Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/_YoODRxNeDuiewLlEXKdlLbDK74.roa
File: _YoODRxNeDuiewLlEXKdlLbDK74.roa (raw, json)
Hash identifier: eQhogRuB87uJAhAFUE2lKsRvbION+tJzhVNijn8sGjA=
Subject key identifier: FD:8A:0E:0D:1C:4D:78:3B:A2:7B:02:E5:11:72:9D:94:B6:C3:2B:BE
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 021EDE84
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/_YoODRxNeDuiewLlEXKdlLbDK74.roa
Signing time: Sat 01 Jan 2022 10:00:00 +0000
ROA not before: Sat 01 Jan 2022 10:00:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42745
IP address blocks: 185.160.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35577476 (0x21ede84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jan 1 10:00:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd8a0e0d1c4d783ba27b02e511729d94b6c32bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ed:84:17:b6:c8:a7:c8:de:5d:83:4e:26:93:
37:5a:ad:06:ac:d9:20:51:73:e1:f8:5a:08:74:e5:
f7:35:f9:3f:70:08:b0:f0:cd:d9:c1:45:0e:68:38:
59:d2:eb:fa:d7:56:cf:ba:57:24:cd:f4:0c:cb:c2:
7a:44:06:d2:75:95:72:33:a7:69:68:41:0f:28:85:
24:7b:54:2c:ac:30:f5:0c:57:95:84:ac:43:5e:37:
e9:45:47:e8:3a:f0:d3:e0:b8:0f:b2:9e:2c:27:76:
90:7d:70:2b:79:c8:0f:81:b6:5c:4a:e2:dc:c2:ea:
90:85:95:c9:0e:34:c0:2a:c2:cd:b4:63:33:63:22:
f3:d4:4b:3b:7c:f5:e4:2e:db:0e:29:b1:17:aa:1b:
de:09:2e:3f:5b:ec:83:24:c4:cb:79:dd:c3:b2:35:
a4:40:d9:db:dd:4a:a0:e8:7c:65:81:89:2a:6c:24:
cc:10:1c:4c:42:5a:6e:41:70:31:75:e1:19:8d:de:
66:c1:8d:f6:a4:b7:a9:ac:5e:dc:90:8c:c9:29:fd:
31:48:a5:b9:fd:4d:c5:e8:f2:b8:79:2c:4c:77:e8:
ad:b0:f1:90:84:94:43:c7:a8:b1:36:be:cd:3c:d0:
9f:2d:5f:6d:b8:ef:0d:63:26:9b:d5:8a:b3:ec:35:
d9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8A:0E:0D:1C:4D:78:3B:A2:7B:02:E5:11:72:9D:94:B6:C3:2B:BE
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/_YoODRxNeDuiewLlEXKdlLbDK74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.192.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2c:19:f5:37:46:38:20:18:0e:29:f9:66:3c:4b:6e:02:83:
fe:cd:b7:56:2c:57:ae:71:4b:1c:70:37:f5:be:eb:1b:95:0e:
49:d9:e8:3f:df:f0:04:e2:78:3e:d1:e7:2a:85:ac:69:65:8e:
9f:e6:9d:e5:e4:cf:1c:6c:94:8c:e5:4c:68:3b:f5:67:62:4e:
89:34:53:76:f2:5e:15:bc:7b:61:a4:0b:c6:73:17:a1:69:6f:
0a:88:58:a5:7b:87:95:08:2a:4f:81:98:da:f5:c2:5a:8e:a6:
c7:27:de:fa:92:a9:41:fe:46:32:70:65:fb:7c:e7:e1:43:dc:
eb:19:55:cf:5e:68:c6:37:55:3f:b0:c9:c5:3b:1b:6b:66:5a:
d9:37:e6:51:83:49:af:22:2b:35:5b:bc:33:23:7a:78:6d:5f:
01:7f:e0:15:df:c5:9e:5e:f4:f2:05:00:98:66:64:b9:98:c4:
24:11:c4:c3:ec:83:fe:63:fd:d0:9b:0d:9b:b4:15:64:b7:a7:
a8:c5:74:a9:c4:bf:79:ba:4b:6c:4b:76:82:0d:07:83:99:b9:
51:4b:60:77:0d:c1:f5:1f:ac:a0:0b:6c:d9:fb:0b:e8:07:64:
69:fa:42:a0:8d:d5:9a:a7:92:d3:f6:a5:d5:e5:da:68:17:09:
f2:d4:7a:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAh7ehDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDEw
MTEwMDAwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ4YTBlMGQxYzRk
NzgzYmEyN2IwMmU1MTE3MjlkOTRiNmMzMmJiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOTthBe2yKfI3l2DTiaTN1qtBqzZIFFz4fhaCHTl9zX5P3AI
sPDN2cFFDmg4WdLr+tdWz7pXJM30DMvCekQG0nWVcjOnaWhBDyiFJHtULKww9QxX
lYSsQ1436UVH6Drw0+C4D7KeLCd2kH1wK3nID4G2XEri3MLqkIWVyQ40wCrCzbRj
M2Mi89RLO3z15C7bDimxF6ob3gkuP1vsgyTEy3ndw7I1pEDZ291KoOh8ZYGJKmwk
zBAcTEJabkFwMXXhGY3eZsGN9qS3qaxe3JCMySn9MUiluf1NxejyuHksTHforbDx
kISUQ8eosTa+zTzQny1fbbjvDWMmm9WKs+w12b0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT9ig4NHE14O6J7AuURcp2UtsMrvjAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L19Zb09EUnhOZUR1aWV3TGxFWEtkbExiREs3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmgwDANBgkqhkiG9w0BAQsFAAOC
AQEAjCwZ9TdGOCAYDin5ZjxLbgKD/s23VixXrnFLHHA39b7rG5UOSdnoP9/wBOJ4
PtHnKoWsaWWOn+ad5eTPHGyUjOVMaDv1Z2JOiTRTdvJeFbx7YaQLxnMXoWlvCohY
pXuHlQgqT4GY2vXCWo6mxyfe+pKpQf5GMnBl+3zn4UPc6xlVz15oxjdVP7DJxTsb
a2Za2TfmUYNJryIrNVu8MyN6eG1fAX/gFd/Fnl708gUAmGZkuZjEJBHEw+yD/mP9
0JsNm7QVZLenqMV0qcS/ebpLbEt2gg0Hg5m5UUtgdw3B9R+soAts2fsL6AdkafpC
oI3VmqeS0/al1eXaaBcJ8tR6ng==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:22 2023 by rpki-client on console-fra.rpki-client.org