Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tptO_WaXGuotA7B2mhB_mbEhGLM.roa
File: tptO_WaXGuotA7B2mhB_mbEhGLM.roa (raw, json)
Hash identifier: bFgTH2np8XYS60sNvRM/9ObyE6rIOL1oNimEvLWoRdE=
Subject key identifier: B6:9B:4E:FD:66:97:1A:EA:2D:03:B0:76:9A:10:7F:99:B1:21:18:B3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018813775D6CDD3369637542A6EFE2136525
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tptO_WaXGuotA7B2mhB_mbEhGLM.roa
Signing time: Sat 13 May 2023 04:56:09 +0000
ROA not before: Sat 13 May 2023 04:56:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35409
IP address blocks: 185.230.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:13:77:5d:6c:dd:33:69:63:75:42:a6:ef:e2:13:65:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 13 04:56:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b69b4efd66971aea2d03b0769a107f99b12118b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a0:c6:b3:09:ee:42:46:f5:50:2a:40:04:67:
73:f2:c7:f9:7b:7d:bd:ce:eb:6c:2b:67:2b:9b:8e:
ee:dc:2f:80:61:a2:24:3f:f0:92:6e:fb:62:11:d9:
dd:09:6b:27:3c:95:b5:36:01:7e:0b:81:ff:72:d6:
ea:3b:d0:49:44:6b:da:81:15:31:96:aa:1f:d9:e2:
63:b4:d3:e7:73:e3:75:0d:67:ee:39:5d:aa:db:b9:
c0:8a:f0:e3:63:6d:fd:04:32:8a:c9:6b:ae:0e:a4:
95:5a:f7:fd:43:7d:60:42:82:e5:28:b8:89:78:8e:
d7:84:e2:ac:a2:fc:c5:db:8a:b0:eb:b9:9f:0f:62:
49:48:d1:02:21:84:12:0e:fe:25:56:84:a7:62:32:
01:1d:b0:ad:ac:a3:0c:b0:5f:8f:67:94:46:03:72:
60:ef:05:a0:2d:97:0c:93:33:e4:60:6c:48:c9:d2:
95:23:b0:79:c3:44:52:0a:fa:bb:8b:66:d4:12:62:
57:0b:e4:77:d4:ee:b5:4c:32:b1:b9:02:2b:e8:f4:
e1:79:c9:5a:77:8b:69:e4:5e:e9:06:b8:1a:02:dd:
ff:81:03:cd:95:bd:7b:48:89:9b:d7:ee:b0:00:77:
a8:89:ad:fc:ea:b5:cd:ef:bb:08:72:d4:94:95:47:
89:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9B:4E:FD:66:97:1A:EA:2D:03:B0:76:9A:10:7F:99:B1:21:18:B3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tptO_WaXGuotA7B2mhB_mbEhGLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.250.0/24
Signature Algorithm: sha256WithRSAEncryption
39:c1:99:79:c7:69:20:b2:1d:df:21:a4:2c:b4:db:c4:9a:09:
b5:bd:9f:f8:a3:bc:a9:cf:a0:19:f6:17:4c:67:90:66:a6:83:
47:a4:d3:25:53:85:8b:35:48:22:d5:c0:39:72:84:e0:ed:ed:
b6:fa:b2:af:3f:ce:3a:73:2e:9a:2c:ae:fe:23:a9:1d:7c:ee:
15:5d:26:0e:ac:8c:ec:ba:50:81:f4:87:f7:00:d9:f3:c5:80:
65:0f:88:c2:cd:4e:d1:e5:91:71:89:d1:01:a3:6d:55:a3:6a:
4c:45:a8:ed:ea:c8:5b:43:a3:9c:58:b4:f6:6b:23:e6:0f:43:
a8:b1:09:66:6d:8d:df:b9:4a:ce:ab:aa:a2:1d:96:5e:8f:90:
11:4e:31:79:b9:b3:7f:0b:81:77:c5:47:98:5f:39:58:1d:3f:
a5:63:6e:a9:6c:46:b9:7e:c5:2e:cd:cb:c4:92:25:b9:d6:be:
30:92:24:10:25:3e:81:e7:2d:09:d5:e2:0c:f1:52:4d:c6:96:
f5:16:51:ad:81:ce:e5:45:62:f3:90:b9:93:07:a5:32:10:a8:
a3:b0:41:ca:b4:c4:28:6a:68:70:05:26:35:90:e0:8a:17:dd:
2e:3b:e4:e6:78:33:d4:8b:b5:17:33:29:f6:88:3f:bc:0a:39:
de:5a:08:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgTd11s3TNpY3VCpu/iE2UlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTEzMDQ1NjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjliNGVmZDY2OTcxYWVhMmQwM2IwNzY5YTEwN2Y5OWIxMjExOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaDGswnuQkb1UCpABGdz8sf5e329
zutsK2crm47u3C+AYaIkP/CSbvtiEdndCWsnPJW1NgF+C4H/ctbqO9BJRGvagRUx
lqof2eJjtNPnc+N1DWfuOV2q27nAivDjY239BDKKyWuuDqSVWvf9Q31gQoLlKLiJ
eI7XhOKsovzF24qw67mfD2JJSNECIYQSDv4lVoSnYjIBHbCtrKMMsF+PZ5RGA3Jg
7wWgLZcMkzPkYGxIydKVI7B5w0RSCvq7i2bUEmJXC+R31O61TDKxuQIr6PThecla
d4tp5F7pBrgaAt3/gQPNlb17SImb1+6wAHeoia386rXN77sIctSUlUeJ8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLabTv1mlxrqLQOwdpoQf5mxIRizMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdHB0T19XYVhHdW90QTdCMm1oQl9tYkVoR0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueb6MA0G
CSqGSIb3DQEBCwUAA4IBAQA5wZl5x2kgsh3fIaQstNvEmgm1vZ/4o7ypz6AZ9hdM
Z5BmpoNHpNMlU4WLNUgi1cA5coTg7e22+rKvP846cy6aLK7+I6kdfO4VXSYOrIzs
ulCB9If3ANnzxYBlD4jCzU7R5ZFxidEBo21Vo2pMRajt6shbQ6OcWLT2ayPmD0Oo
sQlmbY3fuUrOq6qiHZZej5ARTjF5ubN/C4F3xUeYXzlYHT+lY26pbEa5fsUuzcvE
kiW51r4wkiQQJT6B5y0J1eIM8VJNxpb1FlGtgc7lRWLzkLmTB6UyEKijsEHKtMQo
amhwBSY1kOCKF90uO+TmeDPUi7UXMyn2iD+8CjneWgjg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org