Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/BaYYscyXc1Te_eFZq6gpVJGSZ0Q.roa
File: BaYYscyXc1Te_eFZq6gpVJGSZ0Q.roa (raw, json)
Hash identifier: 9/2C7b5kOZTWqFAe3AEwtvWSjhjPW8+EyiSJByZ9ScI=
Subject key identifier: 05:A6:18:B1:CC:97:73:54:DE:FD:E1:59:AB:A8:29:54:91:92:67:44
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0182C4EF560F0528F1E5B21DD4E6C2745602
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/BaYYscyXc1Te_eFZq6gpVJGSZ0Q.roa
Signing time: Mon 22 Aug 2022 09:43:15 +0000
ROA not before: Mon 22 Aug 2022 09:43:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.160.195.0/24 maxlen: 24
185.160.193.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:ef:56:0f:05:28:f1:e5:b2:1d:d4:e6:c2:74:56:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Aug 22 09:43:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05a618b1cc977354defde159aba8295491926744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:37:02:16:b2:56:c4:6b:43:a4:dc:db:65:61:
6a:55:71:4a:03:31:3c:f0:ef:55:9b:30:4d:06:47:
a6:ea:b1:07:fa:03:33:45:80:d8:59:74:cc:d7:7b:
de:cd:52:e1:79:5c:0a:11:04:51:8d:21:b7:43:86:
84:c1:91:a1:5e:88:b7:1d:66:bf:9a:e2:5f:20:87:
36:9c:97:38:2d:08:db:84:d6:d0:1c:b1:6d:57:e1:
35:98:76:88:6b:a3:46:07:8b:19:51:50:68:80:3e:
28:32:59:d6:71:52:d3:7e:f5:dd:1d:2b:5a:29:41:
54:4b:e0:12:94:c1:6d:14:29:4c:62:e4:c8:04:a9:
87:26:0d:59:0d:c2:22:c0:e9:28:1b:3f:5e:55:ec:
81:23:2d:65:49:09:76:5d:78:1f:ea:cb:27:ce:4c:
52:ee:b6:38:17:aa:ee:58:1d:14:f4:25:e3:90:87:
5d:47:66:97:d3:da:08:37:81:4b:94:12:d9:24:e4:
fb:01:1c:32:d5:49:ce:33:7c:f8:1a:c9:89:24:69:
79:64:37:18:f2:7c:22:03:fd:a2:27:19:db:86:f8:
90:9d:c6:e6:f7:e2:53:d6:45:dc:c4:c0:28:9f:af:
31:03:a4:a1:8f:72:b8:8c:7f:d2:20:ca:68:7b:1d:
fe:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A6:18:B1:CC:97:73:54:DE:FD:E1:59:AB:A8:29:54:91:92:67:44
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/BaYYscyXc1Te_eFZq6gpVJGSZ0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.193.0/24
185.160.195.0/24
Signature Algorithm: sha256WithRSAEncryption
45:0e:15:e6:d9:a9:e7:ba:0c:3f:92:c5:4e:99:36:47:03:b0:
77:f2:54:5d:b4:b5:ea:31:25:c2:be:44:4a:ff:ed:02:e0:5c:
6a:d0:34:60:dc:f1:2b:4b:3a:e2:28:38:43:aa:6f:e3:18:97:
e3:77:b5:89:b4:13:63:a3:71:cb:6c:af:4e:a4:31:fa:68:5f:
78:06:aa:44:5e:b6:8d:8f:19:6a:3d:ea:58:0e:97:20:18:2e:
bd:01:ef:c3:66:15:9c:6d:3c:9a:cf:53:c8:0d:75:98:c9:82:
d8:d8:be:26:50:9d:fe:61:35:03:73:8c:df:d6:61:f5:63:6b:
f3:85:29:0b:46:18:89:c1:50:6a:5e:3b:7a:37:68:5d:a2:31:
6d:b1:88:48:ce:22:0c:fb:a3:9a:9a:79:c0:c7:58:0d:6e:95:
4d:f0:29:10:2f:86:ed:ee:e8:d5:a1:b1:d8:17:02:e5:3d:ed:
ff:8a:7a:98:63:85:6d:ba:a8:2f:75:ae:58:48:74:96:20:87:
58:c8:80:70:19:2b:52:99:82:d1:91:f3:d2:b1:1d:9a:9d:cc:
35:3d:dc:38:76:ae:37:7d:ee:f0:a3:bd:c6:3b:eb:27:cb:5c:
f1:59:f3:d8:7d:e1:7b:0f:64:d0:c0:26:44:1d:0a:58:99:6f:
01:47:c8:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLE71YPBSjx5bId1ObCdFYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIwODIyMDk0MzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE2MThiMWNjOTc3MzU0ZGVmZGUxNTlhYmE4Mjk1NDkxOTI2NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzcCFrJWxGtDpNzbZWFqVXFKAzE8
8O9VmzBNBkem6rEH+gMzRYDYWXTM13vezVLheVwKEQRRjSG3Q4aEwZGhXoi3HWa/
muJfIIc2nJc4LQjbhNbQHLFtV+E1mHaIa6NGB4sZUVBogD4oMlnWcVLTfvXdHSta
KUFUS+ASlMFtFClMYuTIBKmHJg1ZDcIiwOkoGz9eVeyBIy1lSQl2XXgf6ssnzkxS
7rY4F6ruWB0U9CXjkIddR2aX09oIN4FLlBLZJOT7ARwy1UnOM3z4GsmJJGl5ZDcY
8nwiA/2iJxnbhviQncbm9+JT1kXcxMAon68xA6Shj3K4jH/SIMpoex3+RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAWmGLHMl3NU3v3hWauoKVSRkmdEMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvQmFZWXNjeVhjMVRlX2VGWnE2Z3BWSkdTWjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaDBAwQA
uaDDMA0GCSqGSIb3DQEBCwUAA4IBAQBFDhXm2annugw/ksVOmTZHA7B38lRdtLXq
MSXCvkRK/+0C4Fxq0DRg3PErSzriKDhDqm/jGJfjd7WJtBNjo3HLbK9OpDH6aF94
BqpEXraNjxlqPepYDpcgGC69Ae/DZhWcbTyaz1PIDXWYyYLY2L4mUJ3+YTUDc4zf
1mH1Y2vzhSkLRhiJwVBqXjt6N2hdojFtsYhIziIM+6OamnnAx1gNbpVN8CkQL4bt
7ujVobHYFwLlPe3/inqYY4Vtuqgvda5YSHSWIIdYyIBwGStSmYLRkfPSsR2ancw1
Pdw4dq43fe7wo73GO+sny1zxWfPYfeF7D2TQwCZEHQpYmW8BR8id
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-ams.rpki-client.org