Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/obO8v0Mxq6H9H2VmuYqg9eksnQE.roa
File: obO8v0Mxq6H9H2VmuYqg9eksnQE.roa (raw, json)
Hash identifier: SLmiXItSIiT7hmRh4VWwlkYGNwiwqNoHFgNTvDTuPDU=
Subject key identifier: A1:B3:BC:BF:43:31:AB:A1:FD:1F:65:66:B9:8A:A0:F5:E9:2C:9D:01
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 018CC72577F0B87BBBEB72D7AA83B6A3F1A1
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/obO8v0Mxq6H9H2VmuYqg9eksnQE.roa
Signing time: Mon 01 Jan 2024 22:29:30 +0000
ROA not before: Mon 01 Jan 2024 22:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213399
IP address blocks: 185.224.93.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:77:f0:b8:7b:bb:eb:72:d7:aa:83:b6:a3:f1:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 1 22:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1b3bcbf4331aba1fd1f6566b98aa0f5e92c9d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6d:60:40:c6:64:b4:2e:70:94:30:4f:9a:c1:
4a:39:64:87:8e:25:f3:19:2a:05:07:65:08:37:70:
f4:60:e6:bf:da:c7:30:14:fb:68:0b:3e:12:ac:48:
b0:32:8a:2a:77:25:bf:3c:16:5b:5a:ab:98:22:58:
e3:9e:9e:04:0c:be:c0:ef:10:4b:9d:6b:51:4d:92:
4d:9a:39:59:a9:a3:98:31:de:cb:f7:e8:c4:17:7b:
e7:5c:62:f6:ef:8d:be:db:2d:31:69:b4:26:99:6d:
47:ae:f8:10:ba:1d:bb:f8:8d:5c:28:6c:e0:c9:9e:
4a:f4:f0:ec:b4:5d:0f:79:bb:64:4d:20:eb:49:58:
6b:2d:e0:39:86:2f:1e:51:88:62:94:51:4b:5c:25:
ab:c5:74:d1:1b:1e:c9:9f:9f:89:c5:72:e4:02:6d:
84:f2:4c:a4:24:71:72:61:99:37:da:1c:91:67:c0:
ed:be:7e:41:4b:c4:45:50:31:1f:4d:37:63:38:68:
7f:39:c9:eb:47:90:4d:c1:b0:0c:f6:9d:2a:28:01:
31:4d:60:5d:9f:e9:d2:9b:41:15:23:a0:ae:13:45:
33:1e:93:74:c4:4b:1e:3f:b3:bb:56:ab:38:a6:e5:
06:ed:9c:17:41:c7:25:5f:8d:79:d4:0d:0c:71:b7:
a4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B3:BC:BF:43:31:AB:A1:FD:1F:65:66:B9:8A:A0:F5:E9:2C:9D:01
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/obO8v0Mxq6H9H2VmuYqg9eksnQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.93.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:7a:3c:54:2b:68:ab:96:5a:1d:3f:3f:cf:a3:51:3a:bc:71:
32:10:36:a2:41:b1:1b:12:f2:6d:dd:f8:ec:b6:22:27:ae:d0:
77:21:fc:04:7d:3f:21:5e:4f:7e:86:01:53:23:1b:66:dc:82:
d4:d8:ee:ed:a1:f4:7d:fe:e5:c5:bb:e6:86:c1:10:74:f3:59:
81:59:9e:d7:f8:02:94:39:e1:37:34:14:1b:37:6b:a9:85:c2:
81:19:8a:b7:04:79:3d:58:1e:38:fc:77:ed:18:c9:b2:36:ac:
07:86:c2:06:e2:c4:8f:f5:5b:f3:2d:c6:d1:c9:70:e5:c5:f5:
c3:1e:f0:39:7f:1a:ec:08:19:2b:bb:d2:89:a4:b3:a3:d2:0f:
f3:a2:6a:07:fe:a2:6b:14:96:aa:55:24:07:a6:dc:86:47:62:
23:18:cd:97:47:ea:d7:b4:00:59:d3:c7:d3:87:1a:40:cc:87:
ea:51:98:72:44:53:5f:07:ee:84:c2:c1:96:8e:25:69:86:c2:
c4:b7:e1:81:d1:a2:39:b6:78:49:46:ba:25:7c:2e:86:f1:c2:
cd:52:70:aa:47:1c:c7:76:0c:51:52:6a:e2:ec:79:9b:7e:58:
d2:ae:85:9f:9f:80:fd:fe:0c:aa:74:79:2f:49:08:c5:ee:c8:
2b:34:43:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJXfwuHu763LXqoO2o/GhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjQwMTAxMjIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWIzYmNiZjQzMzFhYmExZmQxZjY1NjZiOThhYTBmNWU5MmM5ZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm1gQMZktC5wlDBPmsFKOWSHjiXz
GSoFB2UIN3D0YOa/2scwFPtoCz4SrEiwMooqdyW/PBZbWquYIljjnp4EDL7A7xBL
nWtRTZJNmjlZqaOYMd7L9+jEF3vnXGL2742+2y0xabQmmW1HrvgQuh27+I1cKGzg
yZ5K9PDstF0PebtkTSDrSVhrLeA5hi8eUYhilFFLXCWrxXTRGx7Jn5+JxXLkAm2E
8kykJHFyYZk32hyRZ8Dtvn5BS8RFUDEfTTdjOGh/OcnrR5BNwbAM9p0qKAExTWBd
n+nSm0EVI6CuE0UzHpN0xEseP7O7Vqs4puUG7ZwXQcclX4151A0McbekgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGzvL9DMauh/R9lZrmKoPXpLJ0BMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvb2JPOHYwTXhxNkg5SDJWbXVZcWc5ZWtzblFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueBdMA0G
CSqGSIb3DQEBCwUAA4IBAQB8ejxUK2irllodPz/Po1E6vHEyEDaiQbEbEvJt3fjs
tiInrtB3IfwEfT8hXk9+hgFTIxtm3ILU2O7tofR9/uXFu+aGwRB081mBWZ7X+AKU
OeE3NBQbN2uphcKBGYq3BHk9WB44/HftGMmyNqwHhsIG4sSP9VvzLcbRyXDlxfXD
HvA5fxrsCBkru9KJpLOj0g/zomoH/qJrFJaqVSQHptyGR2IjGM2XR+rXtABZ08fT
hxpAzIfqUZhyRFNfB+6EwsGWjiVphsLEt+GB0aI5tnhJRrolfC6G8cLNUnCqRxzH
dgxRUmri7HmbfljSroWfn4D9/gyqdHkvSQjF7sgrNENi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org