Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/NA6RaOjTT5XsidBwjl0RgqJ0Wk8.roa
File: NA6RaOjTT5XsidBwjl0RgqJ0Wk8.roa (raw, json)
Hash identifier: D+1Qw2iQjLhcLn0P69O+Oi6kB/5f68wtAvmqklOJYRI=
Subject key identifier: 34:0E:91:68:E8:D3:4F:95:EC:89:D0:70:8E:5D:11:82:A2:74:5A:4F
Certificate issuer: /CN=4777da157768423fcba9217392ec7f483b3b9442
Certificate serial: 180B15B8
Authority key identifier: 47:77:DA:15:77:68:42:3F:CB:A9:21:73:92:EC:7F:48:3B:3B:94:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3faFXdoQj_LqSFzkux_SDs7lEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/NA6RaOjTT5XsidBwjl0RgqJ0Wk8.roa
Signing time: Thu 31 Mar 2022 18:09:30 +0000
ROA not before: Thu 31 Mar 2022 18:09:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60274
IP address blocks: 185.123.176.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403379640 (0x180b15b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4777da157768423fcba9217392ec7f483b3b9442
Validity
Not Before: Mar 31 18:09:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=340e9168e8d34f95ec89d0708e5d1182a2745a4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:82:d7:e6:93:ec:d8:ef:b4:c0:25:75:81:40:
98:4a:34:26:c3:b0:f1:e0:f7:d3:f3:64:b7:83:d2:
13:b8:36:5c:9b:47:0a:71:6e:b8:92:27:32:4f:01:
f3:de:5d:a0:f0:ed:e4:3e:40:92:4b:52:42:1f:51:
62:fa:cb:b3:ef:bd:24:ac:e5:b3:08:75:f7:b3:65:
48:c3:42:c3:e7:e9:40:96:45:db:d4:e0:a6:b2:7d:
87:0c:6a:61:44:49:f6:0f:e5:1f:5c:ef:a6:03:d9:
71:87:a6:60:1d:28:3d:6b:01:21:cc:f0:5c:d8:92:
86:19:f7:fd:c5:8a:46:9a:6e:df:84:53:e5:8d:6a:
f0:bb:49:74:7d:0e:0c:c1:3b:28:f7:ff:21:a6:13:
ea:15:ba:ee:0d:4c:65:54:04:22:c6:1f:ed:41:dc:
83:24:17:4a:97:e0:53:52:c0:b5:7f:b1:37:67:05:
64:8c:44:44:14:3d:a7:1c:5d:87:2a:94:f2:05:80:
a4:2e:6e:25:e5:7a:2c:3b:26:d9:d8:96:7d:52:95:
7e:93:13:09:bf:e1:0e:ae:9c:fb:73:28:01:45:1f:
6a:35:96:08:70:bc:67:4c:fb:d6:ba:3e:f0:76:d5:
8b:fc:90:86:86:8d:57:96:0e:3a:6f:19:77:37:8b:
02:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0E:91:68:E8:D3:4F:95:EC:89:D0:70:8E:5D:11:82:A2:74:5A:4F
X509v3 Authority Key Identifier:
keyid:47:77:DA:15:77:68:42:3F:CB:A9:21:73:92:EC:7F:48:3B:3B:94:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3faFXdoQj_LqSFzkux_SDs7lEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/NA6RaOjTT5XsidBwjl0RgqJ0Wk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/R3faFXdoQj_LqSFzkux_SDs7lEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.176.0/22
Signature Algorithm: sha256WithRSAEncryption
