Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/EBiDhRnvxmKYX2z2VihjCjttiqk.roa
File: EBiDhRnvxmKYX2z2VihjCjttiqk.roa (raw, json)
Hash identifier: OH3OC6AtQjSjEHuuIHG3b5DywCiZkjCtauxJ/Zm2O/c=
Subject key identifier: 10:18:83:85:19:EF:C6:62:98:5F:6C:F6:56:28:63:0A:3B:6D:8A:A9
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 018EA4D103C4FC80D4628FB97F7FDD61D455
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/EBiDhRnvxmKYX2z2VihjCjttiqk.roa
Signing time: Wed 03 Apr 2024 16:35:44 +0000
ROA not before: Wed 03 Apr 2024 16:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 185.201.28.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:d1:03:c4:fc:80:d4:62:8f:b9:7f:7f:dd:61:d4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Apr 3 16:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1018838519efc662985f6cf65628630a3b6d8aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3a:16:30:0a:da:31:8a:fd:e9:d4:9d:05:aa:
a1:e0:01:48:bd:09:65:01:f2:83:bd:47:33:bb:88:
10:90:74:a3:3e:d9:36:35:03:38:4f:56:b8:e2:92:
ab:40:90:8e:2e:9f:4e:a2:c5:0a:54:89:bb:2d:8c:
73:8d:0a:92:ee:61:3c:91:aa:8f:fe:3f:cb:97:13:
1a:46:02:0d:54:ef:97:8b:01:84:80:09:a3:c4:d5:
a9:4f:ea:88:54:d4:e9:73:e1:9d:05:84:a2:67:46:
c7:f4:3c:f2:8e:a9:95:35:f7:e9:cf:86:92:0a:20:
30:16:47:00:8b:fe:d2:df:8b:d2:96:85:4c:7b:14:
2b:95:ae:7f:9d:8b:ab:dd:b5:f1:5b:91:22:67:00:
aa:89:9f:09:fa:e1:6a:1b:5e:60:96:16:0a:4f:12:
32:bb:3b:69:52:71:88:a8:a8:b9:d3:83:01:2e:92:
d1:54:97:50:89:da:fc:19:99:2b:53:03:4d:24:ab:
6e:b6:9b:e6:4a:65:6f:68:30:3c:97:fa:76:b2:21:
1f:b0:9c:2e:7a:79:41:ce:76:a3:93:ce:af:c6:41:
d8:0f:41:9e:2d:6b:1d:f7:d2:34:d9:f7:ee:c8:18:
75:7b:47:d1:ad:22:c1:b5:1c:2f:de:f9:68:30:e4:
1c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:18:83:85:19:EF:C6:62:98:5F:6C:F6:56:28:63:0A:3B:6D:8A:A9
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/EBiDhRnvxmKYX2z2VihjCjttiqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.28.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:3a:6d:72:d0:54:9b:ab:9e:9a:7f:0b:c7:bb:78:76:4d:db:
91:09:d6:81:9e:85:c1:00:41:7a:c4:6b:c9:66:fe:d6:6e:d2:
8f:31:69:53:09:09:9c:37:2e:de:b8:09:7b:ef:1a:a5:ba:23:
fe:22:bb:f3:97:4d:f9:24:e3:2f:71:65:91:23:75:3a:e4:16:
64:f8:ff:ba:89:68:46:b8:93:f3:32:79:ce:c9:10:d6:3e:11:
8a:db:a3:be:99:89:13:5a:ba:52:35:9d:c4:cc:41:1e:b3:93:
1c:ac:14:d3:40:3c:93:e3:8c:67:4a:23:1b:c6:e9:10:07:35:
10:07:d5:0b:bc:3b:9c:fb:25:e9:97:25:2a:23:ec:9d:47:6f:
2f:1a:6d:d3:65:95:56:02:5e:b2:12:d2:0a:56:5d:60:f3:f3:
4b:22:c7:63:be:e0:8b:40:fa:82:5f:e3:66:2b:68:28:53:e0:
4a:0c:29:7b:34:78:4c:7c:ff:4c:d7:fa:cc:0a:80:81:93:e8:
46:f2:ce:05:90:81:76:bf:8d:37:13:85:26:cc:a0:01:5b:2d:
1d:2d:59:93:34:db:34:36:54:de:d2:c4:c5:d2:cf:ae:8f:11:
6e:cc:60:bd:15:81:86:e0:3d:8e:dd:4e:8b:e5:9b:26:06:e2:
25:41:95:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6k0QPE/IDUYo+5f3/dYdRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjQwNDAzMTYzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDE4ODM4NTE5ZWZjNjYyOTg1ZjZjZjY1NjI4NjMwYTNiNmQ4YWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ToWMAraMYr96dSdBaqh4AFIvQll
AfKDvUczu4gQkHSjPtk2NQM4T1a44pKrQJCOLp9OosUKVIm7LYxzjQqS7mE8kaqP
/j/LlxMaRgINVO+XiwGEgAmjxNWpT+qIVNTpc+GdBYSiZ0bH9DzyjqmVNffpz4aS
CiAwFkcAi/7S34vSloVMexQrla5/nYur3bXxW5EiZwCqiZ8J+uFqG15glhYKTxIy
uztpUnGIqKi504MBLpLRVJdQidr8GZkrUwNNJKtutpvmSmVvaDA8l/p2siEfsJwu
enlBznajk86vxkHYD0GeLWsd99I02ffuyBh1e0fRrSLBtRwv3vloMOQcUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBAYg4UZ78ZimF9s9lYoYwo7bYqpMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvRUJpRGhSbnZ4bUtZWDJ6MlZpaGpDanR0aXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuckcMA0G
CSqGSIb3DQEBCwUAA4IBAQCkOm1y0FSbq56afwvHu3h2TduRCdaBnoXBAEF6xGvJ
Zv7WbtKPMWlTCQmcNy7euAl77xqluiP+Irvzl035JOMvcWWRI3U65BZk+P+6iWhG
uJPzMnnOyRDWPhGK26O+mYkTWrpSNZ3EzEEes5McrBTTQDyT44xnSiMbxukQBzUQ
B9ULvDuc+yXplyUqI+ydR28vGm3TZZVWAl6yEtIKVl1g8/NLIsdjvuCLQPqCX+Nm
K2goU+BKDCl7NHhMfP9M1/rMCoCBk+hG8s4FkIF2v403E4UmzKABWy0dLVmTNNs0
NlTe0sTF0s+ujxFuzGC9FYGG4D2O3U6L5ZsmBuIlQZW3
-----END CERTIFICATE-----
Generated at Tue Apr 9 17:28:24 2024 by rpki-client on console-fra.rpki-client.org