Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/brtu2j7V8OGIURspHO0Ny8o52oM.roa
File: brtu2j7V8OGIURspHO0Ny8o52oM.roa (raw, json)
Hash identifier: m676Y+aeD1CwfFRlrWbmHa1/+5OmbSTR1PQdLYBbNRk=
Subject key identifier: 6E:BB:6E:DA:3E:D5:F0:E1:88:51:1B:29:1C:ED:0D:CB:CA:39:DA:83
Certificate issuer: /CN=8b9f258283517df19859388e13bad1ae0268a5fb
Certificate serial: 0A1BE136
Authority key identifier: 8B:9F:25:82:83:51:7D:F1:98:59:38:8E:13:BA:D1:AE:02:68:A5:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/brtu2j7V8OGIURspHO0Ny8o52oM.roa
Signing time: Sat 01 Jan 2022 14:58:24 +0000
ROA not before: Sat 01 Jan 2022 14:58:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200475
IP address blocks: 185.255.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169599286 (0xa1be136)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9f258283517df19859388e13bad1ae0268a5fb
Validity
Not Before: Jan 1 14:58:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ebb6eda3ed5f0e188511b291ced0dcbca39da83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:cc:6a:d1:26:cd:3f:09:73:1f:e0:67:78:
58:fa:59:3e:f6:e1:ae:25:84:7e:ef:01:04:5f:60:
b0:8a:12:ed:6b:d6:58:f4:5b:e7:0c:02:72:69:67:
6e:07:7e:f1:0c:54:36:61:a0:87:90:ac:2a:79:9c:
fb:d0:40:4a:ca:74:b7:0c:d5:73:93:c4:8b:70:39:
81:da:e6:a7:f4:5f:4a:8b:75:b2:ee:ec:46:c9:a3:
1d:0b:c2:2e:fa:4b:fc:f1:ee:29:0e:ba:d2:74:55:
fc:75:cd:a3:ab:f1:ba:98:10:05:ff:5d:00:b3:92:
01:c2:26:de:19:94:b5:34:86:56:50:6f:72:2c:71:
86:78:0e:84:da:50:62:c4:3f:8b:d8:d2:73:f0:51:
34:03:c0:18:e0:6a:c9:fa:d3:ef:c1:ce:eb:ef:43:
5a:14:21:c1:51:bc:d2:af:d7:cf:71:0c:2f:dd:75:
8a:22:6e:35:d6:1b:a2:1f:8c:99:f5:31:a3:4d:10:
f4:a6:ae:29:f7:33:84:e8:47:96:7c:5f:dd:4c:0d:
40:39:1e:54:6e:16:bb:4b:bd:ff:8f:7f:2a:95:88:
29:d7:1c:ef:8b:87:46:7c:e1:af:b1:6a:cd:f0:40:
b9:d9:92:75:36:1f:b8:fc:09:7b:83:7d:33:2c:e4:
69:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BB:6E:DA:3E:D5:F0:E1:88:51:1B:29:1C:ED:0D:CB:CA:39:DA:83
X509v3 Authority Key Identifier:
keyid:8B:9F:25:82:83:51:7D:F1:98:59:38:8E:13:BA:D1:AE:02:68:A5:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/brtu2j7V8OGIURspHO0Ny8o52oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.212.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:9c:b0:d7:01:45:da:05:79:b9:43:ab:66:e8:af:b9:92:d6:
f9:66:5f:8d:97:9d:7d:2f:82:80:cc:6c:46:51:37:24:11:8d:
a1:08:c2:ec:93:ad:33:e0:82:ef:a4:fc:77:55:c1:8d:65:6e:
41:d8:88:c5:2b:4d:91:c5:c5:aa:c8:d3:41:f1:d9:63:bf:5b:
ba:75:6e:73:e8:79:52:8b:c8:34:f0:5b:03:0c:0f:ca:b8:2b:
a2:63:b9:a5:cd:5d:ec:f7:d9:19:34:4d:d6:53:81:1b:35:a4:
62:bd:fa:dd:66:65:dc:94:d1:61:c6:d0:bb:e6:b7:9b:76:2d:
49:35:7e:58:cc:b6:e4:05:f3:18:fa:a2:3a:27:cf:42:e2:f9:
6f:b8:78:94:74:3e:5b:5f:5f:84:fb:35:41:2a:ee:c3:51:49:
f3:3d:7a:10:65:74:78:2b:47:88:32:7f:0f:d1:87:ae:02:86:
0b:d7:92:f5:3e:f5:86:d5:e6:08:78:77:fc:58:28:7a:32:56:
9a:fe:04:7e:12:8d:44:35:b6:4e:81:11:f7:d3:c2:10:d3:fd:
a6:55:22:48:91:25:18:dc:70:1f:e2:96:1e:e7:3c:e2:46:da:
ad:48:70:91:35:0f:8d:df:00:9f:31:08:8b:9e:2a:dc:de:ef:
03:0b:34:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChvhNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YjlmMjU4MjgzNTE3ZGYxOTg1OTM4OGUxM2JhZDFhZTAyNjhhNWZiMB4XDTIyMDEw
MTE0NTgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmViYjZlZGEzZWQ1
ZjBlMTg4NTExYjI5MWNlZDBkY2JjYTM5ZGE4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALo2zGrRJs0/CXMf4Gd4WPpZPvbhriWEfu8BBF9gsIoS7WvW
WPRb5wwCcmlnbgd+8QxUNmGgh5CsKnmc+9BASsp0twzVc5PEi3A5gdrmp/RfSot1
su7sRsmjHQvCLvpL/PHuKQ660nRV/HXNo6vxupgQBf9dALOSAcIm3hmUtTSGVlBv
cixxhngOhNpQYsQ/i9jSc/BRNAPAGOBqyfrT78HO6+9DWhQhwVG80q/Xz3EML911
iiJuNdYboh+MmfUxo00Q9KauKfczhOhHlnxf3UwNQDkeVG4Wu0u9/49/KpWIKdcc
74uHRnzhr7FqzfBAudmSdTYfuPwJe4N9MyzkaXUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRuu27aPtXw4YhRGykc7Q3LyjnagzAfBgNVHSMEGDAWgBSLnyWCg1F98ZhZ
OI4TutGuAmil+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k1OGxnb05SZmZHWVdUaU9FN3JScmdKb3Bmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvNTI4ZTIxLTIzYjItNDQzNi1iYzhiLThmNWU5OTdhYjFiNS8x
L2JydHUyajdWOE9HSVVSc3BITzBOeThvNTJvTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
NTI4ZTIxLTIzYjItNDQzNi1iYzhiLThmNWU5OTdhYjFiNS8xL2k1OGxnb05SZmZH
WVdUaU9FN3JScmdKb3Bmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn/1DANBgkqhkiG9w0BAQsFAAOC
AQEAe5yw1wFF2gV5uUOrZuivuZLW+WZfjZedfS+CgMxsRlE3JBGNoQjC7JOtM+CC
76T8d1XBjWVuQdiIxStNkcXFqsjTQfHZY79bunVuc+h5UovINPBbAwwPyrgromO5
pc1d7PfZGTRN1lOBGzWkYr363WZl3JTRYcbQu+a3m3YtSTV+WMy25AXzGPqiOifP
QuL5b7h4lHQ+W19fhPs1QSruw1FJ8z16EGV0eCtHiDJ/D9GHrgKGC9eS9T71htXm
CHh3/FgoejJWmv4EfhKNRDW2ToER99PCENP9plUiSJElGNxwH+KWHuc84kbarUhw
kTUPjd8AnzEIi54q3N7vAws0Hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:20 2024 by rpki-client on console-fra.rpki-client.org