Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tIlunXgyOcxSoUnLXIkAIMqMkhI.roa
File: tIlunXgyOcxSoUnLXIkAIMqMkhI.roa (raw, json)
Hash identifier: GhP+zhXcjFjo32Xgd7AV3xSPlb7QeCTNUWAnxErYm9k=
Subject key identifier: B4:89:6E:9D:78:32:39:CC:52:A1:49:CB:5C:89:00:20:CA:8C:92:12
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185E99DD6DB804D30A5E00C66D18BC81FAC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tIlunXgyOcxSoUnLXIkAIMqMkhI.roa
Signing time: Wed 25 Jan 2023 15:48:33 +0000
ROA not before: Wed 25 Jan 2023 15:48:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33387
IP address blocks: 185.115.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:9d:d6:db:80:4d:30:a5:e0:0c:66:d1:8b:c8:1f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 25 15:48:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4896e9d783239cc52a149cb5c890020ca8c9212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b7:73:6e:52:3a:f2:d0:97:6c:75:86:83:36:
b5:d7:66:d4:e9:02:e0:54:31:cc:51:c9:58:21:9d:
15:b9:96:ee:4b:a3:d7:1b:fa:97:3d:ad:f5:01:2e:
46:41:3f:9b:7c:1e:84:e6:7f:5e:c3:e8:fd:4d:28:
aa:2b:66:d0:d8:02:f5:31:0b:c5:4d:80:03:81:ea:
30:e5:ce:c3:05:40:65:44:ee:0e:b0:0f:94:64:97:
ed:1b:d2:f1:ca:3e:55:fd:b5:da:59:d5:7d:cf:ca:
7b:8d:64:1b:06:53:80:29:26:cb:4c:fb:ac:e9:e4:
ae:1a:0c:a7:cf:e4:3b:a7:41:65:37:48:56:2c:63:
87:74:a2:61:2a:e2:4b:5a:00:5b:13:c8:8b:9a:22:
9a:8a:a5:55:d5:24:29:66:7a:7d:24:a3:28:f3:3f:
e4:50:3f:3f:a4:80:ef:9d:c0:14:9b:d2:8d:31:83:
4d:ad:0e:aa:09:be:ed:f7:9d:73:6c:f5:4b:41:24:
35:41:c6:b3:dc:4b:bb:31:39:2c:05:c5:e3:84:c6:
ec:22:d2:4f:cd:a6:ef:7c:70:0b:14:4e:c3:53:e2:
ef:b6:9a:2c:29:21:2b:10:94:3c:b1:cf:ab:0e:68:
2d:fb:0b:31:dd:47:66:22:83:85:92:39:c2:3b:b0:
d9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:89:6E:9D:78:32:39:CC:52:A1:49:CB:5C:89:00:20:CA:8C:92:12
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tIlunXgyOcxSoUnLXIkAIMqMkhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.145.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:4a:c8:32:b1:bf:37:54:71:24:de:df:73:8a:00:92:46:8b:
2b:d3:1a:cb:4f:f3:6f:18:34:c6:9d:d8:ce:2f:e1:6a:10:94:
24:86:3c:8f:a5:ce:f2:f0:78:44:19:aa:b4:46:30:49:59:f8:
9e:2b:ce:aa:b2:29:98:6b:9d:d7:12:0a:d9:e9:bc:d6:03:ed:
5c:1b:ce:08:a1:6f:4d:52:36:b3:de:ab:d4:85:8f:37:7d:a0:
d2:a5:5a:7f:12:9b:21:0c:26:40:31:63:f8:4d:e3:36:cf:41:
8d:5f:13:6d:cb:d0:32:49:c3:2e:8a:85:d0:62:55:76:c3:50:
c3:1f:a1:fd:d3:c6:55:c4:7b:88:7b:f4:51:c8:b0:db:23:11:
7b:91:2e:08:76:4d:5b:a3:95:72:11:d7:60:12:52:e0:4c:de:
f1:23:01:b6:99:18:97:ba:08:b7:51:bf:5a:78:df:ba:37:2c:
ee:dc:6c:6d:54:46:3e:ac:22:a1:bb:33:66:2b:eb:8e:14:35:
63:52:5c:bc:30:4d:69:61:11:48:07:b8:02:b3:eb:28:c8:4c:
29:0a:2d:de:03:3e:36:34:eb:a1:96:8e:27:20:da:f3:2f:eb:
ff:7e:9a:de:34:5b:9f:ca:bf:16:70:04:89:27:40:8d:72:69:
8a:12:5f:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXpndbbgE0wpeAMZtGLyB+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI1MTU0ODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDg5NmU5ZDc4MzIzOWNjNTJhMTQ5Y2I1Yzg5MDAyMGNhOGM5MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbdzblI68tCXbHWGgza112bU6QLg
VDHMUclYIZ0VuZbuS6PXG/qXPa31AS5GQT+bfB6E5n9ew+j9TSiqK2bQ2AL1MQvF
TYADgeow5c7DBUBlRO4OsA+UZJftG9Lxyj5V/bXaWdV9z8p7jWQbBlOAKSbLTPus
6eSuGgynz+Q7p0FlN0hWLGOHdKJhKuJLWgBbE8iLmiKaiqVV1SQpZnp9JKMo8z/k
UD8/pIDvncAUm9KNMYNNrQ6qCb7t951zbPVLQSQ1Qcaz3Eu7MTksBcXjhMbsItJP
zabvfHALFE7DU+LvtposKSErEJQ8sc+rDmgt+wsx3UdmIoOFkjnCO7DZCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSJbp14MjnMUqFJy1yJACDKjJISMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdElsdW5YZ3lPY3hTb1VuTFhJa0FJTXFNa2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXORMA0G
CSqGSIb3DQEBCwUAA4IBAQAuSsgysb83VHEk3t9zigCSRosr0xrLT/NvGDTGndjO
L+FqEJQkhjyPpc7y8HhEGaq0RjBJWfieK86qsimYa53XEgrZ6bzWA+1cG84IoW9N
Ujaz3qvUhY83faDSpVp/EpshDCZAMWP4TeM2z0GNXxNty9AyScMuioXQYlV2w1DD
H6H908ZVxHuIe/RRyLDbIxF7kS4Idk1bo5VyEddgElLgTN7xIwG2mRiXugi3Ub9a
eN+6Nyzu3GxtVEY+rCKhuzNmK+uOFDVjUly8ME1pYRFIB7gCs+soyEwpCi3eAz42
NOuhlo4nINrzL+v/fpreNFufyr8WcASJJ0CNcmmKEl/A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org