Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/A0kwvkDILTSwpyTzQyoYMEG9Xmo.roa
File: A0kwvkDILTSwpyTzQyoYMEG9Xmo.roa (raw, json)
Hash identifier: 4iWLxhz/iYtAfHwGAUxo5gI51XWRJNGY3ipC61UUOpE=
Subject key identifier: 03:49:30:BE:40:C8:2D:34:B0:A7:24:F3:43:2A:18:30:41:BD:5E:6A
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018CED3BFD3FEF8B4D2B8FAA3470A06B4C26
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/A0kwvkDILTSwpyTzQyoYMEG9Xmo.roa
Signing time: Tue 09 Jan 2024 07:59:40 +0000
ROA not before: Tue 09 Jan 2024 07:59:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205217
IP address blocks: 185.201.50.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:3b:fd:3f:ef:8b:4d:2b:8f:aa:34:70:a0:6b:4c:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 9 07:59:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=034930be40c82d34b0a724f3432a183041bd5e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:18:ff:54:aa:61:d0:2f:5c:7e:ee:d3:76:08:
a2:68:0a:03:00:fc:44:06:8d:08:9e:47:16:40:02:
d4:d0:ea:98:98:f9:da:f4:20:f8:52:44:b6:c5:70:
75:d2:8c:97:9a:73:86:97:a2:95:ec:b9:82:d6:7c:
0f:c1:1b:b2:5b:45:15:51:f7:f5:81:b0:b6:7b:b6:
37:db:50:d4:00:66:d2:5e:33:2a:aa:f2:4c:d3:2c:
0b:62:16:3d:7e:c1:b9:a6:50:1c:99:20:05:ca:80:
e9:b4:a1:56:45:ba:da:66:5a:59:cb:e5:49:25:03:
40:a4:fe:a9:64:b0:99:d0:10:2a:f7:b9:eb:6e:3e:
15:e3:cf:4a:dc:c5:eb:ff:63:32:87:8f:3e:ca:df:
af:12:2a:e4:23:18:19:37:c8:15:13:fb:1d:1e:88:
26:dd:34:7e:10:c5:27:4a:dd:dd:17:86:18:bc:85:
e4:65:fd:fb:66:7e:e4:d9:33:34:de:41:13:07:7f:
e7:37:ac:1b:20:27:0f:3a:fc:ed:5c:95:bd:d7:a2:
19:d6:d2:db:2c:47:e3:8d:32:18:64:51:a4:36:b2:
09:ff:96:af:9d:d3:6b:de:3d:2e:e8:7d:55:d1:89:
27:75:52:37:06:d1:cf:eb:9b:cf:07:b1:3b:b2:e6:
08:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:49:30:BE:40:C8:2D:34:B0:A7:24:F3:43:2A:18:30:41:BD:5E:6A
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/A0kwvkDILTSwpyTzQyoYMEG9Xmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.50.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:6f:9b:77:bf:9f:19:43:d6:54:34:4e:ce:0e:aa:6c:08:81:
9f:84:a4:f9:38:9f:a3:fb:35:73:b7:b0:b0:1c:07:fd:64:5e:
16:4b:2a:16:f5:86:42:eb:a2:21:bb:54:22:61:97:3d:7a:2f:
17:8b:09:9e:8e:4d:ef:fa:1c:cc:f6:0d:33:24:42:32:58:7f:
96:8c:03:fb:67:34:6d:c6:c3:ee:c0:9b:32:1d:84:df:e6:36:
89:33:87:86:25:e4:95:d3:58:cd:7d:25:1b:99:12:63:33:5b:
77:a1:0b:66:4d:c5:94:69:45:8e:f4:74:a0:5f:d4:18:75:79:
e4:95:1d:55:26:90:99:c9:73:32:55:da:5e:08:af:1d:a5:20:
7e:70:27:8c:28:fe:85:78:b1:7a:19:a1:28:ba:b2:69:37:4e:
3a:96:87:19:16:ff:7a:df:a2:f6:e3:46:47:68:71:c7:73:6d:
89:01:53:e2:80:19:5f:fe:4d:b3:58:1b:e0:ae:6a:4a:f7:4c:
ee:0b:5d:cc:bf:fb:fd:a1:9c:e3:0d:a0:70:54:b1:29:e7:e3:
61:4c:1b:b6:b1:cf:0c:30:b6:77:55:74:a3:65:02:2b:80:10:
9d:dd:2a:50:42:9f:95:78:b7:dd:95:4d:3b:36:ef:75:ef:c1:
cb:de:b7:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYztO/0/74tNK4+qNHCga0wmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMTA5MDc1OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQ5MzBiZTQwYzgyZDM0YjBhNzI0ZjM0MzJhMTgzMDQxYmQ1ZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRj/VKph0C9cfu7TdgiiaAoDAPxE
Bo0InkcWQALU0OqYmPna9CD4UkS2xXB10oyXmnOGl6KV7LmC1nwPwRuyW0UVUff1
gbC2e7Y321DUAGbSXjMqqvJM0ywLYhY9fsG5plAcmSAFyoDptKFWRbraZlpZy+VJ
JQNApP6pZLCZ0BAq97nrbj4V489K3MXr/2Myh48+yt+vEirkIxgZN8gVE/sdHogm
3TR+EMUnSt3dF4YYvIXkZf37Zn7k2TM03kETB3/nN6wbICcPOvztXJW916IZ1tLb
LEfjjTIYZFGkNrIJ/5avndNr3j0u6H1V0YkndVI3BtHP65vPB7E7suYINQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANJML5AyC00sKck80MqGDBBvV5qMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvQTBrd3ZrRElMVFN3cHlUelF5b1lNRUc5WG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuckyMA0G
CSqGSIb3DQEBCwUAA4IBAQCcb5t3v58ZQ9ZUNE7ODqpsCIGfhKT5OJ+j+zVzt7Cw
HAf9ZF4WSyoW9YZC66Ihu1QiYZc9ei8Xiwmejk3v+hzM9g0zJEIyWH+WjAP7ZzRt
xsPuwJsyHYTf5jaJM4eGJeSV01jNfSUbmRJjM1t3oQtmTcWUaUWO9HSgX9QYdXnk
lR1VJpCZyXMyVdpeCK8dpSB+cCeMKP6FeLF6GaEourJpN046locZFv9636L240ZH
aHHHc22JAVPigBlf/k2zWBvgrmpK90zuC13Mv/v9oZzjDaBwVLEp5+NhTBu2sc8M
MLZ3VXSjZQIrgBCd3SpQQp+VeLfdlU07Nu9178HL3rea
-----END CERTIFICATE-----
Generated at Tue May 14 15:20:43 2024 by rpki-client on console-ams.rpki-client.org