Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ldQUZzHPfOmrHPeRlzR-sXXtKBI.roa
File: ldQUZzHPfOmrHPeRlzR-sXXtKBI.roa (raw, json)
Hash identifier: WCVJTHadxJbSQgUVLVDt/GMEY9b8OcP/FZ1VMXJFfGc=
Subject key identifier: 95:D4:14:67:31:CF:7C:E9:AB:1C:F7:91:97:34:7E:B1:75:ED:28:12
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 0190DE2DCA661AC7DAC521C8D60F912A79FB
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ldQUZzHPfOmrHPeRlzR-sXXtKBI.roa
Signing time: Tue 23 Jul 2024 06:01:01 +0000
ROA not before: Tue 23 Jul 2024 06:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.197.128.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:de:2d:ca:66:1a:c7:da:c5:21:c8:d6:0f:91:2a:79:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jul 23 06:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95d4146731cf7ce9ab1cf79197347eb175ed2812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b2:2a:55:ea:6e:e5:5f:d2:4e:bf:71:1c:f8:
13:a0:a5:8c:22:09:aa:57:24:c0:8b:ed:14:a0:c7:
2f:37:8b:0c:67:92:99:a8:54:92:0c:87:c8:59:f4:
23:53:bf:7e:24:c8:dc:c5:66:6e:54:52:d7:cb:3e:
c0:a5:b2:d0:97:cc:b1:72:50:d1:c9:39:eb:35:31:
5e:6a:7c:f8:56:4a:67:ab:01:5c:13:8c:0b:7c:05:
ad:da:1f:22:30:bd:d2:10:11:51:b3:a0:38:2f:a1:
1c:73:33:99:04:5b:dd:14:33:7c:b1:dd:ff:8f:2b:
e1:af:8e:70:2d:10:d0:46:19:78:eb:c2:44:d4:c7:
5d:e8:d2:25:05:4c:54:ef:b4:4c:26:4f:02:10:ed:
b9:61:00:19:ca:4a:1d:0f:23:63:89:84:0e:0e:14:
18:ea:45:96:d6:5b:7d:4f:88:02:a2:70:8e:1a:eb:
7a:b9:05:04:73:76:8e:75:90:3b:d5:58:6c:67:3e:
bc:48:37:3b:6b:db:dd:17:db:1c:26:06:9e:e9:38:
59:32:0e:37:4a:4f:d7:29:f7:81:b6:8a:57:8b:b6:
89:1b:a2:0d:40:0b:3f:ce:39:7e:11:6b:a5:23:20:
fb:cf:76:6f:60:18:4d:30:90:90:db:60:9b:4a:c7:
3a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D4:14:67:31:CF:7C:E9:AB:1C:F7:91:97:34:7E:B1:75:ED:28:12
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ldQUZzHPfOmrHPeRlzR-sXXtKBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.128.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:e9:16:39:1a:04:b5:2b:37:a0:b5:d3:ce:3a:51:1c:12:19:
0c:09:f3:e4:8f:69:56:94:71:11:6f:a4:1b:01:aa:04:b8:e6:
ce:88:53:7a:7e:02:de:be:19:44:86:d2:a2:74:9f:68:11:de:
59:f7:10:9b:30:41:cd:8e:f5:19:72:b9:7f:1e:f0:92:00:64:
6c:45:8e:90:a3:ff:ac:5a:f8:8f:e0:fe:8b:47:92:ae:ec:ac:
ae:f2:8d:49:ca:c3:f1:21:6c:9b:7f:9b:52:3e:05:d0:0b:58:
8f:7f:b5:16:94:d1:af:a9:0c:6e:f8:53:36:ee:ae:c8:b2:50:
df:4a:34:b3:b8:34:71:53:44:11:22:a2:38:e4:26:d4:25:f6:
c3:51:c9:d0:d6:e1:a6:81:8e:96:02:57:e1:3a:95:aa:8e:50:
cb:cb:d4:66:15:92:24:2e:6c:ca:f9:72:2a:13:ba:e4:6f:ff:
1b:d8:8d:8c:dd:cb:ba:7a:c6:04:a3:47:d1:53:be:16:8e:2a:
48:06:be:a7:fb:60:dc:c6:bf:20:48:92:85:2d:aa:7e:28:85:
59:fe:bb:db:ba:f1:af:6b:8a:38:a5:b6:ae:d7:ac:93:b4:ce:
ec:93:a2:c5:42:18:fb:72:a3:49:60:f8:e6:ee:c9:0b:e8:5d:
f6:c8:8a:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDeLcpmGsfaxSHI1g+RKnn7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODhlYjczMGFiMWE1MDFlYTM2ZWEzNDgyZDc2NDU0NGUx
NDExMTEwHhcNMjQwNzIzMDYwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQ0MTQ2NzMxY2Y3Y2U5YWIxY2Y3OTE5NzM0N2ViMTc1ZWQyODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrIqVepu5V/STr9xHPgToKWMIgmq
VyTAi+0UoMcvN4sMZ5KZqFSSDIfIWfQjU79+JMjcxWZuVFLXyz7ApbLQl8yxclDR
yTnrNTFeanz4VkpnqwFcE4wLfAWt2h8iML3SEBFRs6A4L6EcczOZBFvdFDN8sd3/
jyvhr45wLRDQRhl468JE1Mdd6NIlBUxU77RMJk8CEO25YQAZykodDyNjiYQODhQY
6kWW1lt9T4gConCOGut6uQUEc3aOdZA71VhsZz68SDc7a9vdF9scJgae6ThZMg43
Sk/XKfeBtopXi7aJG6INQAs/zjl+EWulIyD7z3ZvYBhNMJCQ22CbSsc6iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXUFGcxz3zpqxz3kZc0frF17SgSMB8GA1UdIwQY
MBaAFE2I63MKsaUB6jbqNILXZFROFBERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQt
NzI2ZjgzZDIzODkyLzEvbGRRVVp6SFBmT21ySFBlUmx6Ui1zWFh0S0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQtNzI2ZjgzZDIzODky
LzEvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucWAMA0G
CSqGSIb3DQEBCwUAA4IBAQCj6RY5GgS1KzegtdPOOlEcEhkMCfPkj2lWlHERb6Qb
AaoEuObOiFN6fgLevhlEhtKidJ9oEd5Z9xCbMEHNjvUZcrl/HvCSAGRsRY6Qo/+s
WviP4P6LR5Ku7Kyu8o1JysPxIWybf5tSPgXQC1iPf7UWlNGvqQxu+FM27q7IslDf
SjSzuDRxU0QRIqI45CbUJfbDUcnQ1uGmgY6WAlfhOpWqjlDLy9RmFZIkLmzK+XIq
E7rkb/8b2I2M3cu6esYEo0fRU74WjipIBr6n+2Dcxr8gSJKFLap+KIVZ/rvbuvGv
a4o4pbau16yTtM7sk6LFQhj7cqNJYPjm7skL6F32yIrG
-----END CERTIFICATE-----
Generated at Thu Nov 7 19:59:58 2024 by rpki-client on console-ams.rpki-client.org