36:26:f0:8a:0f:a8:e8:d1:8c:ad:5b:97:e0:4f:f5:fc:9c:82:
de:3e:7d:a8:04:43:d5:94:8c:7e:c5:7b:50:be:b6:74:c0:e8:
67:ae:d4:8b:7d:c3:03:e4:db:22:bd:a8:f8:bf:6e:3b:97:e4:
01:67:f1:74:e4:e0:9c:b0:9b:7a:6a:5a:84:28:07:ac:8c:54:
0c:b5:55:5c:f6:f6:bf:36:9a:6b:23:00:3e:e0:bd:58:0d:82:
e8:de:ab:5e:d7:b7:8c:03:b7:25:5f:b0:d9:4c:91:fc:0c:fa:
fb:32:b8:bc:23:b7:9d:38:da:49:a8:35:0a:63:12:d8:89:ee:
4b:41:33:c5:77:58:50:a6:1e:b3:8f:df:30:8d:95:75:aa:09:
fc:09:79:36:81:f8:67:5a:c4:8a:3d:b5:ae:61:c7:95:25:12:
ae:bc:ad:e2:85:92:3a:0e:99:53:cf:e0:30:13:f7:c9:2c:72:
4b:a9:6b:2d:3e:a2:b6:88:2a:75:b2:be:d7:ca:c4:84:98:6d:
4e:ee:68:9d:2f:1e:2b:ea:67:f7:82:5c:45:73:fe:7c:17:6d:
6e:ce:5f:ad:61:e0:19:71:0b:41:65:0c:5e:8a:05:3a:f3:ca:
21:e5:1c:4f:e9:15:6a:81:e4:8a:b7:3a:5c:1f:bf:9c:26:db:
a5:7c:8d:91
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGAsVuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Nzc3ZGExNTc3Njg0MjNmY2JhOTIxNzM5MmVjN2Y0ODNiM2I5NDQyMB4XDTIyMDMz
MTE4MDkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQwZTkxNjhlOGQz
NGY5NWVjODlkMDcwOGU1ZDExODJhMjc0NWE0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6C1+aT7NjvtMAldYFAmEo0JsOw8eD30/Nkt4PSE7g2XJtH
CnFuuJInMk8B895doPDt5D5AkktSQh9RYvrLs++9JKzlswh197NlSMNCw+fpQJZF
29TgprJ9hwxqYURJ9g/lH1zvpgPZcYemYB0oPWsBIczwXNiShhn3/cWKRppu34RT
5Y1q8LtJdH0ODME7KPf/IaYT6hW67g1MZVQEIsYf7UHcgyQXSpfgU1LAtX+xN2cF
ZIxERBQ9pxxdhyqU8gWApC5uJeV6LDsm2diWfVKVfpMTCb/hDq6c+3MoAUUfajWW
CHC8Z0z71ro+8HbVi/yQhoaNV5YOOm8ZdzeLAmsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0DpFo6NNPleyJ0HCOXRGConRaTzAfBgNVHSMEGDAWgBRHd9oVd2hCP8up
IXOS7H9IOzuUQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1IzZmFGWGRvUWpfTHFTRnprdXhfU0RzN2xFSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvYjIxYTM4LWRiNjItNDQzOC1iYTljLWY1N2Y4NmRmNGYxNi8x
L05BNlJhT2pUVDVYc2lkQndqbDBSZ3FKMFdrOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
YjIxYTM4LWRiNjItNDQzOC1iYTljLWY1N2Y4NmRmNGYxNi8xL1IzZmFGWGRvUWpf
THFTRnprdXhfU0RzN2xFSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl7sDANBgkqhkiG9w0BAQsFAAOC
AQEANibwig+o6NGMrVuX4E/1/JyC3j59qARD1ZSMfsV7UL62dMDoZ67Ui33DA+Tb
Ir2o+L9uO5fkAWfxdOTgnLCbempahCgHrIxUDLVVXPb2vzaaayMAPuC9WA2C6N6r
Xte3jAO3JV+w2UyR/Az6+zK4vCO3nTjaSag1CmMS2InuS0EzxXdYUKYes4/fMI2V
daoJ/Al5NoH4Z1rEij21rmHHlSUSrryt4oWSOg6ZU8/gMBP3ySxyS6lrLT6itogq
dbK+18rEhJhtTu5onS8eK+pn94JcRXP+fBdtbs5frWHgGXELQWUMXooFOvPKIeUc
T+kVaoHkirc6XB+/nCbbpXyNkQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:40 2025 by rpki-client