Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/sMxI6VstwfZbQMrEoqUgkxH2TAw.roa
File: sMxI6VstwfZbQMrEoqUgkxH2TAw.roa (raw, json)
Hash identifier: gHXRhpMCYNS7ijCXs5juBrdJ8HCD/CEne5jjbBtWz38=
Subject key identifier: B0:CC:48:E9:5B:2D:C1:F6:5B:40:CA:C4:A2:A5:20:93:11:F6:4C:0C
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0189930246C037627F9FD46E172DCA85FAF7
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/sMxI6VstwfZbQMrEoqUgkxH2TAw.roa
Signing time: Wed 26 Jul 2023 16:22:27 +0000
ROA not before: Wed 26 Jul 2023 16:22:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.230.145.0/24 maxlen: 24
185.230.144.0/22 maxlen: 22
185.230.144.0/24 maxlen: 24
185.160.231.0/24 maxlen: 24
185.160.230.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.228.0/24 maxlen: 24
185.160.228.0/22 maxlen: 22
185.232.132.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:93:02:46:c0:37:62:7f:9f:d4:6e:17:2d:ca:85:fa:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jul 26 16:22:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0cc48e95b2dc1f65b40cac4a2a5209311f64c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c3:86:bb:24:36:66:63:5d:d3:d1:9e:91:b0:
05:ea:f1:0a:46:c5:55:19:a7:13:b1:49:98:8f:8b:
8e:33:27:ca:84:38:7e:ad:02:48:ba:ad:fe:36:2c:
d0:08:90:a3:35:6e:69:b8:ed:ef:9f:77:1b:9b:57:
cd:05:70:49:38:26:a0:14:62:37:5c:1f:cc:55:fc:
f7:aa:5b:d2:c5:bc:33:eb:33:96:87:d9:0e:ec:28:
39:17:c6:55:78:9e:95:43:3e:f4:44:4a:2a:e3:e8:
c8:65:e2:29:b0:74:21:fb:5e:c0:2c:35:55:cd:85:
78:8e:31:18:e6:f4:d7:36:e9:90:c7:97:80:9e:87:
47:d2:20:7d:09:ea:9e:a1:b5:52:92:f0:52:77:25:
8d:c0:48:af:c3:06:05:d5:64:53:4e:6c:9b:b5:27:
88:c4:ec:1b:be:10:2e:e9:f2:15:3f:70:18:ee:49:
ed:04:91:f3:16:b4:22:02:74:0a:7a:4d:bb:2c:95:
8e:6a:b2:6e:02:e0:b7:65:f6:83:8a:4e:af:a9:f2:
2c:4b:d8:bd:a0:b1:21:06:27:91:1a:f1:94:db:af:
19:d1:26:e5:fb:2f:b9:d8:0c:c4:f1:9b:17:22:ad:
ac:bb:bd:84:be:f6:df:15:6b:8a:6d:6d:51:0e:8a:
2a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:CC:48:E9:5B:2D:C1:F6:5B:40:CA:C4:A2:A5:20:93:11:F6:4C:0C
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/sMxI6VstwfZbQMrEoqUgkxH2TAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/22
185.230.144.0/22
185.232.132.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:64:7e:58:fe:d8:7d:2f:ba:19:28:24:79:ce:31:12:e3:00:
fe:22:88:f1:87:1b:bf:ba:07:da:8e:20:70:f0:a4:51:02:f8:
3f:22:64:4f:61:ec:e6:92:59:c3:a3:0e:b4:1a:7a:dd:29:0f:
f0:7f:e6:b6:20:44:82:d8:d2:78:a8:25:9c:ad:e4:91:37:26:
4f:a5:3c:db:a9:2b:22:1f:e3:de:e5:d8:9c:63:5f:21:a6:3d:
30:12:e6:d2:7b:cc:9c:34:be:0b:9b:00:a2:f0:86:19:54:ef:
82:4d:3f:9a:f2:76:df:11:bc:5b:03:4c:77:54:52:74:02:04:
4e:45:22:04:51:1c:cb:a4:4b:6f:0f:5f:db:e0:d7:6f:aa:0c:
93:77:bd:7b:e6:4d:e8:ef:8e:34:0d:4b:32:bf:2c:49:4b:bb:
1d:b0:e0:6c:d7:42:e2:73:65:b8:ad:2e:5a:21:68:1d:96:ac:
ca:bb:08:7a:f6:0c:9e:26:c8:f1:8a:ba:0e:27:d8:bc:31:69:
f4:af:c5:09:d6:1c:d9:a8:2f:b1:40:d3:66:07:b2:a0:45:b6:
5d:8a:f2:b2:35:78:c0:22:44:b0:65:23:27:27:4b:45:86:12:
0e:b3:87:df:51:0e:c0:38:38:85:e7:83:99:26:36:7b:ab:72:
dd:96:38:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmTAkbAN2J/n9RuFy3Khfr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwNzI2MTYyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGNjNDhlOTViMmRjMWY2NWI0MGNhYzRhMmE1MjA5MzExZjY0YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMOGuyQ2ZmNd09GekbAF6vEKRsVV
GacTsUmYj4uOMyfKhDh+rQJIuq3+NizQCJCjNW5puO3vn3cbm1fNBXBJOCagFGI3
XB/MVfz3qlvSxbwz6zOWh9kO7Cg5F8ZVeJ6VQz70REoq4+jIZeIpsHQh+17ALDVV
zYV4jjEY5vTXNumQx5eAnodH0iB9CeqeobVSkvBSdyWNwEivwwYF1WRTTmybtSeI
xOwbvhAu6fIVP3AY7kntBJHzFrQiAnQKek27LJWOarJuAuC3ZfaDik6vqfIsS9i9
oLEhBieRGvGU268Z0Sbl+y+52AzE8ZsXIq2su72EvvbfFWuKbW1RDooqTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLDMSOlbLcH2W0DKxKKlIJMR9kwMMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvc014STZWc3R3ZlpiUU1yRW9xVWdreEgyVEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuaDkAwQC
ueaQAwQCueiEMA0GCSqGSIb3DQEBCwUAA4IBAQBPZH5Y/th9L7oZKCR5zjES4wD+
Iojxhxu/ugfajiBw8KRRAvg/ImRPYezmklnDow60GnrdKQ/wf+a2IESC2NJ4qCWc
reSRNyZPpTzbqSsiH+Pe5dicY18hpj0wEubSe8ycNL4LmwCi8IYZVO+CTT+a8nbf
EbxbA0x3VFJ0AgRORSIEURzLpEtvD1/b4NdvqgyTd7175k3o7440DUsyvyxJS7sd
sOBs10Lic2W4rS5aIWgdlqzKuwh69gyeJsjxiroOJ9i8MWn0r8UJ1hzZqC+xQNNm
B7KgRbZdivKyNXjAIkSwZSMnJ0tFhhIOs4ffUQ7AODiF54OZJjZ7q3Ldljg4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org