Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/T6j2xcZfzDFBRYeaH9A6ZYQJiOc.roa
File: T6j2xcZfzDFBRYeaH9A6ZYQJiOc.roa (raw, json)
Hash identifier: Fcf3FVyX90isd1y2sGVaHiNrYadnjOPZJmRAcELtix8=
Subject key identifier: 4F:A8:F6:C5:C6:5F:CC:31:41:45:87:9A:1F:D0:3A:65:84:09:88:E7
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018CC2DB0800EBD2A3C2BB98C476C46DE50B
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/T6j2xcZfzDFBRYeaH9A6ZYQJiOc.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204650
IP address blocks: 185.201.51.0/24 maxlen: 24
185.201.48.0/24 maxlen: 24
185.82.136.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:08:00:eb:d2:a3:c2:bb:98:c4:76:c4:6d:e5:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fa8f6c5c65fcc314145879a1fd03a65840988e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e6:f3:ff:38:04:a6:83:bf:8b:8f:31:11:37:
0d:36:21:86:55:f1:1d:06:b3:d3:3e:3b:81:19:19:
f2:98:d6:7d:15:88:76:14:08:10:f6:e7:f6:53:ac:
da:92:56:d3:b7:e8:8b:74:04:59:7f:69:47:5a:ed:
43:a8:f8:d2:8a:2e:64:29:6f:89:cb:64:e1:c8:08:
4d:1f:c7:63:b4:60:28:a4:45:64:6e:19:1a:30:c0:
f6:10:9e:fb:8a:dd:5f:7d:34:1f:79:85:21:b1:2e:
40:e3:40:6d:04:4c:06:a8:3c:6a:48:d8:bd:01:93:
b2:c1:ff:9e:2b:51:1b:0b:e4:98:07:ea:d1:71:72:
9e:04:7c:7d:ee:72:32:24:8a:f8:af:6d:54:60:8d:
bb:9a:ff:d8:c9:1b:3b:b3:f1:5b:c1:e5:9a:b2:e9:
0d:45:9f:5e:61:bc:15:ce:e8:5b:af:2a:b3:37:3c:
63:60:4c:42:91:93:23:06:79:ab:8e:9d:99:5e:54:
29:ee:6e:52:a8:ee:a9:66:7d:7d:d8:f6:32:77:cc:
c4:d2:48:ef:e8:3d:6a:f5:fc:c9:0e:bd:4e:03:86:
e7:07:1c:85:12:db:4e:2b:e1:be:54:31:4a:ec:fc:
fa:ff:9e:12:64:63:17:57:e5:14:d2:ce:dd:44:a4:
5a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A8:F6:C5:C6:5F:CC:31:41:45:87:9A:1F:D0:3A:65:84:09:88:E7
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/T6j2xcZfzDFBRYeaH9A6ZYQJiOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.136.0/22
185.201.48.0/24
185.201.51.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e0:8a:de:28:1e:34:74:f8:48:ba:77:5b:b8:b6:5d:a0:47:
36:5d:e1:ab:b7:b3:58:00:e9:06:4a:68:3c:af:56:d4:ed:f2:
24:69:40:0d:8c:a8:a5:6a:11:62:3a:45:38:a1:8a:5e:85:1f:
4f:4c:01:78:8d:ee:a0:b3:08:9f:06:52:01:1c:c6:c1:ef:72:
32:ed:af:cd:59:31:39:ac:88:08:2e:22:70:db:4d:bd:08:b3:
66:50:7e:28:23:73:39:76:2f:d4:71:96:b3:dc:1e:81:3b:80:
b3:55:76:61:73:de:4b:fa:06:c8:c3:9b:5c:4e:e7:01:cb:08:
f4:eb:9c:93:be:0c:f2:34:75:22:34:4f:37:ee:6b:dc:d0:38:
3b:e5:67:a5:51:4f:34:f6:a5:e8:48:7b:0a:e6:38:e6:93:63:
cf:13:fc:42:81:ae:82:a2:a8:e6:69:2f:31:90:ab:86:97:83:
7f:5f:94:cf:97:cd:71:d2:2e:d2:2f:65:a9:b4:c4:c8:96:ed:
60:2c:65:bc:3b:8e:98:4b:02:75:e3:c0:2c:f5:17:48:9f:aa:
61:18:53:7d:03:12:03:cf:24:61:2b:2c:5f:45:30:fc:12:e2:
18:92:b8:a0:10:98:cc:e0:be:e0:15:3d:e9:5c:08:ec:17:f7:
9b:96:11:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2wgA69KjwruYxHbEbeULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmE4ZjZjNWM2NWZjYzMxNDE0NTg3OWExZmQwM2E2NTg0MDk4OGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlObz/zgEpoO/i48xETcNNiGGVfEd
BrPTPjuBGRnymNZ9FYh2FAgQ9uf2U6zaklbTt+iLdARZf2lHWu1DqPjSii5kKW+J
y2ThyAhNH8djtGAopEVkbhkaMMD2EJ77it1ffTQfeYUhsS5A40BtBEwGqDxqSNi9
AZOywf+eK1EbC+SYB+rRcXKeBHx97nIyJIr4r21UYI27mv/YyRs7s/FbweWasukN
RZ9eYbwVzuhbryqzNzxjYExCkZMjBnmrjp2ZXlQp7m5SqO6pZn192PYyd8zE0kjv
6D1q9fzJDr1OA4bnBxyFEttOK+G+VDFK7Pz6/54SZGMXV+UU0s7dRKRaWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE+o9sXGX8wxQUWHmh/QOmWECYjnMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvVDZqMnhjWmZ6REZCUlllYUg5QTZaWVFKaU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuVKIAwQA
uckwAwQAuckzMA0GCSqGSIb3DQEBCwUAA4IBAQAr4IreKB40dPhIundbuLZdoEc2
XeGrt7NYAOkGSmg8r1bU7fIkaUANjKilahFiOkU4oYpehR9PTAF4je6gswifBlIB
HMbB73Iy7a/NWTE5rIgILiJw2029CLNmUH4oI3M5di/UcZaz3B6BO4CzVXZhc95L
+gbIw5tcTucBywj065yTvgzyNHUiNE837mvc0Dg75WelUU809qXoSHsK5jjmk2PP
E/xCga6CoqjmaS8xkKuGl4N/X5TPl81x0i7SL2WptMTIlu1gLGW8O46YSwJ148As
9RdIn6phGFN9AxIDzyRhKyxfRTD8EuIYkrigEJjM4L7gFT3pXAjsF/eblhHD
-----END CERTIFICATE-----
Generated at Tue May 14 16:18:17 2024 by rpki-client on console-fra.rpki-client.org