Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/279f5c-9163-4a28-ad48-d1ef814f5b36/1/Fy1MhPZQEGnCP-pSAn25mAdhoo8.roa
File: Fy1MhPZQEGnCP-pSAn25mAdhoo8.roa (raw, json)
Hash identifier: fcjmldse2oFqJKAm3axEvpRQOWLbvk3gt91MTcVgi4g=
Subject key identifier: 17:2D:4C:84:F6:50:10:69:C2:3F:EA:52:02:7D:B9:98:07:61:A2:8F
Certificate issuer: /CN=2271a7d618b0e4ff2d40baaa5aca66b160d43103
Certificate serial: 01859A03337F977E126DE068EB2252F12716
Authority key identifier: 22:71:A7:D6:18:B0:E4:FF:2D:40:BA:AA:5A:CA:66:B1:60:D4:31:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/InGn1hiw5P8tQLqqWspmsWDUMQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/279f5c-9163-4a28-ad48-d1ef814f5b36/1/Fy1MhPZQEGnCP-pSAn25mAdhoo8.roa
Signing time: Tue 10 Jan 2023 04:49:39 +0000
ROA not before: Tue 10 Jan 2023 04:49:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 185.254.241.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:03:33:7f:97:7e:12:6d:e0:68:eb:22:52:f1:27:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2271a7d618b0e4ff2d40baaa5aca66b160d43103
Validity
Not Before: Jan 10 04:49:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=172d4c84f6501069c23fea52027db9980761a28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:38:16:9f:f8:77:59:81:01:0c:43:06:35:f6:
b3:95:33:0b:25:8c:79:c9:95:f1:22:2a:29:a4:6a:
51:b8:a4:6a:e1:df:e6:3f:24:06:36:d9:1c:b7:73:
62:b9:9e:4e:be:54:78:cf:51:b6:08:d9:d9:3d:de:
ae:c5:de:42:a7:95:66:42:7e:63:6a:d3:4d:1a:7e:
4b:c5:2d:4d:18:c0:15:ce:f0:bd:84:74:86:97:cb:
a5:55:39:24:c5:8e:d1:d5:59:9d:ab:d5:8d:a4:ea:
91:82:b2:c4:3f:16:bc:ba:52:31:1d:29:1a:c2:19:
23:35:c5:66:72:82:31:08:5b:26:d0:38:da:98:d0:
9f:80:05:32:37:74:d1:8d:2d:05:48:b3:5e:09:e7:
24:c5:26:8c:c2:08:77:8d:e7:a0:b6:e1:9a:77:24:
01:a4:45:73:fe:c3:51:36:a6:63:98:9b:27:52:2c:
fc:15:da:13:10:f3:97:9d:39:07:a2:28:67:2b:18:
7b:b7:73:57:dd:f0:b2:55:e5:20:90:4a:41:2d:52:
00:02:d6:ad:42:77:93:af:3f:8d:23:3e:64:d7:f7:
85:77:9d:53:fd:30:a0:51:ec:17:9f:be:87:ea:4e:
cb:32:fa:81:d1:4a:f1:bf:37:a8:64:fc:e4:a6:06:
96:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2D:4C:84:F6:50:10:69:C2:3F:EA:52:02:7D:B9:98:07:61:A2:8F
X509v3 Authority Key Identifier:
keyid:22:71:A7:D6:18:B0:E4:FF:2D:40:BA:AA:5A:CA:66:B1:60:D4:31:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/InGn1hiw5P8tQLqqWspmsWDUMQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/279f5c-9163-4a28-ad48-d1ef814f5b36/1/Fy1MhPZQEGnCP-pSAn25mAdhoo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/279f5c-9163-4a28-ad48-d1ef814f5b36/1/InGn1hiw5P8tQLqqWspmsWDUMQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.241.0/24
