Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/9383b5-7083-4cc3-9e69-97f6f2a39626/1/b2sBEHq-UWNnAwo1kVRhQgYBnM4.roa
File: b2sBEHq-UWNnAwo1kVRhQgYBnM4.roa (raw, json)
Hash identifier: p1Us2Go2L8uUazvEpoKYUxsGQtUmQ3F8MgPzWqeQKk4=
Subject key identifier: 6F:6B:01:10:7A:BE:51:63:67:03:0A:35:91:54:61:42:06:01:9C:CE
Certificate issuer: /CN=16f02e70a6553ff0c665139ee55671c860658081
Certificate serial: 018CC7936AEA9A596CAC8A933803C4970721
Authority key identifier: 16:F0:2E:70:A6:55:3F:F0:C6:65:13:9E:E5:56:71:C8:60:65:80:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FvAucKZVP_DGZROe5VZxyGBlgIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/9383b5-7083-4cc3-9e69-97f6f2a39626/1/b2sBEHq-UWNnAwo1kVRhQgYBnM4.roa
Signing time: Tue 02 Jan 2024 00:29:36 +0000
ROA not before: Tue 02 Jan 2024 00:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48359
IP address blocks: 185.120.139.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:6a:ea:9a:59:6c:ac:8a:93:38:03:c4:97:07:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16f02e70a6553ff0c665139ee55671c860658081
Validity
Not Before: Jan 2 00:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f6b01107abe516367030a359154614206019cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b7:ed:1b:26:1b:24:eb:0f:3d:55:19:25:dd:
16:bf:71:54:28:ac:27:bd:66:c8:05:fb:05:a1:4e:
4b:a9:bc:0d:ed:3f:81:ac:b1:9f:fa:22:14:17:cc:
3c:e1:77:98:0b:82:23:02:c4:a0:8a:33:96:6d:2c:
6d:47:2b:3d:7f:3a:cf:3e:bb:18:04:bd:4b:28:03:
b7:f7:ab:5f:96:46:24:84:f7:09:ae:12:7c:33:8b:
59:75:32:9e:1a:81:d8:f9:a0:7d:01:50:1a:9d:31:
b0:86:00:48:8f:b4:70:47:c6:85:d1:fd:51:ed:f0:
99:c9:8c:67:83:94:93:96:1b:f4:69:70:88:61:66:
a7:02:6c:44:29:aa:f2:03:a9:ad:48:3f:fe:12:f6:
1a:be:37:bd:cc:26:b7:f3:d1:fc:a3:2d:b6:86:99:
3c:ac:4f:ee:8b:c4:1a:f1:10:b5:d2:dc:03:76:a2:
74:78:c9:76:ae:2f:d6:c9:68:11:62:79:e8:2e:5c:
86:c4:ad:54:eb:8c:00:c8:05:e3:ed:ae:1e:ea:2a:
43:fa:15:eb:77:e3:57:6f:2b:3b:f1:58:6f:9d:2a:
51:4d:46:b3:2e:0b:10:21:68:de:f5:7f:b3:a1:cf:
7f:26:b1:a4:ed:a3:7f:8d:e3:f6:fe:81:89:ce:90:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6B:01:10:7A:BE:51:63:67:03:0A:35:91:54:61:42:06:01:9C:CE
X509v3 Authority Key Identifier:
keyid:16:F0:2E:70:A6:55:3F:F0:C6:65:13:9E:E5:56:71:C8:60:65:80:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FvAucKZVP_DGZROe5VZxyGBlgIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9383b5-7083-4cc3-9e69-97f6f2a39626/1/b2sBEHq-UWNnAwo1kVRhQgYBnM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9383b5-7083-4cc3-9e69-97f6f2a39626/1/FvAucKZVP_DGZROe5VZxyGBlgIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.139.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:a2:fb:62:23:15:f7:4b:4c:8f:d8:53:d6:f8:5f:35:78:e2:
