Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ngzYKsmWMamX5HKTfF5Cki3uxNM.roa
File: ngzYKsmWMamX5HKTfF5Cki3uxNM.roa (raw, json)
Hash identifier: 5IU7Nh45KEwyYspaWT3xT9MT3h/hDkqQXhHXly6T+4Q=
Subject key identifier: 9E:0C:D8:2A:C9:96:31:A9:97:E4:72:93:7C:5E:42:92:2D:EE:C4:D3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187FB51B8B545C0FB95D175FE9EA060C7B2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ngzYKsmWMamX5HKTfF5Cki3uxNM.roa
Signing time: Mon 08 May 2023 12:24:09 +0000
ROA not before: Mon 08 May 2023 12:24:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 185.230.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fb:51:b8:b5:45:c0:fb:95:d1:75:fe:9e:a0:60:c7:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 8 12:24:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e0cd82ac99631a997e472937c5e42922deec4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:52:a9:48:42:c3:ca:40:69:3c:8f:d6:e7:f8:
8b:c1:7e:fa:8d:10:33:73:b1:74:64:c0:80:c2:97:
fb:e9:6c:11:99:ff:1d:3b:85:a3:45:8f:77:86:e0:
75:24:e5:fa:f7:43:db:e3:b7:e0:91:f1:c2:b4:cc:
25:9c:0b:d4:3d:ff:3b:f5:13:5b:92:e3:f0:c1:7e:
bf:42:60:a4:92:0a:cf:80:7f:4c:f2:06:01:33:85:
7a:f2:45:80:b5:23:eb:4d:be:17:2f:4d:b3:58:ef:
3a:2b:8b:5f:c0:f1:d1:7a:c5:dc:2d:2b:b7:9a:41:
ba:5e:91:23:a7:e4:37:32:9e:c2:71:bf:73:ba:c2:
be:55:82:03:fc:0e:df:bb:79:ad:cf:2b:88:9a:e7:
e2:92:29:c9:48:30:7d:2a:be:c0:ee:cd:b9:21:32:
a4:5d:17:ea:b7:2b:c6:ef:09:a7:95:a3:59:02:4d:
c5:28:e0:0c:21:98:56:3f:f4:78:9a:ea:42:42:c1:
ca:d9:38:85:33:6d:c1:e0:72:71:b1:21:38:9b:e8:
ad:2c:bb:96:fc:cb:cc:d7:11:33:19:ca:da:99:59:
0f:fe:3a:7f:5b:58:c2:cb:52:32:9d:dd:a6:05:cd:
e9:c9:44:2a:89:7b:76:7a:8d:43:ef:0f:8b:a3:83:
08:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:0C:D8:2A:C9:96:31:A9:97:E4:72:93:7C:5E:42:92:2D:EE:C4:D3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ngzYKsmWMamX5HKTfF5Cki3uxNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.251.0/24
Signature Algorithm: sha256WithRSAEncryption
27:3a:eb:d2:51:f6:94:53:4a:e8:b9:9d:af:d7:6d:0e:bb:44:
1c:c8:ed:c5:9f:bf:96:39:03:02:60:52:ca:17:4a:db:68:09:
e2:36:c0:1d:80:45:d7:34:b9:c8:1f:4c:ef:ad:22:07:e3:71:
de:03:ee:93:7d:1e:c6:85:4c:df:84:33:52:13:6d:ba:aa:50:
dc:21:84:bc:bf:32:9c:b7:1f:44:9b:e8:9b:e7:f0:5e:5b:51:
5e:12:03:ef:59:cc:c5:e7:ca:ba:98:a3:76:09:cb:3e:51:40:
2c:ea:31:88:ca:a0:f1:44:6e:9e:d6:1d:b6:d2:f9:3f:2f:78:
aa:60:aa:78:ec:c8:57:04:d1:cd:c0:3b:e5:2a:68:0e:2f:9f:
09:af:55:87:af:0a:b2:f9:87:9b:d8:e7:45:73:90:03:96:09:
64:ba:b1:f7:d9:cb:8b:4c:9f:f3:cc:43:3e:be:d0:65:2c:3e:
97:8f:e2:fd:2c:7f:7f:0d:d5:71:0d:87:ee:76:7c:ee:f0:ac:
4f:f8:10:10:58:c9:42:f2:09:be:30:f4:95:36:0c:2f:c8:24:
d6:73:43:52:b0:c2:cc:b2:34:72:fa:4c:ea:81:81:3a:5a:d8:
15:c7:20:90:b1:ee:17:14:9c:5f:ca:c8:72:80:bb:c2:3e:43:
dc:b4:e7:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf7Ubi1RcD7ldF1/p6gYMeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA4MTIyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTBjZDgyYWM5OTYzMWE5OTdlNDcyOTM3YzVlNDI5MjJkZWVjNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlKpSELDykBpPI/W5/iLwX76jRAz
c7F0ZMCAwpf76WwRmf8dO4WjRY93huB1JOX690Pb47fgkfHCtMwlnAvUPf879RNb
kuPwwX6/QmCkkgrPgH9M8gYBM4V68kWAtSPrTb4XL02zWO86K4tfwPHResXcLSu3
mkG6XpEjp+Q3Mp7Ccb9zusK+VYID/A7fu3mtzyuImufikinJSDB9Kr7A7s25ITKk
XRfqtyvG7wmnlaNZAk3FKOAMIZhWP/R4mupCQsHK2TiFM23B4HJxsSE4m+itLLuW
/MvM1xEzGcramVkP/jp/W1jCy1Iynd2mBc3pyUQqiXt2eo1D7w+Lo4MIrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4M2CrJljGpl+Ryk3xeQpIt7sTTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbmd6WUtzbVdNYW1YNUhLVGZGNUNraTN1eE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueb7MA0G
CSqGSIb3DQEBCwUAA4IBAQAnOuvSUfaUU0rouZ2v120Ou0QcyO3Fn7+WOQMCYFLK
F0rbaAniNsAdgEXXNLnIH0zvrSIH43HeA+6TfR7GhUzfhDNSE226qlDcIYS8vzKc
tx9Em+ib5/BeW1FeEgPvWczF58q6mKN2Ccs+UUAs6jGIyqDxRG6e1h220vk/L3iq
YKp47MhXBNHNwDvlKmgOL58Jr1WHrwqy+Yeb2OdFc5ADlglkurH32cuLTJ/zzEM+
vtBlLD6Xj+L9LH9/DdVxDYfudnzu8KxP+BAQWMlC8gm+MPSVNgwvyCTWc0NSsMLM
sjRy+kzqgYE6WtgVxyCQse4XFJxfyshygLvCPkPctOcI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org