Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Fr17nhnbGwYik2OrxmIpdxxPvMw.roa
File: Fr17nhnbGwYik2OrxmIpdxxPvMw.roa (raw, json)
Hash identifier: 8X5Y71v8WyElaL3mbL1+gh4lLme+q5SWpHAKsT1snNw=
Subject key identifier: 16:BD:7B:9E:19:DB:1B:06:22:93:63:AB:C6:62:29:77:1C:4F:BC:CC
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 02CE1BAF
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Fr17nhnbGwYik2OrxmIpdxxPvMw.roa
Signing time: Thu 10 Mar 2022 16:42:54 +0000
ROA not before: Thu 10 Mar 2022 16:42:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 185.160.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47061935 (0x2ce1baf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Mar 10 16:42:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16bd7b9e19db1b06229363abc66229771c4fbccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:04:89:57:e2:65:93:d6:38:31:08:2a:f7:
49:ac:4b:f5:42:1d:74:33:9e:d4:3c:d5:9a:52:86:
df:23:4f:9f:f4:cc:bf:46:48:ea:bb:53:72:0a:d7:
5b:2f:ee:40:95:29:82:91:ed:2b:04:d3:e1:7f:d0:
5c:db:ed:8d:49:85:e6:94:7e:30:9a:6f:07:17:73:
bc:24:94:a4:0c:24:9d:8e:db:7e:ca:15:e6:f0:94:
0f:6d:3a:79:83:4b:a4:cb:18:da:2c:75:7c:1e:7c:
3d:9d:80:84:f7:42:6e:5b:42:08:79:f2:49:76:69:
fc:5c:c8:f0:f6:0a:06:60:0c:09:0a:f6:5d:b2:2d:
8b:f7:2e:00:73:33:ca:3e:80:71:4d:02:f4:ed:5f:
97:a7:c4:89:c6:bf:7a:fa:ca:af:8d:c2:34:0e:a5:
fe:77:38:6a:61:3f:a9:d8:42:2d:ff:28:3b:98:1b:
04:b8:6a:d5:21:8e:77:e3:dd:19:93:95:b4:f0:1a:
5c:ef:a1:4a:89:47:4e:0e:a3:59:0b:5c:5b:97:65:
53:4c:dd:ac:ec:10:3b:7e:2f:f2:f6:cb:c1:13:1a:
31:aa:36:45:df:be:ba:ab:78:03:78:0e:31:fe:01:
69:63:27:de:47:b6:67:a8:8e:25:aa:e7:3d:dc:61:
31:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:BD:7B:9E:19:DB:1B:06:22:93:63:AB:C6:62:29:77:1C:4F:BC:CC
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Fr17nhnbGwYik2OrxmIpdxxPvMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.195.0/24
Signature Algorithm: sha256WithRSAEncryption
12:82:1e:cf:a3:63:28:08:39:0e:ad:1d:a8:55:1a:1e:05:61:
0a:50:a0:1c:3d:27:74:7c:87:ac:8c:c9:83:94:91:94:93:1f:
ed:7a:1f:e8:01:c0:92:72:c2:31:19:40:41:73:35:a4:55:c3:
1c:86:3c:74:31:24:af:c1:85:36:18:cf:e0:4a:de:99:bc:fc:
ec:62:37:ad:8f:94:04:0e:32:17:9c:a5:82:4b:7b:54:23:45:
09:48:12:c9:db:9b:41:f3:5c:67:66:e7:13:b0:0f:f5:23:e1:
6e:7c:1a:91:14:fb:2c:ef:97:fb:4b:9c:5c:2d:93:76:4f:89:
02:c6:b6:31:ef:3b:bf:02:ff:56:ac:56:ae:18:c6:cb:0a:5f:
4c:26:bf:08:44:91:af:a6:c4:37:14:85:51:70:46:82:c9:ac:
0c:a3:0f:d8:7f:31:a8:2f:b2:5e:cf:04:bc:21:5a:da:25:e6:
ec:04:0c:b6:8e:e7:9c:18:9b:8d:cd:80:22:1e:f4:93:f9:be:
f3:8f:df:84:c2:d7:6e:72:39:46:98:78:e7:e6:f6:8a:41:8a:
b9:a6:3e:41:2c:cc:a7:55:06:29:ab:6c:40:06:de:bb:d4:40:
ca:43:13:e3:93:7a:46:d1:8e:fa:09:d6:23:99:5a:5e:02:ab:
9f:f8:7e:39
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAs4brzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDMx
MDE2NDI1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZiZDdiOWUxOWRi
MWIwNjIyOTM2M2FiYzY2MjI5NzcxYzRmYmNjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0mBIlX4mWT1jgxCCr3SaxL9UIddDOe1DzVmlKG3yNPn/TM
v0ZI6rtTcgrXWy/uQJUpgpHtKwTT4X/QXNvtjUmF5pR+MJpvBxdzvCSUpAwknY7b
fsoV5vCUD206eYNLpMsY2ix1fB58PZ2AhPdCbltCCHnySXZp/FzI8PYKBmAMCQr2
XbIti/cuAHMzyj6AcU0C9O1fl6fEica/evrKr43CNA6l/nc4amE/qdhCLf8oO5gb
BLhq1SGOd+PdGZOVtPAaXO+hSolHTg6jWQtcW5dlU0zdrOwQO34v8vbLwRMaMao2
Rd++uqt4A3gOMf4BaWMn3ke2Z6iOJarnPdxhMSkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQWvXueGdsbBiKTY6vGYil3HE+8zDAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L0ZyMTduaG5iR3dZaWsyT3J4bUlwZHh4UHZNdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmgwzANBgkqhkiG9w0BAQsFAAOC
AQEAEoIez6NjKAg5Dq0dqFUaHgVhClCgHD0ndHyHrIzJg5SRlJMf7Xof6AHAknLC
MRlAQXM1pFXDHIY8dDEkr8GFNhjP4Erembz87GI3rY+UBA4yF5ylgkt7VCNFCUgS
ydubQfNcZ2bnE7AP9SPhbnwakRT7LO+X+0ucXC2Tdk+JAsa2Me87vwL/VqxWrhjG
ywpfTCa/CESRr6bENxSFUXBGgsmsDKMP2H8xqC+yXs8EvCFa2iXm7AQMto7nnBib
jc2AIh70k/m+84/fhMLXbnI5Rph45+b2ikGKuaY+QSzMp1UGKatsQAbeu9RAykMT
45N6RtGO+gnWI5laXgKrn/h+OQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-ams.rpki-client.org