Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-nbSrg5w6D5uYy4czvmTqIreMKc.roa
File: 1-nbSrg5w6D5uYy4czvmTqIreMKc.roa (raw, json)
Hash identifier: 1ADkiSqTMEdSHP4WMoprp5qJK8y7MLxWN7VZ9N3QQc4=
Subject key identifier: FA:76:D2:AE:0E:70:E8:3E:6E:63:2E:1C:CE:F9:93:A8:8A:DE:30:A7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186E693BFF5DABBBFB96590CA76599B2E2C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-nbSrg5w6D5uYy4czvmTqIreMKc.roa
Signing time: Wed 15 Mar 2023 18:41:28 +0000
ROA not before: Wed 15 Mar 2023 18:41:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211192
IP address blocks: 185.115.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e6:93:bf:f5:da:bb:bf:b9:65:90:ca:76:59:9b:2e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 15 18:41:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa76d2ae0e70e83e6e632e1ccef993a88ade30a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cd:aa:ca:dc:85:b2:8e:3a:81:c5:22:1e:1c:
60:c0:e4:81:a4:e5:02:b0:fb:62:14:2a:cf:1e:bf:
36:85:54:cb:25:2e:6e:93:e8:60:ff:28:f1:b3:e3:
51:00:e6:c6:76:89:23:41:ea:55:24:a8:c2:37:cc:
b9:8b:a5:1d:d0:3b:e2:90:4d:9a:b8:20:25:3f:c1:
3d:64:5a:c2:04:8a:b5:fd:c3:cf:ef:18:5b:3c:e3:
d7:20:cc:4a:91:f6:44:01:87:20:03:d7:55:e2:1c:
1a:a4:a7:ee:c4:25:3f:c3:12:f8:72:71:0f:7f:06:
72:bf:f1:80:8c:d0:d1:d5:82:31:a3:6e:6a:85:36:
dd:20:24:3a:5d:fa:01:2d:6c:52:6c:20:96:99:84:
c7:5d:37:b8:01:9a:0f:2b:21:66:0b:23:1f:ee:19:
a0:66:54:2b:6f:c9:83:0d:4e:74:d5:f4:17:ce:2b:
e1:26:a0:fa:1d:7a:c2:90:23:e1:8f:64:82:bf:88:
45:67:0f:82:d9:23:9d:0d:9f:99:3c:4d:9c:71:be:
97:bc:8c:2c:2a:0f:b1:e7:ae:5c:52:9a:fd:f0:a8:
2e:b9:48:a4:41:4f:45:d8:66:3f:59:37:b1:cc:a5:
46:a5:85:4a:4c:05:fe:f9:a1:5e:26:a3:ca:ad:4a:
2c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:76:D2:AE:0E:70:E8:3E:6E:63:2E:1C:CE:F9:93:A8:8A:DE:30:A7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-nbSrg5w6D5uYy4czvmTqIreMKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.145.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:37:ef:82:90:d8:92:9f:02:7d:86:f0:e1:67:3d:5c:69:13:
8c:92:56:4b:f7:a8:1b:b8:43:f3:ef:b3:d5:22:2b:11:8b:13:
d5:4c:ea:1a:1e:7c:0a:d2:7e:0b:78:77:82:75:79:f7:32:15:
c3:fb:b9:39:1a:2e:df:c2:f8:34:3f:5d:18:00:9f:4d:f4:a7:
0b:30:90:44:10:3c:ab:31:a2:9f:4b:ad:19:56:92:32:3a:60:
9e:91:e6:d3:7c:11:76:92:52:22:08:8b:d5:29:99:03:5e:1a:
14:b9:64:b6:29:94:d8:e3:be:bf:c5:34:0c:ab:fd:49:30:69:
47:ef:09:1c:f6:29:47:98:44:f5:22:1c:c0:42:bc:85:5d:24:
69:73:11:0a:fa:6d:c4:ec:25:54:c6:2d:b1:00:18:db:dd:e0:
19:70:fd:a2:37:18:66:1e:7e:95:c2:d7:84:69:0c:9b:db:5c:
e9:ec:c6:c8:1e:3a:4a:fc:a2:a5:24:a3:aa:11:6c:d8:41:8a:
7c:9f:ed:8a:4a:7d:ee:3d:c3:76:67:eb:31:c7:bd:f8:6b:a1:
50:66:b3:37:02:bd:a1:bc:36:fe:4d:76:5b:8e:12:9e:45:d1:
98:d0:1b:e9:67:04:88:3c:16:c0:a6:49:81:66:92:af:c8:c3:
cf:1a:c6:9f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYbmk7/12ru/uWWQynZZmy4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzE1MTg0MTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTc2ZDJhZTBlNzBlODNlNmU2MzJlMWNjZWY5OTNhODhhZGUzMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc2qytyFso46gcUiHhxgwOSBpOUC
sPtiFCrPHr82hVTLJS5uk+hg/yjxs+NRAObGdokjQepVJKjCN8y5i6Ud0DvikE2a
uCAlP8E9ZFrCBIq1/cPP7xhbPOPXIMxKkfZEAYcgA9dV4hwapKfuxCU/wxL4cnEP
fwZyv/GAjNDR1YIxo25qhTbdICQ6XfoBLWxSbCCWmYTHXTe4AZoPKyFmCyMf7hmg
ZlQrb8mDDU501fQXzivhJqD6HXrCkCPhj2SCv4hFZw+C2SOdDZ+ZPE2ccb6XvIws
Kg+x565cUpr98KguuUikQU9F2GY/WTexzKVGpYVKTAX++aFeJqPKrUosBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPp20q4OcOg+bmMuHM75k6iK3jCnMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS1uYlNyZzV3NkQ1dVl5NGN6dm1UcUlyZU1LYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlzkTAN
BgkqhkiG9w0BAQsFAAOCAQEAHTfvgpDYkp8CfYbw4Wc9XGkTjJJWS/eoG7hD8++z
1SIrEYsT1UzqGh58CtJ+C3h3gnV59zIVw/u5ORou38L4ND9dGACfTfSnCzCQRBA8
qzGin0utGVaSMjpgnpHm03wRdpJSIgiL1SmZA14aFLlktimU2OO+v8U0DKv9STBp
R+8JHPYpR5hE9SIcwEK8hV0kaXMRCvptxOwlVMYtsQAY293gGXD9ojcYZh5+lcLX
hGkMm9tc6ezGyB46SvyipSSjqhFs2EGKfJ/tikp97j3DdmfrMce9+GuhUGazNwK9
obw2/k12W44SnkXRmNAb6WcEiDwWwKZJgWaSr8jDzxrGnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org