Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/03ed98-95ec-498e-bfe0-8f35f835082f/1/bNX7iM1Y0s9PSd0ggps_c_JT1Q4.roa
File: bNX7iM1Y0s9PSd0ggps_c_JT1Q4.roa (raw, json)
Hash identifier: P9Fy/VWc+Xzt+2WVhjhvWzZD67clNncvq2F0A7/OjHU=
Subject key identifier: 6C:D5:FB:88:CD:58:D2:CF:4F:49:DD:20:82:9B:3F:73:F2:53:D5:0E
Certificate issuer: /CN=29825ace865225eccb273541c4ed21cda1333d13
Certificate serial: 018CC8018C33D802F8BDA87D251E18A94CD9
Authority key identifier: 29:82:5A:CE:86:52:25:EC:CB:27:35:41:C4:ED:21:CD:A1:33:3D:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYJazoZSJezLJzVBxO0hzaEzPRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/03ed98-95ec-498e-bfe0-8f35f835082f/1/bNX7iM1Y0s9PSd0ggps_c_JT1Q4.roa
Signing time: Tue 02 Jan 2024 02:29:53 +0000
ROA not before: Tue 02 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206221
IP address blocks: 185.1.240.0/24 maxlen: 24
2001:7f8:12a::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:8c:33:d8:02:f8:bd:a8:7d:25:1e:18:a9:4c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29825ace865225eccb273541c4ed21cda1333d13
Validity
Not Before: Jan 2 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cd5fb88cd58d2cf4f49dd20829b3f73f253d50e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:52:a3:f3:06:b7:27:eb:a9:5d:e9:f2:e1:f8:
0a:fa:c4:92:72:a2:28:60:60:6c:88:da:92:91:60:
4d:ab:d6:ea:8a:78:c8:55:98:61:c9:38:63:8d:8a:
d6:77:4f:41:37:cd:cc:b7:b7:72:31:34:ea:5d:0b:
16:d6:3c:fa:12:1e:c0:fc:01:9c:2d:9b:38:84:7e:
84:a6:df:6e:4a:ab:81:03:b8:95:27:bd:78:3e:3c:
12:8d:f9:29:e2:f7:ae:4f:57:2a:ef:59:a2:ce:ae:
90:f1:eb:8e:48:5f:1d:50:29:2b:0a:a3:20:c5:d2:
96:55:06:f3:21:2e:1a:b2:44:c1:45:1b:9e:cd:a0:
51:58:8c:0a:c9:09:82:24:0f:a8:82:32:ea:7d:7e:
9b:55:86:7c:07:1b:9d:0e:3a:cf:ec:44:d8:a3:64:
8f:aa:e3:59:62:33:8b:06:1b:04:a5:22:79:1e:92:
0f:27:c3:12:60:c6:56:86:ad:f4:af:4d:96:88:4f:
63:ae:3c:71:80:c6:2c:80:b2:39:a6:59:07:d0:c0:
32:d1:ef:e1:01:25:ab:13:5b:ed:9a:3e:ae:06:e9:
cd:a6:79:1d:1a:76:aa:9f:de:71:63:e7:ee:44:67:
4a:05:10:80:7f:76:4d:8e:26:3e:46:3d:b8:aa:ab:
be:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D5:FB:88:CD:58:D2:CF:4F:49:DD:20:82:9B:3F:73:F2:53:D5:0E
X509v3 Authority Key Identifier:
keyid:29:82:5A:CE:86:52:25:EC:CB:27:35:41:C4:ED:21:CD:A1:33:3D:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYJazoZSJezLJzVBxO0hzaEzPRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/03ed98-95ec-498e-bfe0-8f35f835082f/1/bNX7iM1Y0s9PSd0ggps_c_JT1Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/03ed98-95ec-498e-bfe0-8f35f835082f/1/KYJazoZSJezLJzVBxO0hzaEzPRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.240.0/24
