Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/063fa4-17de-4595-bc86-ce4b6250bb4d/1/II3ZxC-XJFTlrF7EcGFMaiZ8Y5Q.roa
File: II3ZxC-XJFTlrF7EcGFMaiZ8Y5Q.roa (raw, json)
Hash identifier: zS70ttbwD/jcxMnnwD9dh4vd+98y+eWzYEXf7vDeTzA=
Subject key identifier: 20:8D:D9:C4:2F:97:24:54:E5:AC:5E:C4:70:61:4C:6A:26:7C:63:94
Certificate issuer: /CN=91dd2314dd9b7c61d71d4dbeda8fa3965c424570
Certificate serial: 01856D38519C2BF3CB59D76D1C384E289D39
Authority key identifier: 91:DD:23:14:DD:9B:7C:61:D7:1D:4D:BE:DA:8F:A3:96:5C:42:45:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0jFN2bfGHXHU2-2o-jllxCRXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/063fa4-17de-4595-bc86-ce4b6250bb4d/1/II3ZxC-XJFTlrF7EcGFMaiZ8Y5Q.roa
Signing time: Sun 01 Jan 2023 12:04:45 +0000
ROA not before: Sun 01 Jan 2023 12:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39093
IP address blocks: 185.212.184.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:51:9c:2b:f3:cb:59:d7:6d:1c:38:4e:28:9d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd2314dd9b7c61d71d4dbeda8fa3965c424570
Validity
Not Before: Jan 1 12:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=208dd9c42f972454e5ac5ec470614c6a267c6394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:71:41:24:6f:6f:1a:f5:2c:08:69:d1:6d:cd:
e7:6f:72:63:8a:59:3b:b5:d6:4e:51:4d:7f:5a:29:
15:a2:70:85:78:d8:58:56:3f:73:36:27:56:91:1f:
19:fd:62:17:43:63:cb:e9:1e:7d:55:de:ad:81:cf:
86:ff:15:ce:79:db:da:2e:ec:4f:2a:f0:e1:c4:e9:
71:c5:a5:85:62:59:6c:1d:b8:8f:73:7a:61:d2:20:
08:13:ad:68:e2:91:8d:b2:7c:39:74:09:d1:b5:78:
6d:7e:d3:52:bc:5c:c7:63:80:38:ec:2f:61:de:ab:
4a:01:d9:f3:f6:5c:62:97:f3:5f:91:3f:47:c8:8f:
52:3f:2c:ab:4f:84:b1:21:e1:0c:63:98:9a:02:6d:
a6:98:de:8c:04:d9:b4:71:95:bb:8c:ac:d5:e6:76:
48:df:ad:9c:25:e7:f5:56:5f:24:be:59:79:89:cd:
a5:2b:79:ca:bf:a1:e1:cb:7b:1b:5d:ec:92:e4:92:
66:9f:61:a0:7e:d7:30:53:99:f1:5e:ef:63:ad:3c:
c0:f7:b3:3f:a3:86:71:0c:d0:31:56:36:b6:1a:f4:
cc:b9:ae:34:92:f1:1e:5a:10:bd:d0:8d:6c:ad:5f:
af:17:66:0c:e5:b5:e1:2a:47:52:49:fb:29:ba:b9:
c5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8D:D9:C4:2F:97:24:54:E5:AC:5E:C4:70:61:4C:6A:26:7C:63:94
X509v3 Authority Key Identifier:
keyid:91:DD:23:14:DD:9B:7C:61:D7:1D:4D:BE:DA:8F:A3:96:5C:42:45:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0jFN2bfGHXHU2-2o-jllxCRXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/063fa4-17de-4595-bc86-ce4b6250bb4d/1/II3ZxC-XJFTlrF7EcGFMaiZ8Y5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/063fa4-17de-4595-bc86-ce4b6250bb4d/1/kd0jFN2bfGHXHU2-2o-jllxCRXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.184.0/22
