Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ac1fa9-4ec8-4016-9add-4c3be9a28d93/1/f0pQQzr-ZeQVRhVjxGei0X4XZ0w.roa
File: f0pQQzr-ZeQVRhVjxGei0X4XZ0w.roa (raw, json)
Hash identifier: 1Wep0JBYql/tK0aeAGrWJjY7kJRWBMzaFmqWVuuI5R8=
Subject key identifier: 7F:4A:50:43:3A:FE:65:E4:15:46:15:63:C4:67:A2:D1:7E:17:67:4C
Certificate issuer: /CN=7be0af45ab4e57456f5a0a40dfa84f8d80610664
Certificate serial: 16819FAE
Authority key identifier: 7B:E0:AF:45:AB:4E:57:45:6F:5A:0A:40:DF:A8:4F:8D:80:61:06:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-CvRatOV0VvWgpA36hPjYBhBmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ac1fa9-4ec8-4016-9add-4c3be9a28d93/1/f0pQQzr-ZeQVRhVjxGei0X4XZ0w.roa
Signing time: Sat 01 Jan 2022 05:04:31 +0000
ROA not before: Sat 01 Jan 2022 05:04:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206922
IP address blocks: 185.67.163.0/24 maxlen: 24
185.171.245.0/24 maxlen: 24
185.171.246.0/24 maxlen: 24
185.171.244.0/24 maxlen: 24
185.171.247.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 377593774 (0x16819fae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7be0af45ab4e57456f5a0a40dfa84f8d80610664
Validity
Not Before: Jan 1 05:04:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f4a50433afe65e415461563c467a2d17e17674c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:37:3a:bd:cf:f4:1f:27:16:94:bd:20:22:90:
30:b1:1c:9a:06:b5:34:9c:8f:ad:52:ba:2a:01:de:
d0:9b:b0:b6:00:ba:97:db:aa:e8:81:7c:77:2f:39:
df:a5:07:d4:e4:f1:07:cc:43:9b:0f:37:84:84:ff:
18:66:e2:88:15:d6:f2:94:58:6f:1a:81:c2:99:3f:
92:ec:87:83:26:f5:20:b5:a2:2b:cc:90:ca:94:38:
d9:6b:36:d1:66:8c:b7:75:74:93:9e:bc:2b:7e:7b:
8e:93:5d:df:83:97:aa:87:ba:76:c5:0f:78:d3:f8:
b1:5e:14:c6:2d:ae:5f:77:41:f5:92:a2:ce:4a:91:
42:7a:45:c7:83:ef:08:97:28:b7:df:f9:e9:e8:20:
d0:2a:2d:c1:dd:8e:4f:bb:75:e4:4e:94:84:8e:2a:
06:be:b6:70:7a:a4:98:07:c4:60:d6:fc:05:f9:18:
79:e3:ea:c1:89:18:c4:35:88:a4:b4:e1:5e:ee:41:
aa:dc:1f:e2:17:e4:81:b7:d0:1e:63:94:58:30:58:
97:9a:02:0b:70:30:ce:0b:f2:6e:05:e7:55:d7:84:
0f:92:53:18:04:49:ba:f7:70:78:50:ca:8f:b6:3a:
c3:ec:58:2a:fa:71:c1:ac:61:53:c1:6b:94:10:e6:
10:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:4A:50:43:3A:FE:65:E4:15:46:15:63:C4:67:A2:D1:7E:17:67:4C
X509v3 Authority Key Identifier:
keyid:7B:E0:AF:45:AB:4E:57:45:6F:5A:0A:40:DF:A8:4F:8D:80:61:06:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-CvRatOV0VvWgpA36hPjYBhBmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ac1fa9-4ec8-4016-9add-4c3be9a28d93/1/f0pQQzr-ZeQVRhVjxGei0X4XZ0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ac1fa9-4ec8-4016-9add-4c3be9a28d93/1/e-CvRatOV0VvWgpA36hPjYBhBmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.163.0/24
