Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5BfPTmvwanO6UF2OPoUIkYQ6gIo.roa
File: 5BfPTmvwanO6UF2OPoUIkYQ6gIo.roa (raw, json)
Hash identifier: Opjj3fLl4Xcj/vTwdmXeTrA/kQbw6WBPU1H3Mol17Dg=
Subject key identifier: E4:17:CF:4E:6B:F0:6A:73:BA:50:5D:8E:3E:85:08:91:84:3A:80:8A
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DBDD6F2B90BF0257739765F1DE800
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5BfPTmvwanO6UF2OPoUIkYQ6gIo.roa
Signing time: Sun 01 Jan 2023 20:54:58 +0000
ROA not before: Sun 01 Jan 2023 20:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47312
IP address blocks: 85.202.85.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:bd:d6:f2:b9:0b:f0:25:77:39:76:5f:1d:e8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e417cf4e6bf06a73ba505d8e3e850891843a808a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5b:3b:a8:ef:96:f3:75:89:ab:0d:22:23:f9:
4e:a3:27:fb:9f:aa:6f:5c:3a:db:a9:e3:40:84:86:
22:d1:9a:bc:0c:07:00:e2:aa:86:a1:a9:74:ab:a9:
43:82:f2:cb:ee:82:6b:ba:9c:fe:42:e1:8f:50:3b:
7d:fc:a1:04:00:57:54:ee:fd:06:8c:78:b6:ac:fa:
1e:e6:f5:01:a3:92:b6:09:03:cd:9d:35:d4:3c:a3:
ca:ec:9e:e7:eb:f7:78:7a:0b:19:19:ac:63:26:75:
e6:e3:ca:1f:57:11:f9:47:60:96:6b:12:c9:36:f8:
2e:9a:13:3a:c3:90:90:19:7d:64:81:22:e0:9b:2f:
d4:91:76:82:4e:72:01:e6:47:47:9a:74:1e:ca:7d:
73:0f:1a:3f:83:35:a3:02:2c:c5:b5:9e:e4:36:af:
9d:67:2b:11:95:7b:1d:b9:fe:e6:91:89:42:ad:19:
08:4b:55:b1:22:ae:2a:25:d7:cd:98:5b:47:b6:97:
f9:e3:00:f5:f7:f5:6e:ab:2e:c9:71:f1:c5:a1:08:
58:9b:e8:a5:77:24:1b:8f:21:b7:58:f0:69:f9:21:
5b:a1:4c:2f:cb:c2:42:26:65:eb:78:8c:6b:d8:27:
96:08:27:aa:e8:ad:9e:33:9a:b0:df:72:1c:fc:cb:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:17:CF:4E:6B:F0:6A:73:BA:50:5D:8E:3E:85:08:91:84:3A:80:8A
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5BfPTmvwanO6UF2OPoUIkYQ6gIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.85.0/24
Signature Algorithm: sha256WithRSAEncryption
60:11:14:64:34:1d:18:1d:67:7e:25:07:ed:d5:f2:9b:4d:ca:
e3:bd:9f:78:5c:f5:be:ad:d2:c8:0c:f2:0f:77:62:a6:e0:a5:
07:ef:c4:1e:1c:13:ef:86:2f:7f:c4:45:85:15:a0:8e:7d:58:
5f:7c:dc:91:28:e4:6a:85:13:e3:5e:d8:30:d3:27:54:40:04:
16:55:62:ee:92:9e:66:45:1e:60:00:31:73:c1:9e:43:dd:02:
52:4c:3e:72:ed:7b:b5:e3:04:c1:51:75:1b:4b:b1:23:e7:3d:
5a:c9:81:1d:e1:bb:2a:2c:d2:35:68:30:71:9f:01:71:2f:39:
61:43:62:a8:d7:b3:d4:f5:51:27:b0:4a:fa:be:77:5d:3a:4d:
0e:9f:36:e8:c3:b1:4f:51:b1:a0:99:ec:79:b4:5b:6b:4b:40:
93:d0:b8:70:33:e8:d8:d2:eb:c1:fb:71:bc:3e:21:d5:2d:29:
c2:ca:b3:f1:8f:e3:df:42:b4:bb:0d:99:25:ba:05:9e:b2:fa:
ce:01:be:cd:91:03:b4:6b:7a:e7:94:19:f3:22:07:f1:47:61:
72:71:90:07:57:6b:cb:62:32:5f:e2:67:ee:97:54:54:9c:f5:
6c:44:0a:4b:db:78:9c:98:45:a7:5b:f5:40:9b:2d:79:5e:ca:
d5:f3:0b:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHb3W8rkL8CV3OXZfHegAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE3Y2Y0ZTZiZjA2YTczYmE1MDVkOGUzZTg1MDg5MTg0M2E4MDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1s7qO+W83WJqw0iI/lOoyf7n6pv
XDrbqeNAhIYi0Zq8DAcA4qqGoal0q6lDgvLL7oJrupz+QuGPUDt9/KEEAFdU7v0G
jHi2rPoe5vUBo5K2CQPNnTXUPKPK7J7n6/d4egsZGaxjJnXm48ofVxH5R2CWaxLJ
NvgumhM6w5CQGX1kgSLgmy/UkXaCTnIB5kdHmnQeyn1zDxo/gzWjAizFtZ7kNq+d
ZysRlXsduf7mkYlCrRkIS1WxIq4qJdfNmFtHtpf54wD19/Vuqy7JcfHFoQhYm+il
dyQbjyG3WPBp+SFboUwvy8JCJmXreIxr2CeWCCeq6K2eM5qw33Ic/Ms19QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQXz05r8GpzulBdjj6FCJGEOoCKMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvNUJmUFRtdndhbk82VUYyT1BvVUlrWVE2Z0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcpVMA0G
CSqGSIb3DQEBCwUAA4IBAQBgERRkNB0YHWd+JQft1fKbTcrjvZ94XPW+rdLIDPIP
d2Km4KUH78QeHBPvhi9/xEWFFaCOfVhffNyRKORqhRPjXtgw0ydUQAQWVWLukp5m
RR5gADFzwZ5D3QJSTD5y7Xu14wTBUXUbS7Ej5z1ayYEd4bsqLNI1aDBxnwFxLzlh
Q2Ko17PU9VEnsEr6vnddOk0Onzbow7FPUbGgmex5tFtrS0CT0LhwM+jY0uvB+3G8
PiHVLSnCyrPxj+PfQrS7DZklugWesvrOAb7NkQO0a3rnlBnzIgfxR2FycZAHV2vL
YjJf4mful1RUnPVsRApL23icmEWnW/VAmy15XsrV8wt+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:34 2023 by rpki-client on console-fra.rpki-client.org