Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Nz-HF33hmB1IGUa-XiREuXHXk0Q.roa
File: Nz-HF33hmB1IGUa-XiREuXHXk0Q.roa (raw, json)
Hash identifier: +eDjz3skEN4IdNTfOpGmejNjTRJlM45NwhGcuZvEnIQ=
Subject key identifier: 37:3F:87:17:7D:E1:98:1D:48:19:46:BE:5E:24:44:B9:71:D7:93:44
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 018CC2DB4E16B9D463C70FD6B1FAD7B809C3
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Nz-HF33hmB1IGUa-XiREuXHXk0Q.roa
Signing time: Mon 01 Jan 2024 02:30:01 +0000
ROA not before: Mon 01 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208042
IP address blocks: 185.243.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:4e:16:b9:d4:63:c7:0f:d6:b1:fa:d7:b8:09:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: Jan 1 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=373f87177de1981d481946be5e2444b971d79344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ac:56:fe:9e:a1:a1:3b:4d:1a:fb:52:5e:6a:
0c:15:2e:78:48:b8:c5:37:8b:3f:58:8b:51:dd:85:
80:38:20:9c:40:68:73:b2:ba:82:ee:27:26:f0:c0:
0a:10:25:18:0a:3b:59:d4:c9:18:a6:21:cb:e0:f6:
0d:f5:99:c3:7e:b4:3f:f9:9b:c7:90:af:c7:e6:ee:
d0:49:0a:60:3f:2d:22:bf:0d:54:5f:db:a0:fe:25:
49:d2:5e:0a:97:66:5b:40:88:3c:65:f5:5f:26:74:
db:4f:e5:8f:5e:37:ad:b3:2a:bb:35:e5:5c:2d:4c:
4c:06:3a:3d:ac:14:e6:45:30:7c:76:60:98:d1:dc:
36:e5:d8:3c:ae:44:b1:c6:07:5a:db:ca:b2:82:fd:
25:4a:08:5b:07:c4:27:94:2c:ec:86:63:4c:26:46:
3e:91:8b:79:00:fc:92:62:ba:d6:57:56:53:34:86:
49:4f:0b:4f:0b:d9:dd:20:50:81:bc:78:6a:34:c0:
81:1a:79:85:9e:53:ed:60:b6:55:75:8a:31:41:e3:
af:a6:c1:e3:c3:1f:d5:a8:e7:fc:a7:09:85:13:b3:
bd:e3:3d:7b:b0:0e:3c:b2:6d:fe:6a:37:e6:2d:0a:
4d:cc:24:5f:91:b6:1a:20:9f:d6:a5:49:39:06:43:
d9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3F:87:17:7D:E1:98:1D:48:19:46:BE:5E:24:44:B9:71:D7:93:44
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Nz-HF33hmB1IGUa-XiREuXHXk0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.219.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e5:26:22:dc:5a:ca:cc:65:db:4d:d8:8b:1a:30:18:2c:13:
6b:65:26:32:da:78:ba:5c:cf:22:6a:b2:4f:8f:df:a8:88:48:
d1:45:e1:04:b2:20:fe:48:7d:4d:0b:64:ec:5e:2d:55:a2:91:
69:70:1c:d7:95:86:00:da:f7:f6:e1:b3:f4:0d:0c:6b:e8:c3:
80:6d:39:3b:f5:ff:84:21:ea:d4:bc:d1:31:11:c0:59:07:90:
f2:26:53:32:24:dd:eb:35:56:55:b5:c7:78:8d:74:a9:8d:f3:
1e:93:bf:13:e3:4b:d4:56:09:d2:19:ab:08:09:dd:f1:ba:40:
ed:c4:93:92:7b:6e:4d:28:41:27:b4:3c:b2:f3:b9:b0:f2:11:
b7:83:fc:34:73:b5:1d:ba:53:e9:ce:4a:a0:37:1f:b3:95:36:
7e:3d:8c:50:f6:a9:48:d6:95:e1:a6:08:4e:0b:d9:89:c4:83:
df:32:e6:bf:a0:a5:78:b7:ff:19:d6:e1:f8:ba:5d:79:b9:eb:
0f:4b:39:2e:db:b1:93:b9:49:f9:e2:9c:2e:0f:73:65:fb:1f:
75:50:29:e1:1c:8b:97:31:ac:7c:76:16:c6:17:53:3d:96:37:
5c:f5:90:5c:d6:86:32:96:8f:1a:25:a0:22:71:00:fa:6e:d3:
74:e8:01:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC204WudRjxw/WsfrXuAnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTIyOWUyNjZiMjU1ODg5OWYzNTQ3ZWU2M2Q4NGVkNjU5
NDc2OGIwHhcNMjQwMTAxMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNmODcxNzdkZTE5ODFkNDgxOTQ2YmU1ZTI0NDRiOTcxZDc5MzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKxW/p6hoTtNGvtSXmoMFS54SLjF
N4s/WItR3YWAOCCcQGhzsrqC7icm8MAKECUYCjtZ1MkYpiHL4PYN9ZnDfrQ/+ZvH
kK/H5u7QSQpgPy0ivw1UX9ug/iVJ0l4Kl2ZbQIg8ZfVfJnTbT+WPXjetsyq7NeVc
LUxMBjo9rBTmRTB8dmCY0dw25dg8rkSxxgda28qygv0lSghbB8QnlCzshmNMJkY+
kYt5APySYrrWV1ZTNIZJTwtPC9ndIFCBvHhqNMCBGnmFnlPtYLZVdYoxQeOvpsHj
wx/VqOf8pwmFE7O94z17sA48sm3+ajfmLQpNzCRfkbYaIJ/WpUk5BkPZawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDc/hxd94ZgdSBlGvl4kRLlx15NEMB8GA1UdIwQY
MBaAFJOiKeJmslWImfNUfuY9hO1llHaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYt
NGQ3NzdjYWNkOWE0LzEvTnotSEYzM2htQjFJR1VhLVhpUkV1WEhYazBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYtNGQ3NzdjYWNkOWE0
LzEvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufPbMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ5SYi3FrKzGXbTdiLGjAYLBNrZSYy2ni6XM8iarJP
j9+oiEjRReEEsiD+SH1NC2TsXi1VopFpcBzXlYYA2vf24bP0DQxr6MOAbTk79f+E
IerUvNExEcBZB5DyJlMyJN3rNVZVtcd4jXSpjfMek78T40vUVgnSGasICd3xukDt
xJOSe25NKEEntDyy87mw8hG3g/w0c7UdulPpzkqgNx+zlTZ+PYxQ9qlI1pXhpghO
C9mJxIPfMua/oKV4t/8Z1uH4ul15uesPSzku27GTuUn54pwuD3Nl+x91UCnhHIuX
Max8dhbGF1M9ljdc9ZBc1oYylo8aJaAicQD6btN06AF8
-----END CERTIFICATE-----
Generated at Mon Jul 8 12:53:41 2024 by rpki-client on console-fra.rpki-client.org