Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/shsaQzcf-8ki-Ne4OuUg7DgxvZk.roa
File: shsaQzcf-8ki-Ne4OuUg7DgxvZk.roa (raw, json)
Hash identifier: my/D8FayX8vzTaY33gevCM6HXO+1z561ULM/BX6f2Fc=
Subject key identifier: B2:1B:1A:43:37:1F:FB:C9:22:F8:D7:B8:3A:E5:20:EC:38:31:BD:99
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 02C99891
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/shsaQzcf-8ki-Ne4OuUg7DgxvZk.roa
Signing time: Thu 10 Mar 2022 05:14:40 +0000
ROA not before: Thu 10 Mar 2022 05:14:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 185.160.193.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46766225 (0x2c99891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Mar 10 05:14:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b21b1a43371ffbc922f8d7b83ae520ec3831bd99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:48:5c:96:05:33:ec:a9:29:5f:78:2f:97:da:
9a:f7:99:ec:7b:5e:42:2d:55:9b:81:16:1f:c0:88:
47:0d:6f:34:a2:ea:32:74:9a:38:1f:23:c4:a6:7c:
e7:e8:13:63:2f:20:32:57:7a:a2:a0:26:dd:9a:18:
76:06:23:2c:af:01:68:26:45:b1:30:35:5b:e2:74:
dd:02:6e:a5:a6:10:0f:85:c0:d8:37:b5:55:e8:5f:
86:a2:12:0a:29:f6:ab:65:58:23:62:7a:cf:f8:39:
a8:05:ce:6a:38:a6:12:89:db:13:22:09:14:61:53:
11:a3:49:27:bd:a5:8e:81:e5:21:cd:41:8b:ed:53:
74:12:b8:98:fe:20:4f:45:ba:d2:cd:7c:e6:b5:f3:
b6:30:5c:af:8d:a9:7d:05:38:bc:11:ae:0f:01:6a:
b6:56:02:fd:67:b0:0a:ed:46:e1:aa:e4:4c:fe:42:
98:fb:ad:47:20:41:ed:53:ee:7c:60:7a:30:69:0a:
81:4a:56:09:32:6b:e2:8f:65:64:b0:78:f8:aa:24:
fa:c6:af:3f:4e:cb:97:54:e5:e3:2d:0d:40:3b:70:
71:ae:8d:7c:5b:5e:4b:b7:15:6f:02:d4:2b:df:6a:
05:9b:c7:08:2f:36:2e:4d:a1:6f:92:db:fe:7a:a4:
00:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1B:1A:43:37:1F:FB:C9:22:F8:D7:B8:3A:E5:20:EC:38:31:BD:99
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/shsaQzcf-8ki-Ne4OuUg7DgxvZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.193.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:5d:23:63:8c:6c:be:7c:4a:7d:1c:0d:a7:fd:ce:b3:02:ef:
e8:25:ea:b6:c7:37:02:f5:81:48:27:e1:01:fd:e4:47:b5:98:
3d:1d:e2:16:98:3a:3c:4d:5b:0d:d9:a7:2d:5e:5e:51:e9:d6:
2e:95:72:17:fc:e0:f9:c4:e2:4a:72:fb:a7:5f:ae:81:19:2f:
35:e7:7b:e1:2e:d0:a2:25:65:6c:21:20:85:4e:e4:0a:cf:d0:
e5:f6:e3:0c:5f:56:c7:48:0d:2c:38:29:ac:0d:07:a5:74:73:
d7:90:b2:82:39:c5:b9:72:51:f0:2e:cd:b3:5b:7d:df:be:8d:
6e:df:85:ba:b7:99:73:a7:bc:4e:ac:d4:78:44:3b:ed:77:a0:
00:9a:84:18:e9:c9:29:6c:c4:a7:ca:b5:e3:05:a0:a2:bf:d9:
85:81:78:96:ff:27:8d:0c:1a:c4:b0:55:f9:4f:f7:ac:f2:d2:
d7:21:c7:ac:28:aa:90:98:c6:2a:80:47:03:c7:e0:34:dc:52:
51:5f:54:cb:cf:43:3b:f1:0f:cc:aa:99:80:ad:14:0f:e6:83:
d6:4a:fb:5c:cf:0b:a3:17:d9:0f:45:8f:9d:91:dd:06:4b:c3:
ab:e7:c3:2f:db:30:42:ee:8c:a6:c9:28:54:86:02:e2:60:38:
12:a4:4d:91
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsmYkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDMx
MDA1MTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjIxYjFhNDMzNzFm
ZmJjOTIyZjhkN2I4M2FlNTIwZWMzODMxYmQ5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAItIXJYFM+ypKV94L5famveZ7HteQi1Vm4EWH8CIRw1vNKLq
MnSaOB8jxKZ85+gTYy8gMld6oqAm3ZoYdgYjLK8BaCZFsTA1W+J03QJupaYQD4XA
2De1VehfhqISCin2q2VYI2J6z/g5qAXOajimEonbEyIJFGFTEaNJJ72ljoHlIc1B
i+1TdBK4mP4gT0W60s185rXztjBcr42pfQU4vBGuDwFqtlYC/WewCu1G4arkTP5C
mPutRyBB7VPufGB6MGkKgUpWCTJr4o9lZLB4+Kok+savP07Ll1Tl4y0NQDtwca6N
fFteS7cVbwLUK99qBZvHCC82Lk2hb5Lb/nqkAAMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSyGxpDNx/7ySL417g65SDsODG9mTAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L3Noc2FRemNmLThraS1OZTRPdVVnN0RneHZaay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmgwTANBgkqhkiG9w0BAQsFAAOC
AQEALF0jY4xsvnxKfRwNp/3OswLv6CXqtsc3AvWBSCfhAf3kR7WYPR3iFpg6PE1b
DdmnLV5eUenWLpVyF/zg+cTiSnL7p1+ugRkvNed74S7QoiVlbCEghU7kCs/Q5fbj
DF9Wx0gNLDgprA0HpXRz15CygjnFuXJR8C7Ns1t9376Nbt+FureZc6e8TqzUeEQ7
7XegAJqEGOnJKWzEp8q14wWgor/ZhYF4lv8njQwaxLBV+U/3rPLS1yHHrCiqkJjG
KoBHA8fgNNxSUV9Uy89DO/EPzKqZgK0UD+aD1kr7XM8LoxfZD0WPnZHdBkvDq+fD
L9swQu6MpskoVIYC4mA4EqRNkQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-ams.rpki-client.org