Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/hsNAjhyBDy-x_ZX7Exzu4T3G7-4.roa
File: hsNAjhyBDy-x_ZX7Exzu4T3G7-4.roa (raw, json)
Hash identifier: 9UTOAeSy1CyZ5DXxPcjaK1UsVDH4DDLeKC1Uuj5BtSg=
Subject key identifier: 86:C3:40:8E:1C:81:0F:2F:B1:FD:95:FB:13:1C:EE:E1:3D:C6:EF:EE
Certificate issuer: /CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Certificate serial: 01856D5D19D5845E8215FE1CC8B0295081A7
Authority key identifier: 9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/hsNAjhyBDy-x_ZX7Exzu4T3G7-4.roa
Signing time: Sun 01 Jan 2023 12:44:56 +0000
ROA not before: Sun 01 Jan 2023 12:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201971
IP address blocks: 185.210.136.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:19:d5:84:5e:82:15:fe:1c:c8:b0:29:50:81:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Validity
Not Before: Jan 1 12:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86c3408e1c810f2fb1fd95fb131ceee13dc6efee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:23:ed:a9:d6:29:96:21:f8:b5:f1:69:15:87:
60:82:14:88:8b:b9:43:37:47:0e:89:dd:75:21:49:
5b:1a:5f:8c:49:9c:a5:ae:fe:1a:32:59:2c:47:30:
22:2f:d1:66:56:8e:e5:80:b0:a4:06:20:72:37:ea:
d3:93:9c:e8:8d:96:05:0e:94:f9:7c:9b:f1:af:ea:
a1:e6:c1:30:d6:dd:9e:3b:33:0e:44:b3:b2:7e:28:
be:24:ce:f7:29:d3:56:57:a8:f4:99:15:0f:c5:e0:
ee:70:3e:7e:9f:e4:07:7d:97:fa:96:f6:5b:af:3f:
04:d6:b1:50:c9:eb:b1:73:ec:0c:f7:e2:f1:0e:17:
2b:77:b3:0f:ae:c5:a9:d0:1e:1e:51:d4:4e:26:97:
93:80:42:c7:b3:c0:49:89:16:a9:bc:a5:52:16:b9:
94:d7:bb:c1:03:92:f1:bf:8f:e7:5d:0c:79:41:e3:
76:c4:00:c3:4d:77:1f:e1:27:ac:55:5e:29:c8:87:
5a:be:5e:bd:bc:dd:4d:42:67:c7:13:73:50:2f:68:
ff:dc:11:2d:72:42:4d:fc:13:59:4b:09:a9:4d:20:
db:9e:47:13:83:af:06:41:2c:10:5d:c9:09:c2:fe:
90:95:8f:da:77:73:b5:15:a3:44:64:a0:71:14:01:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C3:40:8E:1C:81:0F:2F:B1:FD:95:FB:13:1C:EE:E1:3D:C6:EF:EE
X509v3 Authority Key Identifier:
keyid:9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/hsNAjhyBDy-x_ZX7Exzu4T3G7-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/mgTNzcEVnDHu2yTMesiyYrdWInw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.136.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:f8:11:d2:1d:e5:db:c1:e5:07:7c:94:1c:ff:a6:1d:b7:a2:
a5:e6:b6:c3:7e:63:0a:1c:f3:87:f1:e0:93:40:ba:ce:6a:62:
a1:08:cd:2c:18:3e:f0:18:65:e5:e4:c8:31:b6:bb:8a:b1:d6:
1c:37:d2:f1:a2:3e:bf:39:e6:f8:27:f4:f0:92:df:a4:04:6f:
13:b4:c9:cc:16:c6:91:4b:70:28:eb:87:d5:da:e0:40:f3:4d:
64:91:e5:cc:d9:5d:4b:80:4b:65:3d:86:8e:74:1a:a3:3a:bc:
f6:be:1d:f9:9d:2c:74:fb:03:ac:c0:d8:8b:d8:ca:be:97:e4:
2e:b8:f0:ae:32:24:91:d9:1f:97:34:44:f5:87:45:a5:15:39:
99:20:c2:97:7a:3c:47:d3:37:4d:3b:b6:14:bc:6c:ac:3c:3d:
f1:4b:d8:a8:72:e2:a5:c8:13:ea:7f:57:5e:74:a2:6d:c6:cf:
01:14:04:d1:aa:39:50:a5:83:b4:fa:28:5f:e9:b5:b7:1d:57:
6f:89:f6:84:0c:04:e6:76:c7:54:57:fe:ad:63:fc:60:f7:79:
51:96:74:38:7f:9f:e1:f9:0e:95:ee:06:65:47:e3:11:37:da:
2f:4a:e8:41:34:da:87:93:93:5a:e2:18:a2:82:20:99:33:93:
41:39:1d:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXRnVhF6CFf4cyLApUIGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMDRjZGNkYzExNTljMzFlZWRiMjRjYzdhYzhiMjYyYjc1
NjIyN2MwHhcNMjMwMTAxMTI0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmMzNDA4ZTFjODEwZjJmYjFmZDk1ZmIxMzFjZWVlMTNkYzZlZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CPtqdYpliH4tfFpFYdgghSIi7lD
N0cOid11IUlbGl+MSZylrv4aMlksRzAiL9FmVo7lgLCkBiByN+rTk5zojZYFDpT5
fJvxr+qh5sEw1t2eOzMORLOyfii+JM73KdNWV6j0mRUPxeDucD5+n+QHfZf6lvZb
rz8E1rFQyeuxc+wM9+LxDhcrd7MPrsWp0B4eUdROJpeTgELHs8BJiRapvKVSFrmU
17vBA5Lxv4/nXQx5QeN2xADDTXcf4SesVV4pyIdavl69vN1NQmfHE3NQL2j/3BEt
ckJN/BNZSwmpTSDbnkcTg68GQSwQXckJwv6QlY/ad3O1FaNEZKBxFAFDfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbDQI4cgQ8vsf2V+xMc7uE9xu/uMB8GA1UdIwQY
MBaAFJoEzc3BFZwx7tskzHrIsmK3ViJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWdUTnpjRVZuREh1MnlUTWVzaXlZcmRXSW53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MmU0M2ItMjI4YS00ZTg1LTgzNGMt
NDRjMTY2MDE0NjEyLzEvaHNOQWpoeUJEeS14X1pYN0V4enU0VDNHNy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MmU0M2ItMjI4YS00ZTg1LTgzNGMtNDRjMTY2MDE0NjEy
LzEvbWdUTnpjRVZuREh1MnlUTWVzaXlZcmRXSW53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKIMA0G
CSqGSIb3DQEBCwUAA4IBAQCp+BHSHeXbweUHfJQc/6Ydt6Kl5rbDfmMKHPOH8eCT
QLrOamKhCM0sGD7wGGXl5MgxtruKsdYcN9Lxoj6/Oeb4J/Twkt+kBG8TtMnMFsaR
S3Ao64fV2uBA801kkeXM2V1LgEtlPYaOdBqjOrz2vh35nSx0+wOswNiL2Mq+l+Qu
uPCuMiSR2R+XNET1h0WlFTmZIMKXejxH0zdNO7YUvGysPD3xS9iocuKlyBPqf1de
dKJtxs8BFATRqjlQpYO0+ihf6bW3HVdvifaEDATmdsdUV/6tY/xg93lRlnQ4f5/h
+Q6V7gZlR+MRN9ovSuhBNNqHk5Na4hiigiCZM5NBOR1m
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:12 2023 by rpki-client on console-fra.rpki-client.org