Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/EUnYPR6X8wDNk1l1VcY3ntnNvqo.roa
File: EUnYPR6X8wDNk1l1VcY3ntnNvqo.roa (raw, json)
Hash identifier: AOQak8RZC6MxZNY9n+8fl/oQHC997gSxs6MicVnjxlc=
Subject key identifier: 11:49:D8:3D:1E:97:F3:00:CD:93:59:75:55:C6:37:9E:D9:CD:BE:AA
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 01856D2F338FBFC5C9B59C9896DA11F6C4E5
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/EUnYPR6X8wDNk1l1VcY3ntnNvqo.roa
Signing time: Sun 01 Jan 2023 11:54:47 +0000
ROA not before: Sun 01 Jan 2023 11:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205570
IP address blocks: 185.160.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:33:8f:bf:c5:c9:b5:9c:98:96:da:11:f6:c4:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jan 1 11:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1149d83d1e97f300cd93597555c6379ed9cdbeaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:05:73:b2:06:e3:a0:7a:18:05:4e:b9:16:45:
50:3b:2f:c2:8f:c5:a1:5d:11:86:dd:d9:1c:1b:f0:
b5:94:1c:98:5c:45:ee:26:7b:5b:8e:5d:70:33:21:
3f:dd:4f:db:8a:38:1a:d2:66:6d:58:53:26:56:0d:
57:e1:36:2d:d7:a2:a0:f9:b2:a6:4c:a2:46:d7:cb:
5d:03:8f:08:f7:1c:d2:54:0b:b5:92:23:48:23:e9:
5b:ac:01:c6:b6:2b:57:46:f9:4f:d7:e6:bb:c5:79:
bd:bf:4d:6b:85:05:0b:a0:25:06:69:e3:7b:54:64:
2d:ec:9a:32:a6:cf:b5:54:a2:bf:04:43:a6:3c:fc:
45:4f:0b:d1:69:67:c0:c6:65:4b:82:6b:ce:16:4c:
6c:a4:51:24:38:15:19:33:56:ad:0b:e9:d5:4d:69:
71:bf:50:91:e5:e6:79:65:0b:26:28:92:fa:a6:79:
37:91:e7:1b:cc:0f:53:26:be:a9:04:ce:63:c3:f1:
f1:1a:4f:01:9b:ab:c0:83:c0:bd:a4:92:75:8a:7b:
ea:a5:ff:d6:8d:a8:64:78:88:d3:ee:f2:b9:5c:9b:
30:3f:8f:36:34:43:fb:73:e4:8f:8b:b1:95:7a:7d:
1c:d8:12:79:17:dc:1f:b0:35:a3:ee:a2:f6:59:d2:
43:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:49:D8:3D:1E:97:F3:00:CD:93:59:75:55:C6:37:9E:D9:CD:BE:AA
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/EUnYPR6X8wDNk1l1VcY3ntnNvqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.195.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:19:71:00:ef:21:6b:b8:81:fc:1f:94:f5:c2:ea:9e:0d:d7:
67:2c:e8:16:f4:f6:ea:23:f8:c6:61:82:e5:61:f3:cf:38:e2:
7c:92:35:fd:27:4d:16:d8:e1:13:6f:39:2d:8a:03:12:59:62:
43:73:57:43:84:40:e0:68:32:ee:29:e7:b7:d2:79:da:7a:ff:
6c:68:ca:0f:9d:49:2a:6a:bd:5e:d3:84:93:e3:ee:39:df:4c:
78:05:71:07:52:6a:9c:ba:b3:ec:37:33:d8:9e:4f:e6:4b:64:
fc:ac:8d:2d:45:5d:8b:c3:96:86:4e:f8:65:3a:57:d2:50:7f:
1e:33:2c:cf:80:36:b4:34:da:33:4f:c1:9c:87:63:88:cb:93:
1f:8b:29:5a:74:8c:0f:ba:d9:9e:3a:fa:2f:d5:2f:f9:6a:c3:
f9:9f:65:c7:eb:32:fd:f2:c2:71:f2:be:d3:8b:e1:da:36:08:
7c:9a:65:2f:f3:90:56:6f:71:3c:59:b3:c1:08:61:e0:1d:d3:
db:15:7b:3f:15:f6:29:86:da:5a:91:31:e3:f5:c1:07:0f:2a:
dd:57:f7:21:23:40:4e:f2:d1:38:14:ba:a0:c6:bd:d0:67:d7:
54:c0:13:ce:4e:05:5d:d9:fb:2d:c6:cc:31:e5:01:96:d7:a8:
27:41:e4:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLzOPv8XJtZyYltoR9sTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMTAxMTE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTQ5ZDgzZDFlOTdmMzAwY2Q5MzU5NzU1NWM2Mzc5ZWQ5Y2RiZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAVzsgbjoHoYBU65FkVQOy/Cj8Wh
XRGG3dkcG/C1lByYXEXuJntbjl1wMyE/3U/bijga0mZtWFMmVg1X4TYt16Kg+bKm
TKJG18tdA48I9xzSVAu1kiNII+lbrAHGtitXRvlP1+a7xXm9v01rhQULoCUGaeN7
VGQt7Joyps+1VKK/BEOmPPxFTwvRaWfAxmVLgmvOFkxspFEkOBUZM1atC+nVTWlx
v1CR5eZ5ZQsmKJL6pnk3kecbzA9TJr6pBM5jw/HxGk8Bm6vAg8C9pJJ1invqpf/W
jahkeIjT7vK5XJswP482NEP7c+SPi7GVen0c2BJ5F9wfsDWj7qL2WdJDGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBFJ2D0el/MAzZNZdVXGN57Zzb6qMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvRVVuWVBSNlg4d0ROazFsMVZjWTNudG5OdnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaDDMA0G
CSqGSIb3DQEBCwUAA4IBAQAPGXEA7yFruIH8H5T1wuqeDddnLOgW9PbqI/jGYYLl
YfPPOOJ8kjX9J00W2OETbzktigMSWWJDc1dDhEDgaDLuKee30nnaev9saMoPnUkq
ar1e04ST4+4530x4BXEHUmqcurPsNzPYnk/mS2T8rI0tRV2Lw5aGTvhlOlfSUH8e
MyzPgDa0NNozT8Gch2OIy5MfiyladIwPutmeOvov1S/5asP5n2XH6zL98sJx8r7T
i+HaNgh8mmUv85BWb3E8WbPBCGHgHdPbFXs/FfYphtpakTHj9cEHDyrdV/chI0BO
8tE4FLqgxr3QZ9dUwBPOTgVd2fstxswx5QGW16gnQeRY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:22 2023 by rpki-client on console-fra.rpki-client.org