Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/HbZ537HXAMf6GsI0tTppQ2dpnFc.roa
File: HbZ537HXAMf6GsI0tTppQ2dpnFc.roa (raw, json)
Hash identifier: 80vi64Dwbuyo7UJ3+OzDPQcc9cLEeHGkQoLTUma89dw=
Subject key identifier: 1D:B6:79:DF:B1:D7:00:C7:FA:1A:C2:34:B5:3A:69:43:67:69:9C:57
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 018D2D73AD746D39B060C85E0AC914034E3C
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/HbZ537HXAMf6GsI0tTppQ2dpnFc.roa
Signing time: Sun 21 Jan 2024 19:16:12 +0000
ROA not before: Sun 21 Jan 2024 19:16:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 185.212.112.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:73:ad:74:6d:39:b0:60:c8:5e:0a:c9:14:03:4e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Jan 21 19:16:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db679dfb1d700c7fa1ac234b53a694367699c57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6c:9f:84:d4:40:58:bf:79:c3:81:df:95:0c:
b3:2a:be:b0:a9:d6:36:9b:21:69:54:1d:16:48:d2:
ca:7d:42:13:aa:9a:2e:6a:32:15:b5:15:c1:34:c2:
46:1d:e5:80:60:3a:9f:ea:32:57:7a:3d:42:5f:08:
ce:ad:c4:8d:49:72:95:e2:90:2b:0c:1a:ed:48:6b:
2d:38:70:e6:9e:e2:fa:7a:38:ea:d2:2b:36:18:c0:
3c:a6:f5:2a:79:40:fd:de:38:66:6e:3a:2b:d7:29:
c2:3a:0c:b3:ad:91:29:b8:3d:c3:2b:cb:c5:14:89:
26:16:74:9c:69:bb:85:f3:ff:ca:fc:ed:39:ce:47:
f9:ab:8f:9c:61:db:ae:43:0d:7a:a9:82:19:c6:8f:
d7:0f:80:f3:60:e6:d6:e2:9e:45:16:a3:20:f0:eb:
bc:df:55:42:94:02:fb:1e:f1:37:c8:9e:e9:d1:b8:
65:81:c6:9d:e7:8d:1c:b5:94:1b:d3:c2:6c:48:98:
4a:c6:e4:3d:68:b8:12:ce:ca:aa:84:0c:b5:22:ea:
19:cd:21:9d:af:ed:13:de:e9:67:db:f1:bb:dc:6d:
83:e6:3c:00:0b:7d:12:ac:19:8d:6a:52:32:8d:65:
be:8c:2e:a2:4e:74:eb:bf:a2:73:77:70:81:8f:48:
cf:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B6:79:DF:B1:D7:00:C7:FA:1A:C2:34:B5:3A:69:43:67:69:9C:57
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/HbZ537HXAMf6GsI0tTppQ2dpnFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.112.0/24
193.3.18.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c1:40:05:4c:e9:06:6a:e6:e1:f3:ef:97:52:2b:ee:48:45:
71:e4:61:0e:76:6f:04:3d:3e:cf:cf:c1:13:eb:43:5c:76:01:
73:2e:0d:d0:32:bf:47:4b:79:32:31:d9:1c:7f:4e:1e:d1:02:
58:00:45:68:9b:8a:4b:5a:31:31:b0:1c:2f:cf:01:c9:af:37:
e8:6e:70:eb:95:53:ef:f0:a8:38:1f:10:f1:ad:2f:b4:ab:34:
00:1a:2c:5c:c8:9d:ef:b2:b4:ef:7b:8a:6a:92:a0:99:da:8b:
02:d6:a2:df:f9:46:55:dd:29:c7:57:ed:80:48:f0:4f:73:48:
1c:ed:91:fb:fd:92:ce:af:c1:33:52:ab:5c:09:53:1c:02:5d:
56:49:2a:3a:a3:e9:23:c9:3c:95:44:04:60:2d:f9:08:21:1f:
5d:37:d7:4c:af:05:da:d2:74:6d:df:63:1d:5c:87:40:86:74:
f1:55:60:3c:a5:14:69:d9:dd:68:b6:2d:b8:d4:ff:e3:1a:09:
db:a6:69:b9:ce:f0:5f:1a:ce:6a:70:5e:6a:62:fb:e4:3c:aa:
74:d8:53:51:fa:3a:7c:bf:19:84:e9:69:7f:7a:96:a8:51:b0:
14:dd:4c:2a:9f:68:a1:3a:96:c2:bf:a1:d9:cd:e4:d0:33:fd:
9a:9e:61:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0tc610bTmwYMheCskUA048MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQwMTIxMTkxNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGI2NzlkZmIxZDcwMGM3ZmExYWMyMzRiNTNhNjk0MzY3Njk5YzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmyfhNRAWL95w4HflQyzKr6wqdY2
myFpVB0WSNLKfUITqpouajIVtRXBNMJGHeWAYDqf6jJXej1CXwjOrcSNSXKV4pAr
DBrtSGstOHDmnuL6ejjq0is2GMA8pvUqeUD93jhmbjor1ynCOgyzrZEpuD3DK8vF
FIkmFnScabuF8//K/O05zkf5q4+cYduuQw16qYIZxo/XD4DzYObW4p5FFqMg8Ou8
31VClAL7HvE3yJ7p0bhlgcad540ctZQb08JsSJhKxuQ9aLgSzsqqhAy1IuoZzSGd
r+0T3uln2/G73G2D5jwAC30SrBmNalIyjWW+jC6iTnTrv6Jzd3CBj0jP6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB22ed+x1wDH+hrCNLU6aUNnaZxXMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvSGJaNTM3SFhBTWY2R3NJMHRUcHBRMmRwbkZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudRwAwQA
wQMSMA0GCSqGSIb3DQEBCwUAA4IBAQBewUAFTOkGaubh8++XUivuSEVx5GEOdm8E
PT7Pz8ET60NcdgFzLg3QMr9HS3kyMdkcf04e0QJYAEVom4pLWjExsBwvzwHJrzfo
bnDrlVPv8Kg4HxDxrS+0qzQAGixcyJ3vsrTve4pqkqCZ2osC1qLf+UZV3SnHV+2A
SPBPc0gc7ZH7/ZLOr8EzUqtcCVMcAl1WSSo6o+kjyTyVRARgLfkIIR9dN9dMrwXa
0nRt32MdXIdAhnTxVWA8pRRp2d1oti241P/jGgnbpmm5zvBfGs5qcF5qYvvkPKp0
2FNR+jp8vxmE6Wl/epaoUbAU3Uwqn2ihOpbCv6HZzeTQM/2anmE4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:48 2024 by rpki-client on console-fra.rpki-client.org