Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/2vPM5PY8w-Eu4COV823lwxMX_P8.roa
File: 2vPM5PY8w-Eu4COV823lwxMX_P8.roa (raw, json)
Hash identifier: sZKpBoGfjydmDa5Tx3mLqvB83zhcB/rQeRpGlWAeLLk=
Subject key identifier: DA:F3:CC:E4:F6:3C:C3:E1:2E:E0:23:95:F3:6D:E5:C3:13:17:FC:FF
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018D2D73AC18A1E75A9D9B91159FB7C773A6
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/2vPM5PY8w-Eu4COV823lwxMX_P8.roa
Signing time: Sun 21 Jan 2024 19:16:11 +0000
ROA not before: Sun 21 Jan 2024 19:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 185.202.106.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:73:ac:18:a1:e7:5a:9d:9b:91:15:9f:b7:c7:73:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 21 19:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daf3cce4f63cc3e12ee02395f36de5c31317fcff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:82:77:b9:6f:a1:e9:d5:0d:b5:d9:e1:58:
43:41:9b:e9:32:53:dd:e7:aa:13:85:18:6c:16:c4:
9d:2f:be:f1:2a:f2:8d:95:74:95:1a:1e:79:43:b1:
f7:f9:37:80:36:0f:b0:4e:19:a2:bb:31:58:ef:fd:
62:6c:23:54:06:2e:90:3c:11:56:c8:7e:75:f7:32:
f7:d2:fc:e0:8d:dd:43:40:3b:3b:88:f0:18:3c:bf:
5c:c8:da:46:d9:e8:3d:4e:74:e3:3c:c7:83:6d:f5:
c8:5b:67:51:50:74:6a:18:cb:57:b1:2e:f8:79:2e:
1f:ea:66:1f:53:24:01:dd:3e:fd:7a:05:64:f6:e5:
b0:f7:94:ad:9f:fb:22:3b:35:37:41:b1:00:56:21:
00:86:c2:43:f4:cb:41:83:ba:56:65:ea:96:3a:a3:
d4:2f:c8:26:ba:11:b1:15:5e:ca:d3:c0:1c:17:ef:
f1:79:2b:81:ae:eb:42:8f:f5:cb:d1:0b:09:27:4c:
9c:3a:6e:1b:de:87:6f:64:6d:6a:2a:b2:f0:f4:ea:
28:7b:44:09:7a:af:8f:ff:87:8d:88:49:f0:bd:2f:
4b:de:9c:25:e7:8a:7b:99:1c:c1:79:a1:ca:d3:58:
6f:c5:6d:4d:55:ab:a5:f0:83:4c:d2:f4:41:f9:39:
d4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F3:CC:E4:F6:3C:C3:E1:2E:E0:23:95:F3:6D:E5:C3:13:17:FC:FF
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/2vPM5PY8w-Eu4COV823lwxMX_P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.106.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:0d:6a:16:8b:28:7f:27:65:25:b8:34:fd:6f:6d:20:e2:99:
f6:a1:bf:91:36:fe:f9:e8:e4:a7:7f:df:8e:4a:ff:0c:65:df:
3c:7b:9a:c1:52:59:7a:5b:fe:92:42:86:5d:2d:e9:89:de:1d:
6a:99:fe:59:80:f2:c3:75:b1:15:e0:52:8e:35:ae:53:67:e8:
0b:c9:37:b3:a9:12:ac:d4:1b:b4:9c:a8:19:cc:19:64:35:96:
fe:b0:7f:87:b6:1d:a7:47:e9:e5:5e:3d:f4:ef:e0:c8:c1:d4:
61:55:f7:81:25:30:1d:c1:3c:0d:75:1f:86:6f:85:c4:c3:2a:
b5:b6:d0:b1:ed:4c:1a:b6:a5:6b:0e:51:52:96:3c:0e:09:c9:
7d:46:36:7e:85:6f:59:5e:03:a9:de:85:55:33:70:70:00:b7:
5a:5f:f7:7b:5a:be:2e:6e:c6:6f:8a:c7:4a:f3:71:af:d5:c9:
19:9b:ee:b4:00:76:78:67:89:0c:b4:e0:76:36:cd:dd:03:a5:
58:f4:64:ee:86:aa:87:b6:79:cb:1b:69:03:9e:76:d9:6a:d6:
29:64:ad:01:9d:f4:d1:0a:c0:19:18:69:77:01:51:2f:44:e3:
55:f9:dd:b6:58:90:e0:4f:3c:ef:e2:11:89:22:34:ab:ba:fd:
b1:a5:f9:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0tc6wYoedanZuRFZ+3x3OmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMTIxMTkxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWYzY2NlNGY2M2NjM2UxMmVlMDIzOTVmMzZkZTVjMzEzMTdmY2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r6Cd7lvoenVDbXZ4VhDQZvpMlPd
56oThRhsFsSdL77xKvKNlXSVGh55Q7H3+TeANg+wThmiuzFY7/1ibCNUBi6QPBFW
yH519zL30vzgjd1DQDs7iPAYPL9cyNpG2eg9TnTjPMeDbfXIW2dRUHRqGMtXsS74
eS4f6mYfUyQB3T79egVk9uWw95Stn/siOzU3QbEAViEAhsJD9MtBg7pWZeqWOqPU
L8gmuhGxFV7K08AcF+/xeSuBrutCj/XL0QsJJ0ycOm4b3odvZG1qKrLw9Oooe0QJ
eq+P/4eNiEnwvS9L3pwl54p7mRzBeaHK01hvxW1NVaul8INM0vRB+TnU5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrzzOT2PMPhLuAjlfNt5cMTF/z/MB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvMnZQTTVQWTh3LUV1NENPVjgyM2x3eE1YX1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucpqMA0G
CSqGSIb3DQEBCwUAA4IBAQCaDWoWiyh/J2UluDT9b20g4pn2ob+RNv756OSnf9+O
Sv8MZd88e5rBUll6W/6SQoZdLemJ3h1qmf5ZgPLDdbEV4FKONa5TZ+gLyTezqRKs
1Bu0nKgZzBlkNZb+sH+Hth2nR+nlXj307+DIwdRhVfeBJTAdwTwNdR+Gb4XEwyq1
ttCx7UwatqVrDlFSljwOCcl9RjZ+hW9ZXgOp3oVVM3BwALdaX/d7Wr4ubsZvisdK
83Gv1ckZm+60AHZ4Z4kMtOB2Ns3dA6VY9GTuhqqHtnnLG2kDnnbZatYpZK0BnfTR
CsAZGGl3AVEvRONV+d22WJDgTzzv4hGJIjSruv2xpfmO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:18 2024 by rpki-client on console-ams.rpki-client.org