ce:06:0e:78:b5:91:d6:af:12:a5:33:b9:9b:73:30:06:f7:8a:
43:ea:85:8a:b9:f1:15:d6:31:14:13:d2:0d:ca:36:37:9d:c6:
c2:ae:f7:2f:6d:33:81:ff:1a:f1:db:d5:8b:48:32:16:af:28:
3a:d4:74:eb:c6:cf:48:b6:db:6c:18:f0:5c:e9:ce:1f:a0:21:
87:d1:56:a0:31:21:2c:8b:c4:bd:ce:8f:9b:3e:f8:e5:db:54:
2e:51:74:dc:8d:51:b0:67:c8:e2:ce:09:1a:59:05:e5:d3:22:
c9:1f:7f:c2:d7:d0:ef:81:d9:eb:17:fa:ed:f5:04:f3:84:f0:
0f:5d:f6:9c:f7:95:c0:36:e6:c6:95:19:5a:08:a9:ff:d6:3a:
8c:b6:44:f5:80:7b:b9:7c:bf:c5:06:7f:3c:e7:5b:29:5c:2a:
35:c1:76:37:ca:dc:1e:0e:d3:df:a5:ef:ac:63:0d:5f:e0:36:
33:51:a5:6d:2c:a7:0c:ba:25:f5:cb:69:8e:57:74:ff:b4:75:
03:e8:45:d4:dc:b4:4e:ac:ed:6a:08:cf:d8:7a:40:a8:bd:29:
ab:21:31:0c:5d:c9:99:32:5a:b8:11:b5:6f:6b:4a:e6:d4:a1:
11:2e:77:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk2rqmllsrIqTOAPElwchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZjAyZTcwYTY1NTNmZjBjNjY1MTM5ZWU1NTY3MWM4NjA2
NTgwODEwHhcNMjQwMTAyMDAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjZiMDExMDdhYmU1MTYzNjcwMzBhMzU5MTU0NjE0MjA2MDE5Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbftGyYbJOsPPVUZJd0Wv3FUKKwn
vWbIBfsFoU5LqbwN7T+BrLGf+iIUF8w84XeYC4IjAsSgijOWbSxtRys9fzrPPrsY
BL1LKAO396tflkYkhPcJrhJ8M4tZdTKeGoHY+aB9AVAanTGwhgBIj7RwR8aF0f1R
7fCZyYxng5STlhv0aXCIYWanAmxEKaryA6mtSD/+EvYavje9zCa389H8oy22hpk8
rE/ui8Qa8RC10twDdqJ0eMl2ri/WyWgRYnnoLlyGxK1U64wAyAXj7a4e6ipD+hXr
d+NXbys78VhvnSpRTUazLgsQIWje9X+zoc9/JrGk7aN/jeP2/oGJzpDXeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG9rARB6vlFjZwMKNZFUYUIGAZzOMB8GA1UdIwQY
MBaAFBbwLnCmVT/wxmUTnuVWcchgZYCBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnZBdWNLWlZQX0RHWlJPZTVWWnh5R0JsZ0lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85MzgzYjUtNzA4My00Y2MzLTllNjkt
OTdmNmYyYTM5NjI2LzEvYjJzQkVIcS1VV05uQXdvMWtWUmhRZ1lCbk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85MzgzYjUtNzA4My00Y2MzLTllNjktOTdmNmYyYTM5NjI2
LzEvRnZBdWNLWlZQX0RHWlJPZTVWWnh5R0JsZ0lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXiLMA0G
CSqGSIb3DQEBCwUAA4IBAQC6ovtiIxX3S0yP2FPW+F81eOLOBg54tZHWrxKlM7mb
czAG94pD6oWKufEV1jEUE9INyjY3ncbCrvcvbTOB/xrx29WLSDIWryg61HTrxs9I
tttsGPBc6c4foCGH0VagMSEsi8S9zo+bPvjl21QuUXTcjVGwZ8jizgkaWQXl0yLJ
H3/C19DvgdnrF/rt9QTzhPAPXfac95XANubGlRlaCKn/1jqMtkT1gHu5fL/FBn88
51spXCo1wXY3ytweDtPfpe+sYw1f4DYzUaVtLKcMuiX1y2mOV3T/tHUD6EXU3LRO
rO1qCM/YekCovSmrITEMXcmZMlq4EbVva0rm1KERLndE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:36 2025 by rpki-client