Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/4GBkoma0nArRPXGxEboheMlbE4M.roa
File: 4GBkoma0nArRPXGxEboheMlbE4M.roa (raw, json)
Hash identifier: QUQt2KqIYJUHS85onn9SJmboKvXbwalhFZveewsCY80=
Subject key identifier: E0:60:64:A2:66:B4:9C:0A:D1:3D:71:B1:11:BA:21:78:C9:5B:13:83
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 04871D12
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/4GBkoma0nArRPXGxEboheMlbE4M.roa
Signing time: Fri 01 Apr 2022 11:36:47 +0000
ROA not before: Fri 01 Apr 2022 11:36:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201211
IP address blocks: 185.219.52.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75963666 (0x4871d12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Apr 1 11:36:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e06064a266b49c0ad13d71b111ba2178c95b1383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:17:43:4d:4e:5c:fa:bc:2d:20:a1:76:e5:d8:
b5:3a:5b:bc:e4:06:ef:88:bf:81:ad:e0:39:08:9a:
df:c7:c7:1b:1b:87:c9:75:ca:82:20:c3:be:2f:f6:
6e:a9:2f:26:56:0c:1e:7e:01:24:fa:2a:82:b4:8b:
6f:62:c3:51:b2:7f:d1:66:6a:46:22:e1:37:37:25:
2c:ec:28:ba:19:2d:a5:b0:53:cf:25:66:18:9b:06:
4d:a3:cb:0d:27:93:b4:54:88:e6:ce:0a:d4:ac:b5:
0b:0b:8e:55:80:5e:f0:be:ea:8d:09:29:a6:8a:e2:
22:9d:4e:f7:ff:65:38:63:eb:97:be:57:19:95:40:
3a:bc:88:1d:ed:fc:0b:72:72:25:d0:0a:2a:fe:f7:
19:fa:6f:bd:6b:17:10:e3:17:f0:1c:8f:04:3c:55:
9f:e0:13:11:a2:30:ea:cd:c9:1b:0c:90:bf:03:16:
d5:a8:f1:19:f2:e3:fd:97:c9:b1:99:f8:b3:63:59:
2b:06:5a:b6:22:89:16:92:c9:73:9d:28:2c:de:43:
37:87:20:06:b3:91:ee:51:2d:d9:f5:46:eb:e8:21:
54:ea:3b:b0:24:6f:ae:89:2c:9b:48:71:6d:d4:87:
dc:a2:cf:0d:5b:10:10:95:08:db:be:b5:71:87:d4:
bc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:60:64:A2:66:B4:9C:0A:D1:3D:71:B1:11:BA:21:78:C9:5B:13:83
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/4GBkoma0nArRPXGxEboheMlbE4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.52.0/23
Signature Algorithm: sha256WithRSAEncryption
82:0d:6e:cb:f2:b9:b7:f4:5a:2d:87:fc:02:99:29:26:1f:f4:
95:aa:2f:e6:ca:aa:b1:69:7d:9f:f4:f6:42:60:0c:a5:a1:85:
8b:93:f5:07:dd:f1:cc:3f:45:79:b0:92:0e:a1:b2:12:17:79:
66:63:cf:28:f4:1e:bd:c3:88:f5:db:bd:b5:45:c0:cb:2a:75:
95:d2:cc:33:5d:2b:5f:22:e2:55:28:28:61:fc:49:70:63:65:
c4:75:ef:63:85:59:c6:4d:ed:37:4b:b7:d6:47:e7:c0:a5:b5:
33:51:8f:22:40:f9:07:c7:51:de:2a:13:ad:e7:8f:98:72:d1:
05:75:5d:7c:c5:be:ce:c4:45:ce:ed:29:c8:2c:b3:83:62:31:
32:9e:76:0d:d0:f1:31:5d:eb:f2:09:4b:22:ca:38:a6:da:a0:
23:b6:90:9b:ee:06:98:63:bd:82:57:64:c1:9f:d0:1c:79:ed:
bf:a4:8f:15:90:fd:d7:35:c6:d2:dc:6c:8b:73:c2:72:45:ea:
50:86:7b:ba:a6:54:50:10:bc:be:92:c2:71:f8:fc:68:ee:13:
f8:b1:19:a8:0f:fe:9d:15:b9:c8:30:c2:e2:29:49:1f:c8:93:
b6:89:aa:d9:0f:02:64:22:4b:b9:18:73:75:2c:80:c4:1e:87:
c2:93:f1:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBIcdEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDQw
MTExMzY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA2MDY0YTI2NmI0
OWMwYWQxM2Q3MWIxMTFiYTIxNzhjOTViMTM4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOUXQ01OXPq8LSChduXYtTpbvOQG74i/ga3gOQia38fHGxuH
yXXKgiDDvi/2bqkvJlYMHn4BJPoqgrSLb2LDUbJ/0WZqRiLhNzclLOwouhktpbBT
zyVmGJsGTaPLDSeTtFSI5s4K1Ky1CwuOVYBe8L7qjQkpporiIp1O9/9lOGPrl75X
GZVAOryIHe38C3JyJdAKKv73GfpvvWsXEOMX8ByPBDxVn+ATEaIw6s3JGwyQvwMW
1ajxGfLj/ZfJsZn4s2NZKwZatiKJFpLJc50oLN5DN4cgBrOR7lEt2fVG6+ghVOo7
sCRvroksm0hxbdSH3KLPDVsQEJUI2761cYfUvDMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTgYGSiZrScCtE9cbERuiF4yVsTgzAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
LzRHQmtvbWEwbkFyUlBYR3hFYm9oZU1sYkU0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnbNDANBgkqhkiG9w0BAQsFAAOC
AQEAgg1uy/K5t/RaLYf8ApkpJh/0laov5sqqsWl9n/T2QmAMpaGFi5P1B93xzD9F
ebCSDqGyEhd5ZmPPKPQevcOI9du9tUXAyyp1ldLMM10rXyLiVSgoYfxJcGNlxHXv
Y4VZxk3tN0u31kfnwKW1M1GPIkD5B8dR3ioTreePmHLRBXVdfMW+zsRFzu0pyCyz
g2IxMp52DdDxMV3r8glLIso4ptqgI7aQm+4GmGO9gldkwZ/QHHntv6SPFZD91zXG
0txsi3PCckXqUIZ7uqZUUBC8vpLCcfj8aO4T+LEZqA/+nRW5yDDC4ilJH8iTtomq
2Q8CZCJLuRhzdSyAxB6HwpPxyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org