:9a:1e:d8:49:0c:9a:
19:0b:45:d0:14:9b:ad:dd:e6:65:a1:0f:d9:e7:99:b5:99:88:
1d:e4:33:71:4c:33:77:28:e0:0e:b8:f2:e3:05:d0:57:a2:16:
38:bb:35:0c:03:2f:52:2b:ce:78:32:ab:9d:18:f1:40:27:eb:
49:6f:2f:09:cd:a8:0b:98:af:10:3a:4b:7d:49:dc:6e:df:b5:
d4:d8:e5:9c:89:1d:7a:3f:67:26:86:a7:5b:c4:55:4f:66:b2:
61:b7:4c:d3:c3:37:f0:95:f8:5c:f2:61:ba:d1:e5:f9:ba:8c:
25:8f:d5:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu78/JnVTNzHjdZCDXA2LcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYmFmOTBlZDEzZDE3NTQ1MmNmNWU1YTE2MzJhNzk0YmYx
ZjRjOWEwHhcNMjMwMTAxMjAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzEzZGJmMjUzMDBlMzdlNjY4NTYwOTQxY2U4NTc4NTUwZGYwYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNn4fpfBBSfrlo5CRfwdrpAcZTsw
pLPoPtfMy0ErSGoID3atcxSNIvfj02hnUcpA95bUFlVKPCBVPioXp/mJVjjy2WrH
4CCjwbF7jjUP4C9EF6CDzP4R7j4HDz0OgvJoEGX4NsDlOJ6F9/dpSx88ZOfPCWf0
jqv7AmaA7n3mN3xccLzdnf1GfCy+hX5abh78PxCfpTRd6VFxpjnrS82Xgu9vLzPt
2r+ujMcAzu7tWBPHxWvJWf/igRWERzPedhwPnwd8QFVaeG/3HLLp9zmUn+x7yS8p
uVKZ2i40Qw0i5GxeZ82KZFbtRDYNcuA4drEd/0u4dqEOFyevzvJ0VoSwAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcT2/JTAON+ZoVglBzoV4VQ3wp4MB8GA1UdIwQY
MBaAFOG6+Q7RPRdUUs9eWhYyp5S/H0yaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJyNUR0RTlGMVJTejE1YUZqS25sTDhmVEpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNmVmY2YtZTVkOS00OWYwLWIxMWYt
ZDUyZmRjOWU4Mjg3LzEvcHhQYjhsTUE0MzVtaFdDVUhPaFhoVkRmQ25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNmVmY2YtZTVkOS00OWYwLWIxMWYtZDUyZmRjOWU4Mjg3
LzEvNGJyNUR0RTlGMVJTejE1YUZqS25sTDhmVEpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUVEMA0G
CSqGSIb3DQEBCwUAA4IBAQCJoZitpA8QRG4/g/IEqkl2LeLI3igEyfP5pgqDcv4v
yA+aKvVN1ZAgPvndSd14zX/ot0S6PkjbmRRFU2eOIneK7DH69+Rl86hA/0Efiy/x
RvUajz/SVaxvesq8F9J1FhS9+L5V9aIJ/TLKi4b45SQzGrb5JIaDaCBdxDvGpOhD
DgEZvsb5UTfc+vSaHthJDJoZC0XQFJut3eZloQ/Z55m1mYgd5DNxTDN3KOAOuPLj
BdBXohY4uzUMAy9SK854MqudGPFAJ+tJby8JzagLmK8QOkt9Sdxu37XU2OWciR16
P2cmhqdbxFVPZrJht0zTwzfwlfhc8mG60eX5uowlj9XD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:08 2023 by rpki-client on console-fra.rpki-client.org