Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/W6et163s4fNcEKIABbgK6Mn0Jlc.roa
File: W6et163s4fNcEKIABbgK6Mn0Jlc.roa (raw, json)
Hash identifier: U7zaFK7qm9HUIkrqxBUcrz0LVSy2VoDHWhxHWdbjUg4=
Subject key identifier: 5B:A7:AD:D7:AD:EC:E1:F3:5C:10:A2:00:05:B8:0A:E8:C9:F4:26:57
Certificate issuer: /CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Certificate serial: 02F35CE3
Authority key identifier: 9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/W6et163s4fNcEKIABbgK6Mn0Jlc.roa
Signing time: Sat 01 Jan 2022 00:53:43 +0000
ROA not before: Sat 01 Jan 2022 00:53:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209078
IP address blocks: 185.210.138.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49503459 (0x2f35ce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Validity
Not Before: Jan 1 00:53:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ba7add7adece1f35c10a20005b80ae8c9f42657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f5:59:74:23:4f:98:78:61:d8:45:80:ff:ae:
7d:93:73:0a:a7:c4:ed:00:da:df:d9:1c:11:97:dd:
d9:8f:8f:8c:80:3a:5b:d0:09:60:cc:51:6c:58:05:
19:70:c4:a8:de:11:0e:9c:5f:1f:2c:9a:bc:7c:77:
a4:5b:e0:4a:b9:53:d4:3f:10:8c:1e:d8:95:3c:00:
3c:2e:3f:da:ad:d2:66:f2:9a:dc:23:51:51:b4:e3:
f6:bb:60:be:e8:73:a6:20:8c:1a:38:a6:ce:35:da:
cd:76:d5:bd:34:26:9a:70:3a:3e:d4:4f:cf:22:86:
39:3d:4c:fa:39:46:ee:e6:5a:a7:35:1f:dc:2b:9f:
37:97:4b:18:b6:b1:ce:66:11:55:d9:4a:20:84:13:
79:fb:ec:12:72:5b:7d:79:fa:af:07:60:e2:e6:a6:
e4:0d:8f:1e:e7:0c:7f:56:33:b8:3d:08:fe:06:06:
75:91:2e:47:8b:4b:f9:18:d5:93:d4:c4:f4:6b:3c:
a6:89:cd:4b:db:4a:78:28:3e:54:a4:7f:bc:e5:ec:
e6:70:dd:85:94:59:0c:5d:5a:cc:1d:f8:e8:e6:1f:
d5:6c:a0:1f:59:21:ea:7a:60:b6:66:04:86:27:a2:
a4:3e:44:cf:0f:36:31:ef:e2:4e:18:87:2e:98:57:
85:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A7:AD:D7:AD:EC:E1:F3:5C:10:A2:00:05:B8:0A:E8:C9:F4:26:57
X509v3 Authority Key Identifier:
keyid:9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/W6et163s4fNcEKIABbgK6Mn0Jlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/mgTNzcEVnDHu2yTMesiyYrdWInw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.138.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:62:b2:4d:db:d2:c2:57:0f:fd:2b:2d:fb:91:e1:5b:7b:99:
ac:25:34:b8:2e:6b:44:7c:37:6f:68:8f:6d:e0:ab:70:7e:70:
79:59:79:6c:2d:d6:45:15:07:b2:0d:73:26:4f:4a:87:0f:52:
4c:03:76:89:66:bd:7f:c0:d3:65:da:0a:d2:3e:60:d0:bc:df:
5d:48:e7:d3:c4:23:55:92:d9:f3:14:64:9d:dc:81:66:39:ee:
96:52:f3:61:49:76:fb:c6:b1:d9:62:c8:ca:45:3e:7e:46:92:
ca:17:8b:95:61:5a:db:fd:aa:bd:a8:4f:1b:25:9b:7d:54:3c:
73:a1:64:b5:ba:18:fe:c9:7b:d6:72:34:b9:a2:97:fb:c7:e7:
42:c3:62:30:f9:3b:d3:9d:a4:05:b6:45:94:5f:a0:8d:6a:02:
1a:4b:86:d7:e2:01:c7:8d:60:bc:16:b1:e5:77:b3:d2:a4:68:
ca:6d:80:3f:82:60:49:c9:97:88:e2:d5:2d:32:51:5b:54:64:
83:ee:49:40:5f:c6:89:82:7f:31:2f:15:56:e8:a5:20:e2:8d:
49:13:02:be:09:3a:57:b0:ed:35:59:97:50:08:04:b7:53:ba:
0c:10:16:aa:13:c5:4b:4d:8f:7a:03:57:68:e0:5e:b9:56:16:
a8:ba:d3:6b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAvNc4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTA0Y2RjZGMxMTU5YzMxZWVkYjI0Y2M3YWM4YjI2MmI3NTYyMjdjMB4XDTIyMDEw
MTAwNTM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWJhN2FkZDdhZGVj
ZTFmMzVjMTBhMjAwMDViODBhZThjOWY0MjY1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN31WXQjT5h4YdhFgP+ufZNzCqfE7QDa39kcEZfd2Y+PjIA6
W9AJYMxRbFgFGXDEqN4RDpxfHyyavHx3pFvgSrlT1D8QjB7YlTwAPC4/2q3SZvKa
3CNRUbTj9rtgvuhzpiCMGjimzjXazXbVvTQmmnA6PtRPzyKGOT1M+jlG7uZapzUf
3CufN5dLGLaxzmYRVdlKIIQTefvsEnJbfXn6rwdg4uam5A2PHucMf1YzuD0I/gYG
dZEuR4tL+RjVk9TE9Gs8ponNS9tKeCg+VKR/vOXs5nDdhZRZDF1azB346OYf1Wyg
H1kh6npgtmYEhieipD5Ezw82Me/iThiHLphXhSkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRbp63Xrezh81wQogAFuAroyfQmVzAfBgNVHSMEGDAWgBSaBM3NwRWcMe7b
JMx6yLJit1YifDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21nVE56Y0VWbkRIdTJ5VE1lc2l5WXJkV0ludy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvNjJlNDNiLTIyOGEtNGU4NS04MzRjLTQ0YzE2NjAxNDYxMi8x
L1c2ZXQxNjNzNGZOY0VLSUFCYmdLNk1uMEpsYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
NjJlNDNiLTIyOGEtNGU4NS04MzRjLTQ0YzE2NjAxNDYxMi8xL21nVE56Y0VWbkRI
dTJ5VE1lc2l5WXJkV0ludy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnSijANBgkqhkiG9w0BAQsFAAOC
AQEAXGKyTdvSwlcP/Sst+5HhW3uZrCU0uC5rRHw3b2iPbeCrcH5weVl5bC3WRRUH
sg1zJk9Khw9STAN2iWa9f8DTZdoK0j5g0LzfXUjn08QjVZLZ8xRkndyBZjnullLz
YUl2+8ax2WLIykU+fkaSyheLlWFa2/2qvahPGyWbfVQ8c6FktboY/sl71nI0uaKX
+8fnQsNiMPk7052kBbZFlF+gjWoCGkuG1+IBx41gvBax5Xez0qRoym2AP4JgScmX
iOLVLTJRW1Rkg+5JQF/GiYJ/MS8VVuilIOKNSRMCvgk6V7DtNVmXUAgEt1O6DBAW
qhPFS02PegNXaOBeuVYWqLrTaw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:12 2023 by rpki-client on console-fra.rpki-client.org