Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/nimxZX4JojErgrbN-Ov9gwwnR1A.roa
File: nimxZX4JojErgrbN-Ov9gwwnR1A.roa (raw, json)
Hash identifier: vF+lZ5XXfzd1cB0WeQ0GWRNUWb8hSr3df/I19J4bT20=
Subject key identifier: 9E:29:B1:65:7E:09:A2:31:2B:82:B6:CD:F8:EB:FD:83:0C:27:47:50
Certificate issuer: /CN=cbe3da3582a22830ec4e67547e75fa3b9da20b23
Certificate serial: 0188E3F11CFB818B5D450254613BDA03A696
Authority key identifier: CB:E3:DA:35:82:A2:28:30:EC:4E:67:54:7E:75:FA:3B:9D:A2:0B:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/nimxZX4JojErgrbN-Ov9gwwnR1A.roa
Signing time: Thu 22 Jun 2023 16:30:09 +0000
ROA not before: Thu 22 Jun 2023 16:30:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61423
IP address blocks: 185.161.120.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e3:f1:1c:fb:81:8b:5d:45:02:54:61:3b:da:03:a6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe3da3582a22830ec4e67547e75fa3b9da20b23
Validity
Not Before: Jun 22 16:30:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e29b1657e09a2312b82b6cdf8ebfd830c274750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b7:73:38:4e:d0:41:71:95:10:17:56:db:d7:
2a:6d:23:31:4b:7f:a4:54:ab:b8:ed:ba:05:e1:12:
83:be:6b:20:77:26:7d:e5:31:2f:c4:2f:82:7f:b0:
67:96:13:10:b9:6d:10:31:d6:90:5a:9b:a1:5c:f9:
3c:e4:ac:50:57:ad:a7:d2:98:14:65:36:f0:66:9e:
46:73:00:28:c7:9f:7c:39:50:46:7c:06:09:fc:ef:
c1:5c:26:ce:78:d8:87:5a:d2:d7:f4:70:7f:f4:6e:
73:4b:0a:51:b5:85:bd:5c:bf:35:29:32:95:b9:da:
63:a9:ff:dd:3f:1a:4e:f9:0a:ff:e7:b0:8a:4f:d3:
e2:4f:fd:05:a0:2c:ea:3f:5b:45:ff:3c:c9:55:6e:
ea:8e:fd:63:b7:14:e4:e7:45:19:5a:fe:97:a6:de:
08:73:a4:63:e4:41:6b:b2:4d:fe:a0:68:13:7e:10:
bc:d6:11:97:91:cd:4d:c7:bf:5d:14:d7:6c:2a:00:
8f:e4:7f:22:b5:67:05:07:b5:96:76:55:4a:82:5c:
d2:c3:32:07:ae:29:5c:65:68:91:7b:57:42:4d:71:
4c:ad:15:d3:45:94:39:ab:2e:d0:3a:a9:45:f1:8e:
23:5d:b8:ff:79:80:61:23:f7:78:19:73:16:17:83:
30:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:29:B1:65:7E:09:A2:31:2B:82:B6:CD:F8:EB:FD:83:0C:27:47:50
X509v3 Authority Key Identifier:
keyid:CB:E3:DA:35:82:A2:28:30:EC:4E:67:54:7E:75:FA:3B:9D:A2:0B:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/nimxZX4JojErgrbN-Ov9gwwnR1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/y-PaNYKiKDDsTmdUfnX6O52iCyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.120.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:89:ae:5e:7d:15:26:61:8f:b3:90:fe:0c:37:8c:c3:d2:d5:
c9:f2:13:51:fc:b3:7d:54:c8:dc:cb:5e:85:60:a6:9b:a8:1d:
c7:ce:4d:4a:e5:2c:47:cd:24:f5:77:48:36:60:df:b8:9e:c6:
8c:83:1b:58:38:90:b7:8f:51:a6:75:74:4f:f2:e6:a3:d6:26:
19:5e:ec:f8:c1:87:b4:8b:07:4d:d6:2b:bb:01:5f:58:69:85:
8a:8a:b9:20:73:3a:76:f9:79:53:11:58:f3:a0:d3:91:64:bc:
86:3a:1f:42:9e:00:0d:33:29:75:33:59:1a:e0:05:79:13:b8:
34:ee:29:39:58:3f:ef:a4:fc:d5:8a:6d:56:b3:96:bb:9b:51:
b6:b9:0e:ad:90:9e:fc:dd:c4:be:eb:5c:03:a1:b0:76:2e:1b:
85:5f:a9:2d:53:fd:9f:25:4f:12:7a:5c:57:01:3e:72:71:40:
ab:ea:ef:e3:99:84:52:cd:11:e2:7d:f5:1d:d8:85:c5:b8:83:
7c:76:b1:ee:9e:e9:5c:ae:4c:dd:4f:8f:ce:fe:fe:5e:54:e3:
0b:44:dc:1f:3e:cc:80:ac:7d:4e:9d:27:52:ff:e7:a5:c1:42:
94:2f:3f:ca:9d:e8:6e:20:37:fb:54:4e:2a:02:83:60:09:75:
35:4a:1e:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjj8Rz7gYtdRQJUYTvaA6aWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTNkYTM1ODJhMjI4MzBlYzRlNjc1NDdlNzVmYTNiOWRh
MjBiMjMwHhcNMjMwNjIyMTYzMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI5YjE2NTdlMDlhMjMxMmI4MmI2Y2RmOGViZmQ4MzBjMjc0NzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLdzOE7QQXGVEBdW29cqbSMxS3+k
VKu47boF4RKDvmsgdyZ95TEvxC+Cf7BnlhMQuW0QMdaQWpuhXPk85KxQV62n0pgU
ZTbwZp5GcwAox598OVBGfAYJ/O/BXCbOeNiHWtLX9HB/9G5zSwpRtYW9XL81KTKV
udpjqf/dPxpO+Qr/57CKT9PiT/0FoCzqP1tF/zzJVW7qjv1jtxTk50UZWv6Xpt4I
c6Rj5EFrsk3+oGgTfhC81hGXkc1Nx79dFNdsKgCP5H8itWcFB7WWdlVKglzSwzIH
rilcZWiRe1dCTXFMrRXTRZQ5qy7QOqlF8Y4jXbj/eYBhI/d4GXMWF4MwTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4psWV+CaIxK4K2zfjr/YMMJ0dQMB8GA1UdIwQY
MBaAFMvj2jWCoigw7E5nVH51+judogsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1QYU5ZS2lLRERzVG1kVWZuWDZPNTJpQ3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82OGNmYzUtMmVjNi00YjU5LWIxMmUt
NmUzNmIyZjE3MDZiLzEvbmlteFpYNEpvakVyZ3JiTi1Pdjlnd3duUjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82OGNmYzUtMmVjNi00YjU5LWIxMmUtNmUzNmIyZjE3MDZi
LzEveS1QYU5ZS2lLRERzVG1kVWZuWDZPNTJpQ3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaF4MA0G
CSqGSIb3DQEBCwUAA4IBAQC/ia5efRUmYY+zkP4MN4zD0tXJ8hNR/LN9VMjcy16F
YKabqB3Hzk1K5SxHzST1d0g2YN+4nsaMgxtYOJC3j1GmdXRP8uaj1iYZXuz4wYe0
iwdN1iu7AV9YaYWKirkgczp2+XlTEVjzoNORZLyGOh9CngANMyl1M1ka4AV5E7g0
7ik5WD/vpPzVim1Ws5a7m1G2uQ6tkJ783cS+61wDobB2LhuFX6ktU/2fJU8SelxX
AT5ycUCr6u/jmYRSzRHiffUd2IXFuIN8drHunulcrkzdT4/O/v5eVOMLRNwfPsyA
rH1OnSdS/+elwUKULz/KnehuIDf7VE4qAoNgCXU1Sh7t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:33 2024 by rpki-client on console-fra.rpki-client.org