IPv6:
2001:7f8:12a::/48
Signature Algorithm: sha256WithRSAEncryption
15:f2:e3:5a:10:60:8d:7a:29:39:92:78:d2:f7:f4:7c:68:24:
8e:0c:f3:da:3e:1d:db:d8:18:9a:02:77:56:18:5d:cb:81:29:
ec:c2:ae:34:30:b1:98:43:6a:92:43:5a:f7:2b:1d:b0:cd:b6:
8f:e3:fc:bb:9b:22:59:9d:22:1a:a5:76:bc:56:06:0b:e3:ac:
bf:c8:87:a2:88:48:c9:bc:69:91:a2:1d:c2:d3:25:31:04:94:
86:c8:a0:df:16:f4:3a:c9:cd:9f:b0:bd:e8:1a:c3:52:c3:d6:
b5:9d:dd:53:74:b5:27:f3:35:55:1b:86:ef:1a:fe:08:e3:95:
89:c1:d0:46:c5:74:6e:1d:5d:78:b0:fa:a6:43:c4:98:66:db:
89:b7:3d:ee:1c:a5:df:20:a8:4f:be:f2:06:34:4d:15:be:2d:
b5:21:72:82:ba:35:25:40:b1:d3:5c:41:c5:6b:51:cc:4d:b2:
f8:f8:1e:59:d7:17:b7:d9:7a:5b:d5:de:f3:87:68:37:5e:e5:
60:40:6a:a1:05:48:78:92:fc:6e:21:ab:2a:68:bc:4b:0e:9a:
1f:ab:03:af:19:88:49:5b:9b:72:a9:29:9d:54:5c:02:76:08:
c6:c1:aa:8a:89:81:0a:47:91:a4:0e:47:0d:35:e3:c2:12:2f:
2e:0f:8c:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAYwz2AL4vah9JR4YqUzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODI1YWNlODY1MjI1ZWNjYjI3MzU0MWM0ZWQyMWNkYTEz
MzNkMTMwHhcNMjQwMTAyMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q1ZmI4OGNkNThkMmNmNGY0OWRkMjA4MjliM2Y3M2YyNTNkNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVKj8wa3J+upXeny4fgK+sSScqIo
YGBsiNqSkWBNq9bqinjIVZhhyThjjYrWd09BN83Mt7dyMTTqXQsW1jz6Eh7A/AGc
LZs4hH6Ept9uSquBA7iVJ714PjwSjfkp4veuT1cq71mizq6Q8euOSF8dUCkrCqMg
xdKWVQbzIS4askTBRRuezaBRWIwKyQmCJA+ogjLqfX6bVYZ8BxudDjrP7ETYo2SP
quNZYjOLBhsEpSJ5HpIPJ8MSYMZWhq30r02WiE9jrjxxgMYsgLI5plkH0MAy0e/h
ASWrE1vtmj6uBunNpnkdGnaqn95xY+fuRGdKBRCAf3ZNjiY+Rj24qqu+4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGzV+4jNWNLPT0ndIIKbP3PyU9UOMB8GA1UdIwQY
MBaAFCmCWs6GUiXsyyc1QcTtIc2hMz0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lKYXpvWlNKZXpMSnpWQnhPMGh6YUV6UFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wM2VkOTgtOTVlYy00OThlLWJmZTAt
OGYzNWY4MzUwODJmLzEvYk5YN2lNMVkwczlQU2QwZ2dwc19jX0pUMVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wM2VkOTgtOTVlYy00OThlLWJmZTAtOGYzNWY4MzUwODJm
LzEvS1lKYXpvWlNKZXpMSnpWQnhPMGh6YUV6UFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQHwMA8E
AgACMAkDBwAgAQf4ASowDQYJKoZIhvcNAQELBQADggEBABXy41oQYI16KTmSeNL3
9HxoJI4M89o+HdvYGJoCd1YYXcuBKezCrjQwsZhDapJDWvcrHbDNto/j/LubIlmd
IhqldrxWBgvjrL/Ih6KISMm8aZGiHcLTJTEElIbIoN8W9DrJzZ+wvegaw1LD1rWd
3VN0tSfzNVUbhu8a/gjjlYnB0EbFdG4dXXiw+qZDxJhm24m3Pe4cpd8gqE++8gY0
TRW+LbUhcoK6NSVAsdNcQcVrUcxNsvj4HlnXF7fZelvV3vOHaDde5WBAaqEFSHiS
/G4hqypovEsOmh+rA68ZiElbm3KpKZ1UXAJ2CMbBqoqJgQpHkaQORw0148ISLy4P
jDg=
-----END CERTIFICATE-----
Generated at Fri Jul 19 10:50:54 2024 by rpki-client on console-fra.rpki-client.org