Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/oJyDPPCMsAxATI0Q_ZVM8vBL1HQ.roa
File: oJyDPPCMsAxATI0Q_ZVM8vBL1HQ.roa (raw, json)
Hash identifier: WUdKTFGbJQ3+etCCdYblh1OfcrGdQ4/DgnEWqqLLvbo=
Subject key identifier: A0:9C:83:3C:F0:8C:B0:0C:40:4C:8D:10:FD:95:4C:F2:F0:4B:D4:74
Certificate issuer: /CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Certificate serial: 02F29AB8
Authority key identifier: 9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/oJyDPPCMsAxATI0Q_ZVM8vBL1HQ.roa
Signing time: Sat 01 Jan 2022 00:53:42 +0000
ROA not before: Sat 01 Jan 2022 00:53:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201971
IP address blocks: 185.210.136.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49453752 (0x2f29ab8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Validity
Not Before: Jan 1 00:53:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a09c833cf08cb00c404c8d10fd954cf2f04bd474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c9:73:5b:6e:7d:3b:6b:eb:82:d4:b8:ee:3c:
24:64:49:db:79:bf:aa:a5:bb:b5:8b:ec:66:e4:dc:
39:5c:63:5f:1c:5e:12:2c:d4:fc:d9:51:59:a9:fb:
df:d3:ee:1e:31:04:3e:0e:1d:75:42:46:dc:52:38:
37:57:4a:01:22:73:1d:7e:58:c0:6c:51:ed:8d:db:
a1:f7:83:e3:2a:2d:5f:ce:48:b4:e7:4a:51:b5:be:
4e:13:e3:8c:0e:08:f5:84:c9:a6:12:f6:fd:28:34:
70:71:e6:20:6c:e3:63:9f:8b:f9:af:88:59:30:28:
a9:7d:b8:43:4f:5b:1c:4c:b0:34:45:b1:66:4a:61:
78:14:7a:73:29:a3:42:bc:b3:9c:73:87:8d:7e:30:
27:fb:ee:eb:c0:05:ac:ec:15:00:e3:a6:63:fd:77:
98:74:bb:13:2e:7d:b9:df:b6:ef:10:16:dd:a7:b5:
5d:06:81:b0:fa:7d:92:0a:ed:f7:7e:bf:9f:c1:f0:
1e:27:89:64:9b:c7:28:d5:d2:d0:1e:89:3a:fc:6d:
3c:5f:7e:db:02:f4:38:52:e0:2b:ea:b7:d6:cf:5b:
90:6b:0a:1e:50:22:06:da:70:11:03:59:bd:06:22:
b6:d1:aa:0f:a0:aa:73:80:aa:6e:cd:9a:fe:73:eb:
ce:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9C:83:3C:F0:8C:B0:0C:40:4C:8D:10:FD:95:4C:F2:F0:4B:D4:74
X509v3 Authority Key Identifier:
keyid:9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/oJyDPPCMsAxATI0Q_ZVM8vBL1HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/mgTNzcEVnDHu2yTMesiyYrdWInw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.136.0/24
Signature Algorithm: sha256WithRSAEncryption
28:25:0a:e8:83:2c:38:c1:cc:62:6b:58:c9:ab:9e:2a:27:d1:
16:bc:54:d2:9d:7a:c2:f9:cf:51:9d:35:b1:77:8d:e7:99:a7:
c9:70:9a:a3:55:54:87:20:7c:44:5c:2f:5f:88:1c:c9:ac:40:
d1:da:5a:e0:d5:43:0f:f3:ed:93:cb:16:a0:84:ac:ff:f3:7a:
61:b0:c2:d2:e7:57:41:a2:51:d9:e2:b3:ef:cf:83:01:4d:bb:
91:8e:cd:08:79:45:df:e5:d6:08:64:8e:a4:d4:4c:4a:a7:ab:
1d:b7:32:07:8e:9a:b6:77:0c:dc:cc:94:cb:5d:99:c7:17:b1:
dd:e9:07:27:98:26:ba:64:77:c6:c2:69:ea:d6:66:6a:4c:f2:
3c:b5:b0:c5:8e:28:11:1f:9b:26:c2:29:f6:4f:3d:2a:5d:70:
3d:28:f5:19:c8:6a:84:bc:f1:57:6c:9d:5c:4d:ea:a7:93:a9:
9d:b8:13:44:7e:67:bb:aa:1b:69:5d:02:73:33:63:52:a8:22:
31:89:8b:40:89:7c:08:63:c9:cf:7a:2c:e4:4b:9d:92:d7:62:
08:46:15:7e:ae:80:07:6a:9c:7f:3e:fe:20:f4:3e:99:dc:43:
8e:81:20:b7:67:a0:96:b2:9a:49:4e:1b:ad:58:f1:38:27:d0:
cb:b3:0f:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAvKauDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTA0Y2RjZGMxMTU5YzMxZWVkYjI0Y2M3YWM4YjI2MmI3NTYyMjdjMB4XDTIyMDEw
MTAwNTM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA5YzgzM2NmMDhj
YjAwYzQwNGM4ZDEwZmQ5NTRjZjJmMDRiZDQ3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDJc1tufTtr64LUuO48JGRJ23m/qqW7tYvsZuTcOVxjXxxe
EizU/NlRWan739PuHjEEPg4ddUJG3FI4N1dKASJzHX5YwGxR7Y3bofeD4yotX85I
tOdKUbW+ThPjjA4I9YTJphL2/Sg0cHHmIGzjY5+L+a+IWTAoqX24Q09bHEywNEWx
ZkpheBR6cymjQryznHOHjX4wJ/vu68AFrOwVAOOmY/13mHS7Ey59ud+27xAW3ae1
XQaBsPp9kgrt936/n8HwHieJZJvHKNXS0B6JOvxtPF9+2wL0OFLgK+q31s9bkGsK
HlAiBtpwEQNZvQYittGqD6Cqc4Cqbs2a/nPrzpsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgnIM88IywDEBMjRD9lUzy8EvUdDAfBgNVHSMEGDAWgBSaBM3NwRWcMe7b
JMx6yLJit1YifDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21nVE56Y0VWbkRIdTJ5VE1lc2l5WXJkV0ludy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvNjJlNDNiLTIyOGEtNGU4NS04MzRjLTQ0YzE2NjAxNDYxMi8x
L29KeURQUENNc0F4QVRJMFFfWlZNOHZCTDFIUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
NjJlNDNiLTIyOGEtNGU4NS04MzRjLTQ0YzE2NjAxNDYxMi8xL21nVE56Y0VWbkRI
dTJ5VE1lc2l5WXJkV0ludy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnSiDANBgkqhkiG9w0BAQsFAAOC
AQEAKCUK6IMsOMHMYmtYyaueKifRFrxU0p16wvnPUZ01sXeN55mnyXCao1VUhyB8
RFwvX4gcyaxA0dpa4NVDD/Ptk8sWoISs//N6YbDC0udXQaJR2eKz78+DAU27kY7N
CHlF3+XWCGSOpNRMSqerHbcyB46atncM3MyUy12Zxxex3ekHJ5gmumR3xsJp6tZm
akzyPLWwxY4oER+bJsIp9k89Kl1wPSj1GchqhLzxV2ydXE3qp5OpnbgTRH5nu6ob
aV0CczNjUqgiMYmLQIl8CGPJz3os5EudktdiCEYVfq6AB2qcfz7+IPQ+mdxDjoEg
t2eglrKaSU4brVjxOCfQy7MPSA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:12 2023 by rpki-client on console-fra.rpki-client.org