Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/zXmV6rDw0u1uzEBERbhJH0x-K6w.roa
File: zXmV6rDw0u1uzEBERbhJH0x-K6w.roa (raw, json)
Hash identifier: +DwWr6fKknXfFuBGTWr53z9+D7/Me2hDT/TVjYTVerY=
Subject key identifier: CD:79:95:EA:B0:F0:D2:ED:6E:CC:40:44:45:B8:49:1F:4C:7E:2B:AC
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 01833299999083B9F39F0EC295A8940B77D3
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/zXmV6rDw0u1uzEBERbhJH0x-K6w.roa
Signing time: Mon 12 Sep 2022 16:47:50 +0000
ROA not before: Mon 12 Sep 2022 16:47:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209181
IP address blocks: 185.169.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:99:99:90:83:b9:f3:9f:0e:c2:95:a8:94:0b:77:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Sep 12 16:47:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd7995eab0f0d2ed6ecc404445b8491f4c7e2bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:54:e3:a8:40:c6:85:69:a0:c9:1b:f4:03:22:
0f:82:be:e0:e4:35:af:90:97:32:45:29:29:78:78:
73:9f:3e:0b:ef:d4:61:ff:60:d8:02:10:7c:bd:2c:
e1:a4:7d:d5:db:ef:bc:c3:84:a9:ca:83:4b:07:b4:
22:f8:73:de:22:67:39:61:9e:1f:79:fc:f1:e3:3f:
77:9e:8f:d9:40:25:19:60:20:eb:35:51:09:80:36:
67:8a:61:28:f4:e4:f2:d0:7b:39:5c:9a:51:2b:b5:
73:78:dc:22:ac:b2:43:e3:40:2a:24:11:ef:fb:4c:
2e:f2:fa:8a:76:4b:e3:44:c8:62:f6:0c:1e:42:45:
84:ab:49:d1:92:84:7f:2c:87:af:ca:a0:9d:7d:5d:
e3:da:df:7a:bd:7e:38:73:c5:59:73:d3:ac:87:eb:
3f:f3:bf:a9:56:ce:f5:12:16:ab:54:24:4c:87:2a:
61:eb:a3:77:44:7b:c3:7a:cb:5a:1b:1b:5f:dc:af:
2c:86:df:14:f6:f9:a5:03:8e:8a:9d:23:83:f6:e8:
af:f7:c9:ea:cb:11:4c:01:f8:a9:e2:89:ba:30:7a:
19:0d:df:0c:a9:1b:04:41:d5:99:a0:a8:f6:31:7f:
7d:2d:57:40:49:64:1c:eb:ea:1c:22:ed:e8:07:27:
68:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:79:95:EA:B0:F0:D2:ED:6E:CC:40:44:45:B8:49:1F:4C:7E:2B:AC
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/zXmV6rDw0u1uzEBERbhJH0x-K6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
82:9b:1e:df:87:9a:6d:af:1e:d1:41:0d:e1:d3:b7:01:30:3f:
a2:6b:f1:e1:f3:00:ab:f4:86:e4:cd:e7:6d:57:aa:89:91:9b:
04:17:5a:a0:0a:41:30:34:cc:18:1c:70:4a:b7:7e:39:81:68:
e8:01:5f:e3:93:2d:7a:ef:32:75:fc:07:00:e6:2c:1b:fc:95:
51:56:32:3b:45:f1:fc:d0:93:6e:9d:ac:98:f5:e2:54:bf:bb:
36:74:4b:44:cd:be:68:4c:97:f9:1d:2e:b9:0f:ac:9f:e2:42:
76:87:d3:60:54:4b:a6:f6:e5:2f:38:b5:ca:bc:64:68:f3:b1:
02:ee:23:68:e5:6b:b7:6f:83:f6:c1:5a:04:3e:a3:37:a0:e8:
c7:d2:be:30:ba:24:95:e4:f5:5c:08:84:49:a6:ba:00:ed:85:
d5:7e:0a:74:34:31:1c:a4:b9:9b:a6:3e:fa:69:f5:19:52:c5:
43:63:b2:8c:23:f5:08:5c:12:78:c0:82:6d:34:6d:ae:31:f6:
2e:2f:d7:81:d8:2f:5c:d4:9e:d3:6d:2d:46:29:ea:55:7c:57:
5f:e0:09:b1:9d:75:ac:98:64:36:35:5c:30:d4:39:fd:df:e4:
7e:ce:50:3e:a0:bd:11:37:0c:95:f8:a9:45:be:4b:11:fe:90:
9a:e4:b5:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMymZmQg7nznw7ClaiUC3fTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIwOTEyMTY0NzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDc5OTVlYWIwZjBkMmVkNmVjYzQwNDQ0NWI4NDkxZjRjN2UyYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVTjqEDGhWmgyRv0AyIPgr7g5DWv
kJcyRSkpeHhznz4L79Rh/2DYAhB8vSzhpH3V2++8w4SpyoNLB7Qi+HPeImc5YZ4f
efzx4z93no/ZQCUZYCDrNVEJgDZnimEo9OTy0Hs5XJpRK7VzeNwirLJD40AqJBHv
+0wu8vqKdkvjRMhi9gweQkWEq0nRkoR/LIevyqCdfV3j2t96vX44c8VZc9Osh+s/
87+pVs71EharVCRMhyph66N3RHvDestaGxtf3K8sht8U9vmlA46KnSOD9uiv98nq
yxFMAfip4om6MHoZDd8MqRsEQdWZoKj2MX99LVdASWQc6+ocIu3oBydovwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM15leqw8NLtbsxAREW4SR9MfiusMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvelhtVjZyRHcwdTF1ekVCRVJiaEpIMHgtSzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuancMA0G
CSqGSIb3DQEBCwUAA4IBAQCCmx7fh5ptrx7RQQ3h07cBMD+ia/Hh8wCr9Ibkzedt
V6qJkZsEF1qgCkEwNMwYHHBKt345gWjoAV/jky167zJ1/AcA5iwb/JVRVjI7RfH8
0JNunayY9eJUv7s2dEtEzb5oTJf5HS65D6yf4kJ2h9NgVEum9uUvOLXKvGRo87EC
7iNo5Wu3b4P2wVoEPqM3oOjH0r4wuiSV5PVcCIRJproA7YXVfgp0NDEcpLmbpj76
afUZUsVDY7KMI/UIXBJ4wIJtNG2uMfYuL9eB2C9c1J7TbS1GKepVfFdf4AmxnXWs
mGQ2NVww1Dn93+R+zlA+oL0RNwyV+KlFvksR/pCa5LV6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:22 2023 by rpki-client on console-fra.rpki-client.org