Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/X4KtlGCOTU5uaPk3ISdvY-yDcRA.roa
File: X4KtlGCOTU5uaPk3ISdvY-yDcRA.roa (raw, json)
Hash identifier: NUb6EnJSz4xZmDZfdAoBmtfXW8Ef822zYnzvaHFWito=
Subject key identifier: 5F:82:AD:94:60:8E:4D:4E:6E:68:F9:37:21:27:6F:63:EC:83:71:10
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 0187930FD81CA3B37DD2E283C16A376B9669
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/X4KtlGCOTU5uaPk3ISdvY-yDcRA.roa
Signing time: Tue 18 Apr 2023 06:31:41 +0000
ROA not before: Tue 18 Apr 2023 06:31:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30860
IP address blocks: 185.233.185.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:0f:d8:1c:a3:b3:7d:d2:e2:83:c1:6a:37:6b:96:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Apr 18 06:31:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f82ad94608e4d4e6e68f93721276f63ec837110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4b:ee:37:53:49:b6:7c:cc:3e:d8:6f:e4:43:
d3:54:69:f2:ba:98:a7:fc:fc:e3:f5:aa:51:f1:d2:
16:bd:ee:da:23:fd:30:11:39:4e:75:f2:2a:3e:ca:
3d:2a:1f:43:e7:32:96:15:b6:ac:45:ec:cf:70:e6:
cb:8f:c3:69:01:44:a6:be:10:b4:a3:b8:b6:05:ad:
3a:ac:f3:b2:37:1c:a9:69:db:92:e9:9a:6d:f6:1f:
f6:7d:ec:16:8e:e3:20:6c:3d:82:d0:1e:4b:24:36:
20:65:68:21:72:56:d4:15:33:96:3a:6b:bd:50:4b:
77:61:1e:eb:6f:50:de:92:d8:7c:c4:06:0d:cd:59:
c0:82:73:de:e5:81:fa:7e:16:89:5e:d4:67:47:73:
57:5c:bf:b7:34:9b:45:44:b0:bd:9b:05:21:67:9a:
83:b4:fe:f4:e5:4a:01:30:5c:83:c9:39:50:79:f0:
30:97:4e:d5:d5:10:8b:89:4a:0b:20:09:35:2c:05:
81:e3:50:10:f8:3d:0b:c6:18:81:cf:e9:89:61:69:
0f:93:59:29:93:f9:d3:00:b1:cf:ef:46:88:fa:c7:
c6:47:c4:59:6e:43:39:40:ba:64:2a:4d:5d:25:1a:
69:ef:fe:ac:2f:33:54:a7:22:5e:15:75:f4:e6:fb:
6a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:82:AD:94:60:8E:4D:4E:6E:68:F9:37:21:27:6F:63:EC:83:71:10
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/X4KtlGCOTU5uaPk3ISdvY-yDcRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.185.0/24
Signature Algorithm: sha256WithRSAEncryption
83:6c:45:05:04:19:6d:e0:62:45:40:49:a6:d5:36:2b:28:6f:
79:9e:60:22:b8:61:49:81:d3:4a:f0:f1:d0:5f:52:95:2e:2a:
84:6c:c4:af:d9:a0:5f:0c:75:cd:c0:89:4e:71:9e:2f:85:7d:
b1:77:b3:97:8f:75:d4:87:c4:df:03:dc:7b:a0:36:13:b1:22:
c9:e1:10:14:0a:e4:1e:bc:e4:0c:6b:df:2b:03:9a:78:1c:ca:
db:cf:17:b1:50:48:f4:4b:64:11:2e:8c:ad:fc:85:2e:e4:fe:
fb:19:bf:70:6f:2a:f6:4d:41:56:98:b8:87:19:91:3e:93:18:
ee:2c:c4:de:38:66:01:cf:b6:0e:74:5e:37:14:a8:21:be:52:
5e:84:53:df:67:b1:b5:23:e4:ed:12:86:0e:44:7b:ed:02:e0:
4c:af:94:16:1a:d7:85:48:5d:f8:a7:ae:90:3a:2b:eb:cb:6b:
91:d9:d6:28:45:ad:86:14:f4:0d:f3:d1:f9:5b:a1:c4:87:90:
7a:a6:00:30:ca:d0:63:e5:80:4f:0d:80:42:f9:1c:fc:19:9d:
08:ad:d0:fc:56:f5:84:18:3c:50:04:eb:15:30:30:18:a2:59:
3d:f2:83:3d:97:f9:fd:7f:60:9a:cf:82:6b:a6:de:de:b7:80:
0d:7c:f8:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeTD9gco7N90uKDwWo3a5ZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwNDE4MDYzMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjgyYWQ5NDYwOGU0ZDRlNmU2OGY5MzcyMTI3NmY2M2VjODM3MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUvuN1NJtnzMPthv5EPTVGnyupin
/Pzj9apR8dIWve7aI/0wETlOdfIqPso9Kh9D5zKWFbasRezPcObLj8NpAUSmvhC0
o7i2Ba06rPOyNxypaduS6Zpt9h/2fewWjuMgbD2C0B5LJDYgZWghclbUFTOWOmu9
UEt3YR7rb1Dekth8xAYNzVnAgnPe5YH6fhaJXtRnR3NXXL+3NJtFRLC9mwUhZ5qD
tP705UoBMFyDyTlQefAwl07V1RCLiUoLIAk1LAWB41AQ+D0LxhiBz+mJYWkPk1kp
k/nTALHP70aI+sfGR8RZbkM5QLpkKk1dJRpp7/6sLzNUpyJeFXX05vtqWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+CrZRgjk1Obmj5NyEnb2Psg3EQMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvWDRLdGxHQ09UVTV1YVBrM0lTZHZZLXlEY1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuem5MA0G
CSqGSIb3DQEBCwUAA4IBAQCDbEUFBBlt4GJFQEmm1TYrKG95nmAiuGFJgdNK8PHQ
X1KVLiqEbMSv2aBfDHXNwIlOcZ4vhX2xd7OXj3XUh8TfA9x7oDYTsSLJ4RAUCuQe
vOQMa98rA5p4HMrbzxexUEj0S2QRLoyt/IUu5P77Gb9wbyr2TUFWmLiHGZE+kxju
LMTeOGYBz7YOdF43FKghvlJehFPfZ7G1I+TtEoYORHvtAuBMr5QWGteFSF34p66Q
Oivry2uR2dYoRa2GFPQN89H5W6HEh5B6pgAwytBj5YBPDYBC+Rz8GZ0IrdD8VvWE
GDxQBOsVMDAYolk98oM9l/n9f2Caz4Jrpt7et4ANfPic
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:30 2024 by rpki-client on console-fra.rpki-client.org