185.171.244.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:f2:7a:3c:f5:53:9c:be:75:f3:d1:c5:ab:05:f0:d5:af:8f:
3b:be:ab:4e:c4:23:3f:d9:e0:cc:92:2d:5c:9a:b9:d7:6e:7b:
57:5b:62:72:64:96:91:0c:e2:e3:66:d3:f9:0d:89:c2:3c:1a:
62:a3:2f:77:be:38:31:46:4d:d9:11:ea:5e:d4:e0:41:19:13:
41:d3:2b:ff:9e:e2:c0:b1:54:b5:2e:b8:67:46:e6:e2:7c:97:
ed:01:a3:26:24:86:af:64:ba:ad:88:a1:ff:99:52:0f:79:0c:
39:b9:e5:33:fe:3f:f8:bd:b0:b0:b1:c7:2a:e8:63:f3:61:ad:
39:6f:f5:b6:89:6d:da:61:10:ab:9d:15:3c:75:4a:a2:83:d8:
86:7a:0f:c5:a9:f4:b4:25:91:82:74:f6:cf:33:04:b5:b5:68:
e2:75:fd:f4:88:c6:6b:da:40:da:2f:9f:4e:65:ae:a1:7e:f5:
32:bf:a5:fc:f1:8f:f2:7a:cf:a0:d5:cd:5c:3d:3c:3e:3d:85:
eb:a4:9e:c6:2c:42:2a:cf:fb:b7:07:93:51:d3:b3:77:4b:16:
15:1c:b0:40:34:3a:c9:22:8e:b0:c5:1f:c6:e6:6a:37:d8:c8:
0d:12:4b:18:da:09:2b:fc:71:79:e7:8f:28:be:5c:be:16:6b:
4b:dd:2f:65
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFoGfrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmUwYWY0NWFiNGU1NzQ1NmY1YTBhNDBkZmE4NGY4ZDgwNjEwNjY0MB4XDTIyMDEw
MTA1MDQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y0YTUwNDMzYWZl
NjVlNDE1NDYxNTYzYzQ2N2EyZDE3ZTE3Njc0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMo3Or3P9B8nFpS9ICKQMLEcmga1NJyPrVK6KgHe0JuwtgC6
l9uq6IF8dy8536UH1OTxB8xDmw83hIT/GGbiiBXW8pRYbxqBwpk/kuyHgyb1ILWi
K8yQypQ42Ws20WaMt3V0k568K357jpNd34OXqoe6dsUPeNP4sV4Uxi2uX3dB9ZKi
zkqRQnpFx4PvCJcot9/56egg0Cotwd2OT7t15E6UhI4qBr62cHqkmAfEYNb8BfkY
eePqwYkYxDWIpLThXu5Bqtwf4hfkgbfQHmOUWDBYl5oCC3AwzgvybgXnVdeED5JT
GARJuvdweFDKj7Y6w+xYKvpxwaxhU8FrlBDmEFUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR/SlBDOv5l5BVGFWPEZ6LRfhdnTDAfBgNVHSMEGDAWgBR74K9Fq05XRW9a
CkDfqE+NgGEGZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2UtQ3ZSYXRPVjBWdldncEEzNmhQallCaEJtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvYWMxZmE5LTRlYzgtNDAxNi05YWRkLTRjM2JlOWEyOGQ5My8x
L2YwcFFRenItWmVRVlJoVmp4R2VpMFg0WFowdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
YWMxZmE5LTRlYzgtNDAxNi05YWRkLTRjM2JlOWEyOGQ5My8xL2UtQ3ZSYXRPVjBW
dldncEEzNmhQallCaEJtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlDowMEArmr9DANBgkqhkiG9w0B
AQsFAAOCAQEAOvJ6PPVTnL5189HFqwXw1a+PO76rTsQjP9ngzJItXJq51257V1ti
cmSWkQzi42bT+Q2JwjwaYqMvd744MUZN2RHqXtTgQRkTQdMr/57iwLFUtS64Z0bm
4nyX7QGjJiSGr2S6rYih/5lSD3kMObnlM/4/+L2wsLHHKuhj82GtOW/1tolt2mEQ
q50VPHVKooPYhnoPxan0tCWRgnT2zzMEtbVo4nX99IjGa9pA2i+fTmWuoX71Mr+l
/PGP8nrPoNXNXD08Pj2F66SexixCKs/7tweTUdOzd0sWFRywQDQ6ySKOsMUfxuZq
N9jIDRJLGNoJK/xxeeePKL5cvhZrS90vZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org