Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/9bd098-3820-47ce-8674-7a80ed621781/1/y_zgLa5-ZHYeGJuKX6Ia7eT3yRQ.roa
File: y_zgLa5-ZHYeGJuKX6Ia7eT3yRQ.roa (raw, json)
Hash identifier: mYPeZSNrhxdWSPEFfPX/bt8b6ZynPu9w2TQTZaQ0D7M=
Subject key identifier: CB:FC:E0:2D:AE:7E:64:76:1E:18:9B:8A:5F:A2:1A:ED:E4:F7:C9:14
Certificate issuer: /CN=1924008415ca185b8eddedc2dcdd8d09441a7794
Certificate serial: 01856F14E1570DB921CDEC097B27F6968760
Authority key identifier: 19:24:00:84:15:CA:18:5B:8E:DD:ED:C2:DC:DD:8D:09:44:1A:77:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GSQAhBXKGFuO3e3C3N2NCUQad5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/9bd098-3820-47ce-8674-7a80ed621781/1/y_zgLa5-ZHYeGJuKX6Ia7eT3yRQ.roa
Signing time: Sun 01 Jan 2023 20:45:17 +0000
ROA not before: Sun 01 Jan 2023 20:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5607
IP address blocks: 185.110.178.0/23 maxlen: 23
2a06:5900::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e1:57:0d:b9:21:cd:ec:09:7b:27:f6:96:87:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1924008415ca185b8eddedc2dcdd8d09441a7794
Validity
Not Before: Jan 1 20:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbfce02dae7e64761e189b8a5fa21aede4f7c914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e1:84:f8:2b:38:f9:58:5c:fa:03:a7:9e:09:
93:e9:ea:2e:dc:db:f7:67:2b:4d:9a:b1:10:6b:2a:
73:84:aa:dd:28:bc:53:38:66:5b:ed:20:92:39:3a:
08:6a:93:31:29:d4:63:8b:d7:42:b3:c3:5f:91:94:
56:29:2b:6c:9b:a4:53:72:5d:db:c3:11:97:75:d2:
da:0d:1f:e3:7b:30:07:21:2d:d1:36:4e:cc:a9:1e:
7e:1e:a9:29:a9:20:9a:ac:af:7f:ab:ce:50:4a:4d:
c2:28:ed:1d:78:d2:7e:6a:cb:08:c9:e9:19:a0:fa:
b2:af:27:3a:c0:dc:38:67:f2:07:4d:96:ee:e7:24:
b2:34:26:f2:0b:35:d3:89:a7:ff:b5:37:d5:44:c1:
0f:55:b7:64:e0:ab:15:54:75:c9:75:98:07:d6:e9:
ad:15:3c:89:9a:3a:6d:c2:72:ad:7d:26:4b:2c:82:
8d:84:ff:6b:a8:fd:dd:ba:31:e8:8c:9e:08:1f:ce:
20:bf:11:b9:38:1d:c8:ec:29:22:89:9a:2a:81:05:
1b:9c:6d:30:02:04:09:a7:70:b0:86:d5:25:f8:20:
ae:33:83:d9:5b:72:18:42:62:8c:c8:2e:73:79:3b:
ca:85:13:06:c8:41:6b:e4:10:93:5e:52:b4:1c:1e:
ad:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FC:E0:2D:AE:7E:64:76:1E:18:9B:8A:5F:A2:1A:ED:E4:F7:C9:14
X509v3 Authority Key Identifier:
keyid:19:24:00:84:15:CA:18:5B:8E:DD:ED:C2:DC:DD:8D:09:44:1A:77:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GSQAhBXKGFuO3e3C3N2NCUQad5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9bd098-3820-47ce-8674-7a80ed621781/1/y_zgLa5-ZHYeGJuKX6Ia7eT3yRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9bd098-3820-47ce-8674-7a80ed621781/1/GSQAhBXKGFuO3e3C3N2NCUQad5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.178.0/23
