Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/RF1cV22wWMJPIM7eoB-LrA06Xsc.roa
File: RF1cV22wWMJPIM7eoB-LrA06Xsc.roa (raw, json)
Hash identifier: gcjUCIbzOvb+i0rpWduK4kumhsp56+XC1xr8sCDRVxo=
Subject key identifier: 44:5D:5C:57:6D:B0:58:C2:4F:20:CE:DE:A0:1F:8B:AC:0D:3A:5E:C7
Certificate issuer: /CN=9d75cf6c6019f059e465e4deb204cd242bd4b465
Certificate serial: 0190F861E95928B1B3D7AE39C291F246FBED
Authority key identifier: 9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/RF1cV22wWMJPIM7eoB-LrA06Xsc.roa
Signing time: Sun 28 Jul 2024 08:08:04 +0000
ROA not before: Sun 28 Jul 2024 08:08:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 185.110.216.0/23 maxlen: 23
185.110.218.0/24 maxlen: 24
185.110.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f8:61:e9:59:28:b1:b3:d7:ae:39:c2:91:f2:46:fb:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d75cf6c6019f059e465e4deb204cd242bd4b465
Validity
Not Before: Jul 28 08:08:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=445d5c576db058c24f20cedea01f8bac0d3a5ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:38:52:56:d2:8a:87:f2:e5:72:59:57:1d:6f:
19:c0:45:89:07:37:c3:39:af:a0:d5:49:29:3f:de:
4e:ef:a0:d9:19:08:cd:21:8d:f6:ec:0e:b8:a1:9e:
18:00:b3:89:b4:18:12:95:53:77:c9:ff:fc:a4:9f:
a0:26:ae:22:47:b4:23:99:f0:49:a8:df:22:4f:72:
b1:d6:19:53:de:a4:96:60:56:33:8c:2d:62:e6:59:
7c:ff:6b:74:04:21:47:39:df:32:80:fe:44:fb:f8:
89:af:79:c8:c0:ab:7c:3c:96:d3:a1:9a:09:f8:13:
50:32:13:52:9e:1f:ed:cd:b0:46:f8:ba:d9:91:3c:
fa:e5:15:62:50:d7:51:d3:fd:1e:1c:66:90:91:11:
9d:84:cd:60:b0:cf:2d:47:9e:6c:b2:f9:69:21:1a:
be:13:04:ed:19:90:25:ce:a9:36:fe:38:ac:08:d4:
95:b5:1f:89:a8:f9:40:35:bb:5c:ab:8e:f2:9f:ef:
4a:5a:57:5c:c7:3b:02:31:e2:d2:05:8b:94:50:cf:
44:b0:8a:00:87:8b:67:07:27:fe:f2:36:a4:08:e1:
4b:24:c2:fd:14:98:83:df:e3:78:7f:45:0b:5f:e6:
2f:02:b3:64:0d:a4:f0:ac:32:91:55:7a:8d:2a:53:
22:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:5D:5C:57:6D:B0:58:C2:4F:20:CE:DE:A0:1F:8B:AC:0D:3A:5E:C7
X509v3 Authority Key Identifier:
keyid:9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/RF1cV22wWMJPIM7eoB-LrA06Xsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.216.0/22
Signature Algorithm: sha256WithRSAEncryption
37:df:c0:20:18:b5:f3:37:a8:92:4e:a6:b9:fa:bf:68:02:09:
ca:f0:72:4c:27:d9:c3:26:37:dd:e6:b3:1c:9d:ce:58:8c:31:
e6:55:cc:77:e6:4e:2e:ff:d6:fb:7c:e7:e1:aa:34:82:d3:5f:
20:25:bb:cb:7f:ba:a4:55:8c:97:29:2c:c8:fa:03:6e:7e:92:
18:8b:e7:66:f3:08:ea:b6:e2:a6:4f:e2:a0:90:8e:83:f6:d5:
9d:83:37:3d:20:97:c3:fc:36:d7:25:17:85:d6:e0:b9:ab:29:
98:5e:a1:15:52:01:ef:da:c3:ba:c0:11:93:ea:c8:cf:60:70:
b9:24:50:08:20:17:86:e7:a6:2f:65:98:46:91:92:56:c5:c0:
c2:2f:57:08:19:c9:87:3b:29:f9:88:70:b7:2a:51:44:c8:c7:
60:b6:7d:31:3d:f0:a3:4e:56:b1:d4:02:dd:a3:7e:d3:3f:80:
d7:e3:eb:53:10:a6:04:4a:9b:48:bf:6b:3f:f9:a0:54:6a:9c:
62:c6:6c:5d:be:09:43:1d:72:d9:93:5e:73:8f:8d:97:29:b4:
aa:d2:22:8e:1a:29:21:cf:af:14:46:fa:48:cc:76:1e:71:64:
a4:19:c4:c0:66:5d:67:fb:72:32:7e:ba:19:b6:d7:60:2c:8c:
56:8b:88:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZD4YelZKLGz1645wpHyRvvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNzVjZjZjNjAxOWYwNTllNDY1ZTRkZWIyMDRjZDI0MmJk
NGI0NjUwHhcNMjQwNzI4MDgwODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDVkNWM1NzZkYjA1OGMyNGYyMGNlZGVhMDFmOGJhYzBkM2E1ZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxThSVtKKh/LlcllXHW8ZwEWJBzfD
Oa+g1UkpP95O76DZGQjNIY327A64oZ4YALOJtBgSlVN3yf/8pJ+gJq4iR7QjmfBJ
qN8iT3Kx1hlT3qSWYFYzjC1i5ll8/2t0BCFHOd8ygP5E+/iJr3nIwKt8PJbToZoJ
+BNQMhNSnh/tzbBG+LrZkTz65RViUNdR0/0eHGaQkRGdhM1gsM8tR55ssvlpIRq+
EwTtGZAlzqk2/jisCNSVtR+JqPlANbtcq47yn+9KWldcxzsCMeLSBYuUUM9EsIoA
h4tnByf+8jakCOFLJML9FJiD3+N4f0ULX+YvArNkDaTwrDKRVXqNKlMiVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERdXFdtsFjCTyDO3qAfi6wNOl7HMB8GA1UdIwQY
MBaAFJ11z2xgGfBZ5GXk3rIEzSQr1LRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEt
NzZiMWFlNjJmMDcyLzEvUkYxY1YyMndXTUpQSU03ZW9CLUxyQTA2WHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEtNzZiMWFlNjJmMDcy
LzEvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW7YMA0G
CSqGSIb3DQEBCwUAA4IBAQA338AgGLXzN6iSTqa5+r9oAgnK8HJMJ9nDJjfd5rMc
nc5YjDHmVcx35k4u/9b7fOfhqjSC018gJbvLf7qkVYyXKSzI+gNufpIYi+dm8wjq
tuKmT+KgkI6D9tWdgzc9IJfD/DbXJReF1uC5qymYXqEVUgHv2sO6wBGT6sjPYHC5
JFAIIBeG56YvZZhGkZJWxcDCL1cIGcmHOyn5iHC3KlFEyMdgtn0xPfCjTlax1ALd
o37TP4DX4+tTEKYESptIv2s/+aBUapxixmxdvglDHXLZk15zj42XKbSq0iKOGikh
z68URvpIzHYecWSkGcTAZl1n+3IyfroZttdgLIxWi4gA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:39 2025 by rpki-client