Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/KdaNxCwI_AaT2KD9UJ03Y246ol8.roa
File: KdaNxCwI_AaT2KD9UJ03Y246ol8.roa (raw, json)
Hash identifier: zt74cboEnxwDhZIbtvdCDtYyqNY8q7hQW8qrD398lcs=
Subject key identifier: 29:D6:8D:C4:2C:08:FC:06:93:D8:A0:FD:50:9D:37:63:6E:3A:A2:5F
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018D13D7EDD9D3096337694F6483949E5A67
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/KdaNxCwI_AaT2KD9UJ03Y246ol8.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 185.202.106.0/24 maxlen: 24
212.52.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ed:d9:d3:09:63:37:69:4f:64:83:94:9e:5a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29d68dc42c08fc0693d8a0fd509d37636e3aa25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2a:d0:6f:ab:21:59:b0:64:97:23:15:1d:91:
d8:1d:47:99:10:94:e5:71:fb:e8:08:21:3b:4e:fb:
4d:77:d4:39:99:7d:69:b6:7e:75:5c:d2:d9:9c:57:
16:39:b2:f2:45:29:48:21:44:8c:7a:05:86:65:4d:
c7:58:fa:32:a8:ee:d9:ec:73:3b:aa:fa:c8:9a:a1:
f3:72:c4:2d:77:a7:89:ec:8b:64:c3:e5:14:e2:15:
52:3d:f6:b8:10:83:56:ea:4d:6a:4f:39:34:92:e2:
1d:19:d3:14:36:bb:29:20:52:6f:43:b6:0a:18:9c:
7a:e3:b3:7a:64:8e:b4:77:68:15:62:8f:fa:97:7e:
80:7a:69:f7:4d:47:57:4f:39:ba:8e:7e:b2:0d:a5:
1a:bb:e2:a7:60:01:38:69:2f:a7:61:86:53:c6:4c:
6f:5d:50:96:a7:01:2e:63:cb:d0:38:dd:96:ff:29:
88:65:f5:f2:4d:b2:fa:2c:29:2b:ac:aa:d0:c5:1e:
73:f0:b4:a7:29:80:b0:e8:01:a6:40:1f:c4:62:82:
83:59:4d:5f:04:59:fc:a4:c5:bd:3d:85:fb:5b:29:
e3:64:1c:32:66:a9:ce:09:32:dc:9e:0c:30:91:a0:
74:cc:a0:4b:ea:b4:b9:b4:61:10:ed:b3:93:ae:cc:
88:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D6:8D:C4:2C:08:FC:06:93:D8:A0:FD:50:9D:37:63:6E:3A:A2:5F
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/KdaNxCwI_AaT2KD9UJ03Y246ol8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.106.0/24
212.52.13.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:18:3b:5c:af:73:12:6c:6d:99:96:5b:36:70:a0:b0:a1:76:
5b:20:34:79:ee:f2:d3:2b:65:e0:73:99:d7:bc:b3:37:85:ac:
a7:cd:0a:66:87:5f:a5:29:3f:52:e0:1c:56:89:fc:df:1e:b1:
f7:39:a1:46:8b:9f:ca:4e:cb:50:dd:dc:48:09:95:55:57:bc:
29:57:ea:04:6c:c4:40:ba:c1:0f:55:a3:3f:b5:62:39:33:22:
eb:7c:04:3b:20:a0:13:75:5c:f2:41:78:20:91:e2:a9:99:02:
47:d7:8e:ff:35:bd:77:4a:2c:60:a1:59:b7:cc:2f:bd:2e:ef:
bf:ad:04:38:2e:a4:25:80:13:3f:7f:a8:b4:15:83:53:d5:90:
0b:71:29:57:53:d0:ec:c1:bb:d6:29:2f:5f:af:03:49:76:1c:
73:28:3d:11:11:96:91:82:06:50:3b:21:e4:09:12:8a:7d:31:
99:04:79:86:bf:fe:9f:2a:e5:43:5d:1a:13:73:34:04:3d:23:
16:09:3b:93:69:80:05:cf:0c:74:d3:0a:d8:bd:98:23:ba:a6:
cc:96:48:eb:83:bf:ec:8a:df:5b:57:b5:23:20:ff:94:34:ba:
74:ad:03:ef:39:0c:30:c6:09:c9:b9:0f:e7:f8:1e:1d:ab:89:
7b:ed:34:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0T1+3Z0wljN2lPZIOUnlpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ2OGRjNDJjMDhmYzA2OTNkOGEwZmQ1MDlkMzc2MzZlM2FhMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSrQb6shWbBklyMVHZHYHUeZEJTl
cfvoCCE7TvtNd9Q5mX1ptn51XNLZnFcWObLyRSlIIUSMegWGZU3HWPoyqO7Z7HM7
qvrImqHzcsQtd6eJ7Itkw+UU4hVSPfa4EINW6k1qTzk0kuIdGdMUNrspIFJvQ7YK
GJx647N6ZI60d2gVYo/6l36Aemn3TUdXTzm6jn6yDaUau+KnYAE4aS+nYYZTxkxv
XVCWpwEuY8vQON2W/ymIZfXyTbL6LCkrrKrQxR5z8LSnKYCw6AGmQB/EYoKDWU1f
BFn8pMW9PYX7WynjZBwyZqnOCTLcngwwkaB0zKBL6rS5tGEQ7bOTrsyIOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnWjcQsCPwGk9ig/VCdN2NuOqJfMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvS2RhTnhDd0lfQWFUMktEOVVKMDNZMjQ2b2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucpqAwQA
1DQNMA0GCSqGSIb3DQEBCwUAA4IBAQCMGDtcr3MSbG2Zlls2cKCwoXZbIDR57vLT
K2Xgc5nXvLM3haynzQpmh1+lKT9S4BxWifzfHrH3OaFGi5/KTstQ3dxICZVVV7wp
V+oEbMRAusEPVaM/tWI5MyLrfAQ7IKATdVzyQXggkeKpmQJH147/Nb13SixgoVm3
zC+9Lu+/rQQ4LqQlgBM/f6i0FYNT1ZALcSlXU9DswbvWKS9frwNJdhxzKD0REZaR
ggZQOyHkCRKKfTGZBHmGv/6fKuVDXRoTczQEPSMWCTuTaYAFzwx00wrYvZgjuqbM
lkjrg7/sit9bV7UjIP+UNLp0rQPvOQwwxgnJuQ/n+B4dq4l77TSp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org