Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/4-2N73D0_8z2AIhgZIJntl_tWVI.roa
File: 4-2N73D0_8z2AIhgZIJntl_tWVI.roa (raw, json)
Hash identifier: uNH0umD+mXCAKvJXqdJBh1crMW06Q13FGEqlozTTPnk=
Subject key identifier: E3:ED:8D:EF:70:F4:FF:CC:F6:00:88:60:64:82:67:B6:5F:ED:59:52
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018E3243C338D00AC8A03F104B8E713C13B8
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/4-2N73D0_8z2AIhgZIJntl_tWVI.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 185.225.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c3:38:d0:0a:c8:a0:3f:10:4b:8e:71:3c:13:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3ed8def70f4ffccf6008860648267b65fed5952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c8:b1:81:09:c2:dd:97:7b:bd:e0:67:09:35:
b8:a6:e2:34:7a:cd:cc:44:c4:fb:7c:64:90:59:ec:
09:d8:d3:69:b3:ef:50:14:a2:99:61:a1:db:96:56:
f5:6a:9a:7c:ca:eb:b7:a7:46:f9:b3:c3:07:63:11:
8e:1e:df:22:39:86:af:3a:ad:43:76:d4:2d:8e:ed:
5d:01:cc:82:e5:27:87:d1:11:cb:fb:b7:60:e3:bb:
c5:ca:fb:ab:34:ae:92:f0:63:bf:7b:59:b2:19:10:
ab:46:04:ad:e7:f8:4d:47:66:f1:68:6c:1a:f8:52:
52:ac:9e:bd:e3:f4:b4:89:9f:3f:f0:4a:bf:c8:75:
b6:b2:33:32:5b:75:11:ff:42:59:8d:3c:21:83:1d:
5c:d6:ae:e3:18:f5:a1:7f:0e:e0:3f:a4:55:d3:49:
80:a5:7c:a3:1b:9e:02:cc:dc:3f:c1:16:c7:7f:8b:
16:00:e0:fa:7b:94:22:7c:c7:e9:ef:cb:f7:f1:06:
af:5f:96:a4:d0:0b:91:be:6b:38:e1:48:df:08:e6:
82:29:f6:19:f0:1a:f9:b2:ef:39:fe:db:88:54:97:
58:f6:79:3c:7e:bf:0b:a7:35:58:57:3c:ca:b8:fa:
84:46:e4:cf:f5:4c:db:a4:3e:98:de:f0:bf:26:9d:
86:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:ED:8D:EF:70:F4:FF:CC:F6:00:88:60:64:82:67:B6:5F:ED:59:52
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/4-2N73D0_8z2AIhgZIJntl_tWVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.190.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:c0:06:7b:3e:a0:9a:6f:e0:7a:4e:86:7a:28:66:41:f3:85:
c6:0b:49:b9:d9:6d:3c:b3:f1:4b:33:56:dd:70:b0:0d:4f:84:
ad:42:f6:72:bf:38:d1:94:b0:7b:fa:d7:52:08:c1:d4:94:59:
da:34:86:ee:5b:c6:3c:d5:90:26:55:42:ff:8f:a7:4e:fa:85:
30:4f:19:91:ea:08:6d:d2:b1:e0:98:77:5e:31:87:9b:6c:87:
74:a2:59:b0:d7:e4:9e:b9:ef:78:4e:93:25:7b:79:df:3a:bd:
67:22:d4:b6:9c:25:29:97:ba:94:8e:2d:ac:b8:60:56:c9:a7:
03:71:6b:05:d5:30:a3:3e:52:3d:10:7c:b8:24:a4:78:7c:f4:
e1:c0:c2:ed:18:9e:34:31:d7:85:df:a6:b6:f2:80:cc:29:04:
64:36:df:b6:2c:8d:81:15:4a:0c:b3:33:dd:c1:75:d0:c6:34:
92:90:3a:83:b3:de:a2:48:d1:75:ae:a5:49:91:c7:6e:8b:f6:
ea:8d:3f:a4:15:fb:49:b4:0c:5f:cc:8d:d9:fc:3c:96:ec:6d:
ac:1d:4f:02:ea:c3:c1:49:9e:85:6e:46:58:76:2a:75:f7:25:
43:c8:7c:ab:93:b7:34:0a:3e:26:9f:0f:9b:27:89:95:d4:75:
08:3f:a9:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8M40ArIoD8QS45xPBO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2VkOGRlZjcwZjRmZmNjZjYwMDg4NjA2NDgyNjdiNjVmZWQ1OTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMixgQnC3Zd7veBnCTW4puI0es3M
RMT7fGSQWewJ2NNps+9QFKKZYaHbllb1app8yuu3p0b5s8MHYxGOHt8iOYavOq1D
dtQtju1dAcyC5SeH0RHL+7dg47vFyvurNK6S8GO/e1myGRCrRgSt5/hNR2bxaGwa
+FJSrJ694/S0iZ8/8Eq/yHW2sjMyW3UR/0JZjTwhgx1c1q7jGPWhfw7gP6RV00mA
pXyjG54CzNw/wRbHf4sWAOD6e5QifMfp78v38QavX5ak0AuRvms44UjfCOaCKfYZ
8Br5su85/tuIVJdY9nk8fr8LpzVYVzzKuPqERuTP9UzbpD6Y3vC/Jp2GUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPtje9w9P/M9gCIYGSCZ7Zf7VlSMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvNC0yTjczRDBfOHoyQUloZ1pJSm50bF90V1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueG+MA0G
CSqGSIb3DQEBCwUAA4IBAQC9wAZ7PqCab+B6ToZ6KGZB84XGC0m52W08s/FLM1bd
cLANT4StQvZyvzjRlLB7+tdSCMHUlFnaNIbuW8Y81ZAmVUL/j6dO+oUwTxmR6ght
0rHgmHdeMYebbId0olmw1+Seue94TpMle3nfOr1nItS2nCUpl7qUji2suGBWyacD
cWsF1TCjPlI9EHy4JKR4fPThwMLtGJ40MdeF36a28oDMKQRkNt+2LI2BFUoMszPd
wXXQxjSSkDqDs96iSNF1rqVJkcdui/bqjT+kFftJtAxfzI3Z/DyW7G2sHU8C6sPB
SZ6FbkZYdip19yVDyHyrk7c0Cj4mnw+bJ4mV1HUIP6m8
-----END CERTIFICATE-----
Generated at Wed Aug 14 15:15:13 2024 by rpki-client on console-ams.rpki-client.org