IPv6:
2a06:5900::/29
Signature Algorithm: sha256WithRSAEncryption
38:e9:72:01:06:ea:52:a4:87:46:9c:d3:f0:cb:65:70:17:2c:
20:fd:4f:f2:5b:a0:4b:ed:55:03:c8:58:bd:06:e7:80:a5:36:
3a:1f:f7:0d:da:da:cb:b3:af:97:5e:3a:fc:5d:d0:95:f4:6c:
13:45:5c:ce:65:86:50:a7:35:c4:48:1a:0e:1a:80:7f:db:36:
23:f8:e2:73:fe:b4:b1:d8:98:16:57:ad:de:c1:39:b2:a3:e9:
6d:01:d2:16:bc:a6:21:cc:e9:bc:7b:0e:74:b2:bb:cb:7e:51:
e3:9d:a2:88:d6:26:03:9f:1f:2d:6c:9b:b4:df:f1:4d:ad:af:
80:14:23:20:3e:49:90:f2:b2:c0:43:27:23:79:6e:28:0c:35:
87:6a:46:49:3b:80:a0:b5:93:f4:10:82:5b:1c:21:e2:99:45:
8c:d9:cd:e1:d9:5d:1c:e9:65:09:2e:da:c9:a4:58:00:de:e7:
9c:a6:fa:df:a4:63:d6:a0:73:f6:94:75:58:74:39:d5:5c:f3:
36:26:a1:21:ea:87:e0:98:69:03:6d:60:09:8a:a4:4c:a6:88:
c0:da:09:f1:7a:f1:1c:41:8d:88:95:3d:51:26:1b:71:9c:8a:
38:20:82:88:c7:35:c4:ba:04:e6:fa:c8:de:d5:d3:bc:4a:c3:
93:c6:78:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFOFXDbkhzewJeyf2lodgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MjQwMDg0MTVjYTE4NWI4ZWRkZWRjMmRjZGQ4ZDA5NDQx
YTc3OTQwHhcNMjMwMTAxMjA0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmZjZTAyZGFlN2U2NDc2MWUxODliOGE1ZmEyMWFlZGU0ZjdjOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuGE+Cs4+Vhc+gOnngmT6eou3Nv3
ZytNmrEQaypzhKrdKLxTOGZb7SCSOToIapMxKdRji9dCs8NfkZRWKStsm6RTcl3b
wxGXddLaDR/jezAHIS3RNk7MqR5+HqkpqSCarK9/q85QSk3CKO0deNJ+assIyekZ
oPqyryc6wNw4Z/IHTZbu5ySyNCbyCzXTiaf/tTfVRMEPVbdk4KsVVHXJdZgH1umt
FTyJmjptwnKtfSZLLIKNhP9rqP3dujHojJ4IH84gvxG5OB3I7CkiiZoqgQUbnG0w
AgQJp3CwhtUl+CCuM4PZW3IYQmKMyC5zeTvKhRMGyEFr5BCTXlK0HB6t4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMv84C2ufmR2Hhibil+iGu3k98kUMB8GA1UdIwQY
MBaAFBkkAIQVyhhbjt3twtzdjQlEGneUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1NRQWhCWEtHRnVPM2UzQzNOMk5DVVFhZDVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC85YmQwOTgtMzgyMC00N2NlLTg2NzQt
N2E4MGVkNjIxNzgxLzEveV96Z0xhNS1aSFllR0p1S1g2SWE3ZVQzeVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC85YmQwOTgtMzgyMC00N2NlLTg2NzQtN2E4MGVkNjIxNzgx
LzEvR1NRQWhCWEtHRnVPM2UzQzNOMk5DVVFhZDVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuW6yMA0E
AgACMAcDBQMqBlkAMA0GCSqGSIb3DQEBCwUAA4IBAQA46XIBBupSpIdGnNPwy2Vw
Fywg/U/yW6BL7VUDyFi9BueApTY6H/cN2trLs6+XXjr8XdCV9GwTRVzOZYZQpzXE
SBoOGoB/2zYj+OJz/rSx2JgWV63ewTmyo+ltAdIWvKYhzOm8ew50srvLflHjnaKI
1iYDnx8tbJu03/FNra+AFCMgPkmQ8rLAQycjeW4oDDWHakZJO4CgtZP0EIJbHCHi
mUWM2c3h2V0c6WUJLtrJpFgA3uecpvrfpGPWoHP2lHVYdDnVXPM2JqEh6ofgmGkD
bWAJiqRMpojA2gnxevEcQY2IlT1RJhtxnIo4IIKIxzXEugTm+sje1dO8SsOTxnhl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-ams.rpki-client.org