Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/1-vLSYjdTJTG_Almm7U8y8xl6qbo.roa
File: 1-vLSYjdTJTG_Almm7U8y8xl6qbo.roa (raw, json)
Hash identifier: TFENao+wCYDT6vSBGTKX/UAu9iI1UygMSR6QhdgDTys=
Subject key identifier: FA:F2:D2:62:37:53:25:31:BF:02:59:A6:ED:4F:32:F3:19:7A:A9:BA
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018D785691E43DB6FD48CF98F7EEB66A761E
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/1-vLSYjdTJTG_Almm7U8y8xl6qbo.roa
Signing time: Mon 05 Feb 2024 08:15:55 +0000
ROA not before: Mon 05 Feb 2024 08:15:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202423
IP address blocks: 185.142.96.0/24 maxlen: 24
185.142.97.0/24 maxlen: 24
185.142.98.0/24 maxlen: 24
194.187.123.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:56:91:e4:3d:b6:fd:48:cf:98:f7:ee:b6:6a:76:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Feb 5 08:15:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faf2d26237532531bf0259a6ed4f32f3197aa9ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:90:05:93:cb:bc:01:8a:fa:4d:5b:78:da:3d:
e9:40:ab:3c:b2:0e:92:a4:26:da:6e:45:cb:6e:88:
a0:1a:55:39:13:3f:e0:44:ba:94:ed:0b:54:2f:31:
c5:e1:f2:51:b6:2a:2d:9b:7b:97:d0:f4:23:be:65:
f7:d9:7b:11:22:9f:20:b9:08:23:45:8c:b7:6b:76:
a0:5a:91:d2:20:08:80:0e:13:f1:4d:e6:8a:3d:0c:
f7:48:ef:a2:67:f2:44:fc:c2:67:8c:84:cd:cc:c1:
e4:80:df:46:3c:67:a9:23:62:4b:b5:ea:7b:42:6b:
a1:67:d6:93:b1:2c:6e:22:7c:b8:76:bb:6c:f3:dd:
5d:93:69:30:70:1e:7e:06:ec:5d:ba:c6:63:4c:e9:
2b:e0:e4:7a:90:7c:3f:f5:9c:4e:bc:69:27:44:77:
de:c7:db:e1:97:a9:18:22:53:a5:dd:a8:ac:ee:b1:
3d:99:fa:bf:b6:ee:23:0d:9b:78:6e:cf:1c:99:a0:
a2:9f:61:f2:83:3a:3f:0c:8b:3e:b7:02:e2:a7:23:
f2:78:6a:9e:57:d9:00:53:e4:cb:6f:d6:d9:de:15:
35:8e:f3:85:08:a5:e8:28:ce:ad:66:10:23:cf:85:
5e:67:c1:a6:38:f5:39:0c:84:c9:96:84:3e:d7:92:
be:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F2:D2:62:37:53:25:31:BF:02:59:A6:ED:4F:32:F3:19:7A:A9:BA
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/1-vLSYjdTJTG_Almm7U8y8xl6qbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.96.0-185.142.98.255
194.187.123.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:94:37:1b:cb:9a:b3:45:e1:14:ad:0c:b8:12:4e:3e:17:21:
43:f5:68:f7:3c:77:f9:14:c1:58:95:32:08:e2:a9:45:e3:69:
58:9b:7f:8f:e0:b3:c3:b9:34:9c:9f:43:53:c1:72:b6:cd:45:
4d:fc:b1:f6:3e:e9:06:67:ad:f5:6c:7e:92:3f:04:e6:ca:86:
dd:04:ef:00:92:59:6b:07:fd:0b:81:0e:31:a5:db:63:39:e4:
b1:de:85:4e:a8:5e:09:d2:b3:24:f6:19:68:6b:94:ef:97:ad:
f9:fa:c4:26:20:9a:37:3f:8e:9a:fa:84:e2:c8:ff:73:ac:b6:
9e:5c:bd:4d:49:00:ed:29:9a:59:06:b2:9c:30:48:cf:b1:84:
e6:46:c9:0f:ba:23:b4:ac:a9:bb:21:34:4e:fd:86:ee:f4:05:
1e:58:1b:4f:93:0c:d6:59:99:39:52:5e:64:20:a5:b0:24:90:
9d:11:e5:85:bc:7a:0e:c9:69:fa:31:ce:06:a8:65:4a:9b:b5:
5e:1c:28:34:71:92:a4:9a:25:b2:c3:0c:47:26:e1:87:4a:1d:
56:ad:93:77:22:d8:2d:03:6e:8b:d4:19:42:8d:cc:20:1e:fe:
0b:f1:e7:3f:c6:df:8f:c1:ca:81:a3:21:34:60:a6:62:d6:31:
d0:7d:cb:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY14VpHkPbb9SM+Y9+62anYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjQwMjA1MDgxNTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWYyZDI2MjM3NTMyNTMxYmYwMjU5YTZlZDRmMzJmMzE5N2FhOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJAFk8u8AYr6TVt42j3pQKs8sg6S
pCbabkXLboigGlU5Ez/gRLqU7QtULzHF4fJRtiotm3uX0PQjvmX32XsRIp8guQgj
RYy3a3agWpHSIAiADhPxTeaKPQz3SO+iZ/JE/MJnjITNzMHkgN9GPGepI2JLtep7
QmuhZ9aTsSxuIny4drts891dk2kwcB5+BuxdusZjTOkr4OR6kHw/9ZxOvGknRHfe
x9vhl6kYIlOl3ais7rE9mfq/tu4jDZt4bs8cmaCin2Hygzo/DIs+twLipyPyeGqe
V9kAU+TLb9bZ3hU1jvOFCKXoKM6tZhAjz4VeZ8GmOPU5DITJloQ+15K+AwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPry0mI3UyUxvwJZpu1PMvMZeqm6MB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvMS12TFNZamRUSlRHX0FsbW03VTh5OHhsNnFiby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvYzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVm
NS8xL1JsNjZYQnFBLUdwRmlTZU8zWk1Fc19VV240TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQFuY5g
AwQAuY5iAwQAwrt7MA0GCSqGSIb3DQEBCwUAA4IBAQBclDcby5qzReEUrQy4Ek4+
FyFD9Wj3PHf5FMFYlTII4qlF42lYm3+P4LPDuTScn0NTwXK2zUVN/LH2PukGZ631
bH6SPwTmyobdBO8AkllrB/0LgQ4xpdtjOeSx3oVOqF4J0rMk9hloa5Tvl635+sQm
IJo3P46a+oTiyP9zrLaeXL1NSQDtKZpZBrKcMEjPsYTmRskPuiO0rKm7ITRO/Ybu
9AUeWBtPkwzWWZk5Ul5kIKWwJJCdEeWFvHoOyWn6Mc4GqGVKm7VeHCg0cZKkmiWy
wwxHJuGHSh1WrZN3ItgtA26L1BlCjcwgHv4L8ec/xt+PwcqBoyE0YKZi1jHQfct6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:30 2024 by rpki-client on console-fra.rpki-client.org