Signature Algorithm: sha256WithRSAEncryption
33:df:cc:cf:81:be:9a:d2:8d:3e:00:14:27:1e:e4:0d:f9:53:
5a:50:0a:51:c9:dc:f4:cd:0c:d2:40:ac:00:cb:5a:fe:6d:71:
53:8e:ef:81:26:59:90:4e:bc:04:ce:4e:c5:71:a3:02:08:21:
a3:ce:8e:77:4e:a0:a2:ed:b2:b3:c3:76:69:a1:00:8d:80:22:
1d:8f:c6:0c:a3:2e:bd:c8:67:71:f6:71:e5:af:0a:01:0b:fb:
2a:e0:92:49:be:54:59:c7:29:b0:07:f6:b9:aa:1c:48:80:cb:
67:d2:08:93:67:73:21:0e:f5:21:55:41:b0:2a:94:61:18:ab:
e0:89:b7:0e:6d:c2:e4:f0:8f:6c:ef:5f:17:93:31:0d:a8:4b:
28:6c:f4:62:f8:79:8d:4f:76:03:e8:4e:8c:7b:cf:57:83:16:
52:fc:e1:d0:e0:b5:58:27:a5:76:04:0f:c9:20:22:f4:f4:b2:
d1:64:83:78:a8:1d:4e:1b:67:74:78:fe:63:e6:53:c0:fa:f0:
d4:bd:21:a5:67:23:25:ad:0c:3a:0d:f0:d6:01:58:ba:18:36:
e3:8e:2e:8d:29:10:27:3a:70:23:3c:7f:b0:14:d3:13:d5:d4:
ec:54:40:1d:e5:3b:47:19:9c:15:2b:0f:d8:52:0e:05:f0:a4:
24:1d:70:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOFGcK/PLWddtHDhOKJ05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQyMzE0ZGQ5YjdjNjFkNzFkNGRiZWRhOGZhMzk2NWM0
MjQ1NzAwHhcNMjMwMTAxMTIwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDhkZDljNDJmOTcyNDU0ZTVhYzVlYzQ3MDYxNGM2YTI2N2M2Mzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnFBJG9vGvUsCGnRbc3nb3Jjilk7
tdZOUU1/WikVonCFeNhYVj9zNidWkR8Z/WIXQ2PL6R59Vd6tgc+G/xXOedvaLuxP
KvDhxOlxxaWFYllsHbiPc3ph0iAIE61o4pGNsnw5dAnRtXhtftNSvFzHY4A47C9h
3qtKAdnz9lxil/NfkT9HyI9SPyyrT4SxIeEMY5iaAm2mmN6MBNm0cZW7jKzV5nZI
362cJef1Vl8kvll5ic2lK3nKv6Hhy3sbXeyS5JJmn2GgftcwU5nxXu9jrTzA97M/
o4ZxDNAxVja2GvTMua40kvEeWhC90I1srV+vF2YM5bXhKkdSSfspurnFjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCCN2cQvlyRU5axexHBhTGomfGOUMB8GA1UdIwQY
MBaAFJHdIxTdm3xh1x1NvtqPo5ZcQkVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwakZOMmJmR0hYSFUyLTJvLWpsbHhDUlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wNjNmYTQtMTdkZS00NTk1LWJjODYt
Y2U0YjYyNTBiYjRkLzEvSUkzWnhDLVhKRlRsckY3RWNHRk1haVo4WTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wNjNmYTQtMTdkZS00NTk1LWJjODYtY2U0YjYyNTBiYjRk
LzEva2QwakZOMmJmR0hYSFUyLTJvLWpsbHhDUlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudS4MA0G
CSqGSIb3DQEBCwUAA4IBAQAz38zPgb6a0o0+ABQnHuQN+VNaUApRydz0zQzSQKwA
y1r+bXFTju+BJlmQTrwEzk7FcaMCCCGjzo53TqCi7bKzw3ZpoQCNgCIdj8YMoy69
yGdx9nHlrwoBC/sq4JJJvlRZxymwB/a5qhxIgMtn0giTZ3MhDvUhVUGwKpRhGKvg
ibcObcLk8I9s718XkzENqEsobPRi+HmNT3YD6E6Me89XgxZS/OHQ4LVYJ6V2BA/J
ICL09LLRZIN4qB1OG2d0eP5j5lPA+vDUvSGlZyMlrQw6DfDWAVi6GDbjji6NKRAn
OnAjPH+wFNMT1dTsVEAd5TtHGZwVKw/YUg4F8KQkHXA2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:48 2025 by rpki-client