Signature Algorithm: sha256WithRSAEncryption
83:8a:50:b8:9f:0d:b9:94:7a:7d:c5:b0:c1:a0:a1:a3:69:25:
d4:75:b9:06:e6:3e:7b:83:84:e5:07:e2:e8:59:b9:f6:60:a2:
30:42:89:b1:78:a0:db:d5:e2:8d:e6:aa:5b:a1:0c:2b:9e:3c:
f8:56:21:14:78:85:9c:a1:ea:0d:db:56:cc:8a:45:23:72:da:
06:60:ea:b3:49:72:d7:fc:4b:9d:9e:3b:22:96:98:3d:67:49:
43:3a:1d:53:38:74:6d:21:f9:c9:ab:43:2a:b8:8c:cf:21:09:
ed:7b:3f:c7:86:1e:20:6c:ef:7b:a8:24:7b:20:eb:ae:07:c1:
ad:8c:d8:f7:dd:03:bf:0d:b5:07:38:62:5b:cf:f6:f9:f3:18:
83:77:d2:eb:55:e5:95:40:ff:3b:e4:d6:b0:df:03:e4:68:3a:
c0:30:4c:e7:01:b1:23:89:45:54:d6:7c:6a:eb:3d:7d:b3:2d:
94:0f:13:d3:b9:ec:9a:27:db:8a:90:71:cd:fc:7c:6e:cb:4d:
50:ee:10:ba:01:6a:0a:50:26:84:92:de:dc:ae:c8:38:65:e3:
1a:e0:cd:b2:80:69:40:7a:df:5c:8f:c3:57:89:0d:46:be:bb:
5a:bb:4d:3a:68:73:c8:36:25:27:ad:cd:43:d1:35:6d:38:1d:
11:fa:72:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWaAzN/l34SbeBo6yJS8ScWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNzFhN2Q2MThiMGU0ZmYyZDQwYmFhYTVhY2E2NmIxNjBk
NDMxMDMwHhcNMjMwMTEwMDQ0OTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzJkNGM4NGY2NTAxMDY5YzIzZmVhNTIwMjdkYjk5ODA3NjFhMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjgWn/h3WYEBDEMGNfazlTMLJYx5
yZXxIioppGpRuKRq4d/mPyQGNtkct3NiuZ5OvlR4z1G2CNnZPd6uxd5Cp5VmQn5j
atNNGn5LxS1NGMAVzvC9hHSGl8ulVTkkxY7R1Vmdq9WNpOqRgrLEPxa8ulIxHSka
whkjNcVmcoIxCFsm0DjamNCfgAUyN3TRjS0FSLNeCeckxSaMwgh3jeegtuGadyQB
pEVz/sNRNqZjmJsnUiz8FdoTEPOXnTkHoihnKxh7t3NX3fCyVeUgkEpBLVIAAtat
QneTrz+NIz5k1/eFd51T/TCgUewXn76H6k7LMvqB0UrxvzeoZPzkpgaWjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBctTIT2UBBpwj/qUgJ9uZgHYaKPMB8GA1UdIwQY
MBaAFCJxp9YYsOT/LUC6qlrKZrFg1DEDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW5HbjFoaXc1UDh0UUxxcVdzcG1zV0RVTVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yNzlmNWMtOTE2My00YTI4LWFkNDgt
ZDFlZjgxNGY1YjM2LzEvRnkxTWhQWlFFR25DUC1wU0FuMjVtQWRob284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yNzlmNWMtOTE2My00YTI4LWFkNDgtZDFlZjgxNGY1YjM2
LzEvSW5HbjFoaXc1UDh0UUxxcVdzcG1zV0RVTVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf7xMA0G
CSqGSIb3DQEBCwUAA4IBAQCDilC4nw25lHp9xbDBoKGjaSXUdbkG5j57g4TlB+Lo
Wbn2YKIwQomxeKDb1eKN5qpboQwrnjz4ViEUeIWcoeoN21bMikUjctoGYOqzSXLX
/Eudnjsilpg9Z0lDOh1TOHRtIfnJq0MquIzPIQntez/Hhh4gbO97qCR7IOuuB8Gt
jNj33QO/DbUHOGJbz/b58xiDd9LrVeWVQP875Naw3wPkaDrAMEznAbEjiUVU1nxq
6z19sy2UDxPTueyaJ9uKkHHN/Hxuy01Q7hC6AWoKUCaEkt7crsg4ZeMa4M2ygGlA
et9cj8NXiQ1Gvrtau006aHPINiUnrc1D0TVtOB0R+nLC
-----END CERTIFICATE-----
Generated at Mon Aug 14 06:38:04 2023 by rpki-client on console-ams.rpki-client.org