Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/BBFtrcdv4vtRjba2S5-MuSqd_MU.roa
File: BBFtrcdv4vtRjba2S5-MuSqd_MU.roa (raw, json)
Hash identifier: 2udOzL0E7Shioy+LsZyW6Yh4ed1v4RPBeZJQ6gsJwco=
Subject key identifier: 04:11:6D:AD:C7:6F:E2:FB:51:8D:B6:B6:4B:9F:8C:B9:2A:9D:FC:C5
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 9D6296
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/BBFtrcdv4vtRjba2S5-MuSqd_MU.roa
Signing time: Sat 01 Jan 2022 06:04:31 +0000
ROA not before: Sat 01 Jan 2022 06:04:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211261
IP address blocks: 185.204.201.0/24 maxlen: 24
185.204.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10314390 (0x9d6296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Jan 1 06:04:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04116dadc76fe2fb518db6b64b9f8cb92a9dfcc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:47:79:61:41:df:41:b6:8e:88:13:d8:b5:ab:
8d:5b:d0:2c:b3:2e:61:6b:c6:25:f9:3f:5f:41:87:
5d:6e:9a:7f:2b:a8:24:b1:cc:b3:13:ad:79:8d:c0:
29:6e:91:bd:ea:c1:01:e4:23:2c:6e:3b:23:d9:d6:
21:03:96:c4:0f:e5:7a:e8:db:5e:a7:08:46:89:5f:
e7:4e:56:46:08:1d:7c:a4:8f:f1:12:91:fd:3b:f1:
72:b5:77:43:f1:c2:68:0a:4f:d5:5b:83:89:b2:f2:
03:6e:92:8d:92:d9:a0:3f:f8:9b:c8:81:e4:62:64:
f2:18:26:76:6b:f2:0d:4b:1b:87:1e:21:34:bf:1b:
90:81:1b:e9:1b:fc:4a:05:ad:3f:86:5b:b8:cc:7b:
e8:17:ec:ae:cc:22:91:56:cb:1c:9e:68:00:3a:fe:
40:89:a8:b9:b5:97:40:28:80:6a:8f:b9:f5:9f:50:
3c:8f:d2:dc:08:af:57:c5:df:dd:ab:70:44:46:10:
14:a1:d4:c0:de:20:55:b4:bb:e7:76:bb:5b:68:fd:
c9:6f:01:98:34:50:dc:97:ae:ed:6c:6c:9f:8a:7f:
66:4d:15:d0:a9:39:61:ff:de:fa:8a:b5:65:73:1c:
2d:9b:ca:3f:1a:29:e0:6e:6f:80:0c:40:5c:0f:31:
80:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:11:6D:AD:C7:6F:E2:FB:51:8D:B6:B6:4B:9F:8C:B9:2A:9D:FC:C5
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/BBFtrcdv4vtRjba2S5-MuSqd_MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.200.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:2d:ef:58:7b:a3:f7:f4:5d:1a:4b:cf:40:e9:77:c3:9c:4a:
c5:10:cc:84:8c:ea:aa:aa:65:1c:64:0a:c9:ae:3e:96:aa:56:
1f:d8:83:92:c4:09:f2:88:c0:2a:dd:46:ab:f2:6b:81:2f:4f:
9e:73:46:13:9f:fa:11:1b:31:bd:14:33:7a:e5:5a:4b:e0:43:
9a:6c:be:2e:38:c1:cf:cf:a5:31:8f:fe:4e:f6:d0:92:61:de:
a4:5a:c8:08:cb:da:e3:ba:6c:be:d6:44:f5:6b:26:e1:9a:2f:
62:40:a3:0b:7a:c6:90:14:de:b5:40:99:fb:82:11:0b:f6:64:
30:92:b6:c8:cd:c5:10:c2:ba:86:93:98:3a:92:bb:00:18:f9:
82:7c:25:d7:1f:38:b1:15:4a:ab:06:fa:b8:6c:7d:7f:d2:0d:
23:44:1d:e7:9e:69:c9:36:8c:de:18:19:7a:5d:cc:e2:16:dd:
dc:44:9b:2e:c4:61:3d:1a:2c:f0:66:57:58:04:c2:17:a4:89:
e0:c9:98:12:1b:e9:82:03:7b:bf:4f:7a:a6:9d:bd:7c:5c:ad:
eb:6a:ae:9d:8f:58:43:36:ed:79:5a:bd:de:f7:f1:87:f3:0e:
09:5f:38:64:cc:67:87:69:0c:e5:e7:fc:81:ac:c3:6d:f1:e3:
29:73:3a:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJ1iljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzcwMjFkY2RmNDRiNmFmZGQzODEwNTQ3YzU1YTc5YmQxYTlmYTNiMB4XDTIyMDEw
MTA2MDQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQxMTZkYWRjNzZm
ZTJmYjUxOGRiNmI2NGI5ZjhjYjkyYTlkZmNjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhHeWFB30G2jogT2LWrjVvQLLMuYWvGJfk/X0GHXW6afyuo
JLHMsxOteY3AKW6RverBAeQjLG47I9nWIQOWxA/leujbXqcIRolf505WRggdfKSP
8RKR/TvxcrV3Q/HCaApP1VuDibLyA26SjZLZoD/4m8iB5GJk8hgmdmvyDUsbhx4h
NL8bkIEb6Rv8SgWtP4ZbuMx76BfsrswikVbLHJ5oADr+QImoubWXQCiAao+59Z9Q
PI/S3AivV8Xf3atwREYQFKHUwN4gVbS753a7W2j9yW8BmDRQ3Jeu7Wxsn4p/Zk0V
0Kk5Yf/e+oq1ZXMcLZvKPxop4G5vgAxAXA8xgH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQEEW2tx2/i+1GNtrZLn4y5Kp38xTAfBgNVHSMEGDAWgBRXcCHc30S2r904
EFR8Vaeb0an6OzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1YzQWgzTjlFdHFfZE9CQlVmRldubTlHcC1qcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMGFjMjdhLTIxNTktNDhkNy04YmZkLWM5MDdhZTFjMjExZS8x
L0JCRnRyY2R2NHZ0UmpiYTJTNS1NdVNxZF9NVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MGFjMjdhLTIxNTktNDhkNy04YmZkLWM5MDdhZTFjMjExZS8xL1YzQWgzTjlFdHFf
ZE9CQlVmRldubTlHcC1qcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnMyDANBgkqhkiG9w0BAQsFAAOC
AQEAXy3vWHuj9/RdGkvPQOl3w5xKxRDMhIzqqqplHGQKya4+lqpWH9iDksQJ8ojA
Kt1Gq/JrgS9PnnNGE5/6ERsxvRQzeuVaS+BDmmy+LjjBz8+lMY/+TvbQkmHepFrI
CMva47psvtZE9Wsm4ZovYkCjC3rGkBTetUCZ+4IRC/ZkMJK2yM3FEMK6hpOYOpK7
ABj5gnwl1x84sRVKqwb6uGx9f9INI0Qd555pyTaM3hgZel3M4hbd3ESbLsRhPRos
8GZXWATCF6SJ4MmYEhvpggN7v096pp29fFyt62qunY9YQzbteVq93vfxh/MOCV84
ZMxnh2kM5ef8gazDbfHjKXM6CQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:43 2025 by rpki-client