Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/bySAZilWnYzaXSUMwV9dkIfvCCw.roa
File: bySAZilWnYzaXSUMwV9dkIfvCCw.roa (raw, json)
Hash identifier: LLb2bgR3+SUWQ7FAuOK926wyNryvNUl9qhGamlS+IPY=
Subject key identifier: 6F:24:80:66:29:56:9D:8C:DA:5D:25:0C:C1:5F:5D:90:87:EF:08:2C
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 09C49FB6
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/bySAZilWnYzaXSUMwV9dkIfvCCw.roa
Signing time: Sat 01 Jan 2022 14:57:55 +0000
ROA not before: Sat 01 Jan 2022 14:57:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396982
IP address blocks: 185.56.85.0/24 maxlen: 24
185.56.84.0/24 maxlen: 24
146.66.122.0/24 maxlen: 24
146.66.121.0/24 maxlen: 24
146.66.123.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163880886 (0x9c49fb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 1 14:57:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f24806629569d8cda5d250cc15f5d9087ef082c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:84:ec:48:50:ab:7e:2b:2f:78:ca:18:b1:
db:30:8e:31:ad:ff:bc:e6:a6:36:22:15:02:89:e1:
ad:3a:45:81:b3:38:5b:55:d1:cc:eb:85:ed:4e:85:
6a:19:7a:97:b9:8b:c4:c3:01:d0:a3:a5:f9:ad:bc:
ee:d7:f4:12:77:d1:cb:21:d6:96:c7:0e:9e:f8:31:
72:c7:2a:bd:a1:73:07:65:a0:15:d1:b2:74:0d:17:
1b:52:2f:1b:01:98:71:85:96:0c:79:37:e4:1a:76:
ee:ff:1b:5a:a0:cc:5b:3f:59:cc:f6:9d:c7:45:f7:
42:14:a6:db:ed:29:31:29:3a:a7:74:5b:ba:6e:f4:
ae:3f:7b:d8:75:07:34:c4:15:ea:9f:02:ae:08:76:
6b:16:61:c5:b3:c9:e1:47:08:85:ec:10:e6:a8:e3:
4b:4d:f7:0f:dc:ca:3f:9f:8a:56:26:16:cb:40:cd:
5f:54:11:7f:17:30:58:dc:de:66:78:54:9a:93:39:
18:20:30:4b:75:f2:5f:da:47:5c:c0:3c:a6:f1:f9:
0f:7a:bc:8e:77:34:ab:b3:1f:00:06:e2:84:b8:f0:
31:34:de:3f:8f:f3:00:ac:26:f8:89:9f:1b:e2:9a:
c3:60:58:a8:22:bd:e6:72:66:20:f2:66:e4:8f:23:
a8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:24:80:66:29:56:9D:8C:DA:5D:25:0C:C1:5F:5D:90:87:EF:08:2C
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/bySAZilWnYzaXSUMwV9dkIfvCCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.121.0-146.66.123.255
185.56.84.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:3b:a8:a8:ed:73:6d:d1:c2:ce:fd:6d:74:4f:dd:d0:8d:30:
40:5b:c8:b7:61:c5:ca:0a:32:db:54:3b:1d:03:f4:d9:2c:8a:
7e:4f:fd:9f:77:60:b3:98:e1:60:1f:cf:50:4d:4c:86:fa:e1:
00:c0:76:94:83:09:e2:67:c8:24:22:18:fa:3d:8b:1d:91:e0:
30:35:6f:06:ec:3b:bd:f6:77:f5:2f:18:7a:84:2f:ff:56:54:
d5:a1:f8:df:d7:a2:a6:f0:da:4e:44:cc:bd:46:72:c7:7f:de:
af:5e:f1:b0:04:0d:83:6c:83:80:0d:9c:5a:cd:15:4b:72:a5:
73:bf:e2:f0:c2:9a:07:bb:18:a7:68:67:5c:60:0c:51:80:e3:
68:ba:cf:ba:c7:f2:b4:bd:83:a1:99:88:97:27:65:6d:ff:65:
bc:3b:95:ee:af:4b:14:32:c1:85:a6:12:05:27:d0:eb:ef:b9:
2f:ef:0e:59:bf:40:39:ca:39:dc:a0:f0:ee:0d:54:b2:81:fe:
0d:bf:39:88:08:0b:f6:b2:bb:fe:ce:e5:b0:21:ab:5b:2b:63:
bb:cd:8b:8b:ba:62:0e:4f:e1:70:19:72:0a:1f:88:72:b6:f9:
f3:53:25:09:e7:2e:97:6f:fd:54:7c:68:bc:bf:d3:8f:c6:0c:
1f:d1:98:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECcSftjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDg4ZWI3MzBhYjFhNTAxZWEzNmVhMzQ4MmQ3NjQ1NDRlMTQxMTExMB4XDTIyMDEw
MTE0NTc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmYyNDgwNjYyOTU2
OWQ4Y2RhNWQyNTBjYzE1ZjVkOTA4N2VmMDgyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxNhOxIUKt+Ky94yhix2zCOMa3/vOamNiIVAonhrTpFgbM4
W1XRzOuF7U6Fahl6l7mLxMMB0KOl+a287tf0EnfRyyHWlscOnvgxcscqvaFzB2Wg
FdGydA0XG1IvGwGYcYWWDHk35Bp27v8bWqDMWz9ZzPadx0X3QhSm2+0pMSk6p3Rb
um70rj972HUHNMQV6p8Crgh2axZhxbPJ4UcIhewQ5qjjS033D9zKP5+KViYWy0DN
X1QRfxcwWNzeZnhUmpM5GCAwS3XyX9pHXMA8pvH5D3q8jnc0q7MfAAbihLjwMTTe
P4/zAKwm+ImfG+Kaw2BYqCK95nJmIPJm5I8jqHUCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRvJIBmKVadjNpdJQzBX12Qh+8ILDAfBgNVHSMEGDAWgBRNiOtzCrGlAeo2
6jSC12RUThQRETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RZanJjd3F4cFFIcU51bzBndGRrVkU0VUVSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8x
L2J5U0FaaWxXbll6YVhTVU13Vjlka0lmdkNDdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8xL1RZanJjd3F4cFFI
cU51bzBndGRrVkU0VUVSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAkkJ5AwQCkkJ4AwQBuThUMA0G
CSqGSIb3DQEBCwUAA4IBAQALO6io7XNt0cLO/W10T93QjTBAW8i3YcXKCjLbVDsd
A/TZLIp+T/2fd2CzmOFgH89QTUyG+uEAwHaUgwniZ8gkIhj6PYsdkeAwNW8G7Du9
9nf1Lxh6hC//VlTVofjf16Km8NpORMy9RnLHf96vXvGwBA2DbIOADZxazRVLcqVz
v+LwwpoHuxinaGdcYAxRgONous+6x/K0vYOhmYiXJ2Vt/2W8O5Xur0sUMsGFphIF
J9Dr77kv7w5Zv0A5yjncoPDuDVSygf4NvzmICAv2srv+zuWwIatbK2O7zYuLumIO
T+FwGXIKH4hytvnzUyUJ5y6Xb/1UfGi8v9OPxgwf0ZgJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:48 2024 by rpki-client on console-fra.rpki-client.org