Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/IudlR-Fs44sLDSbrIkB8I_xB5T8.roa
File: IudlR-Fs44sLDSbrIkB8I_xB5T8.roa (raw, json)
Hash identifier: khHFmaXf5bIvWB3TKCpH3cAbTfEGLN4QvyxC8o/e6C4=
Subject key identifier: 22:E7:65:47:E1:6C:E3:8B:0B:0D:26:EB:22:40:7C:23:FC:41:E5:3F
Certificate issuer: /CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Certificate serial: 03C115DC
Authority key identifier: 73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/IudlR-Fs44sLDSbrIkB8I_xB5T8.roa
Signing time: Sat 01 Jan 2022 03:01:28 +0000
ROA not before: Sat 01 Jan 2022 03:01:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212761
IP address blocks: 185.41.23.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62985692 (0x3c115dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Validity
Not Before: Jan 1 03:01:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22e76547e16ce38b0b0d26eb22407c23fc41e53f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0e:b2:48:66:e1:f1:27:b4:fa:84:c3:1b:3a:
53:f7:31:67:6c:1e:66:f2:1c:d9:5f:f1:05:ef:74:
bf:6c:dd:31:7b:ea:04:4b:16:0d:45:fe:72:8b:5e:
3e:d2:f3:54:9a:a6:ca:c5:b2:e5:a2:e4:e8:8a:ab:
e4:9d:ee:92:a3:39:b6:65:ce:fe:42:f7:93:63:a9:
de:f4:4e:3a:d0:1c:8a:de:54:9a:9d:a0:d3:32:86:
69:ee:b9:9c:06:5d:ca:68:e1:31:75:93:0a:80:e6:
67:38:29:7f:78:3b:95:b9:95:d8:2f:c0:7f:11:36:
44:e8:f0:90:a4:18:a1:43:b8:24:aa:d8:00:ff:b9:
a3:2c:45:b5:2f:9c:83:ce:f8:4a:11:6b:9b:a6:6e:
93:a2:e1:60:03:87:db:7c:70:5f:ed:d7:7b:e9:09:
c5:27:44:12:99:0c:ea:7e:d4:7a:cd:67:10:b6:d0:
1b:e6:05:29:04:ea:57:a4:dd:a5:82:8f:51:58:40:
a0:6d:24:9e:47:9f:7d:71:92:11:63:27:12:8d:3d:
3a:e1:f7:c2:61:61:dd:e0:b7:dc:02:1a:53:25:43:
e8:06:b7:02:f6:6a:f1:10:98:f5:67:49:b8:24:95:
cf:5c:19:57:f9:b1:e0:b1:79:6f:01:f2:d1:16:d4:
fc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E7:65:47:E1:6C:E3:8B:0B:0D:26:EB:22:40:7C:23:FC:41:E5:3F
X509v3 Authority Key Identifier:
keyid:73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/IudlR-Fs44sLDSbrIkB8I_xB5T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/c9_uqcfeJG5tfRpQdAYoWyJvkoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.23.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:b4:0a:e1:1d:82:b4:85:83:d9:68:2b:09:4d:52:7a:65:3d:
ab:f2:bf:4f:5b:a5:f3:8d:10:92:f8:d8:60:10:fe:e9:91:22:
73:8d:ae:7c:8d:49:82:76:71:51:c5:0f:e4:c1:e5:0f:72:bf:
cd:00:5a:c6:a3:15:e9:2a:ac:d2:78:ef:28:70:63:dd:70:25:
8f:8b:b2:a8:91:08:8d:6c:41:91:97:0c:10:20:bb:c1:be:99:
de:0f:eb:2d:ab:bf:c8:23:fd:08:b5:a2:dd:a9:91:4d:86:96:
0e:90:99:ed:d7:c2:e0:e7:a8:a9:7e:85:a5:a9:2f:7d:40:72:
c3:4b:9c:05:0e:24:2f:87:06:11:4a:29:6c:53:6c:18:f5:3e:
82:e1:d5:ba:05:9c:a3:0c:37:4c:29:11:36:eb:e9:bd:a3:8a:
2e:9f:b0:a0:fb:f2:c2:95:28:14:59:ec:69:89:79:1f:15:77:
1d:85:db:70:1b:99:af:e3:7f:df:06:4b:e2:82:86:4d:e4:b2:
06:d9:3d:dc:8d:08:1e:37:3f:f2:bf:3e:3c:e9:d8:2d:be:c4:
a2:ee:3d:2c:56:f6:c1:3d:b0:43:c0:2d:85:b3:49:8a:1c:f7:
8f:10:c9:1e:0d:8b:11:5d:4b:cb:45:8d:d4:37:7f:d8:07:94:
2e:87:79:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8EV3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2RmZWVhOWM3ZGUyNDZlNmQ3ZDFhNTA3NDA2Mjg1YjIyNmY5Mjg2MB4XDTIyMDEw
MTAzMDEyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJlNzY1NDdlMTZj
ZTM4YjBiMGQyNmViMjI0MDdjMjNmYzQxZTUzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUOskhm4fEntPqEwxs6U/cxZ2weZvIc2V/xBe90v2zdMXvq
BEsWDUX+cotePtLzVJqmysWy5aLk6Iqr5J3ukqM5tmXO/kL3k2Op3vROOtAcit5U
mp2g0zKGae65nAZdymjhMXWTCoDmZzgpf3g7lbmV2C/AfxE2ROjwkKQYoUO4JKrY
AP+5oyxFtS+cg874ShFrm6Zuk6LhYAOH23xwX+3Xe+kJxSdEEpkM6n7Ues1nELbQ
G+YFKQTqV6TdpYKPUVhAoG0knkeffXGSEWMnEo09OuH3wmFh3eC33AIaUyVD6Aa3
AvZq8RCY9WdJuCSVz1wZV/mx4LF5bwHy0RbU/E8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQi52VH4WzjiwsNJusiQHwj/EHlPzAfBgNVHSMEGDAWgBRz3+6px94kbm19
GlB0BihbIm+ShjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M5X3VxY2ZlSkc1dGZScFFkQVlvV3lKdmtvWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvOWMwYTdlLTk5NjMtNGMwZC05NGFjLTQ0NmQwYTdlOTQwNC8x
L0l1ZGxSLUZzNDRzTERTYnJJa0I4SV94QjVUOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
OWMwYTdlLTk5NjMtNGMwZC05NGFjLTQ0NmQwYTdlOTQwNC8xL2M5X3VxY2ZlSkc1
dGZScFFkQVlvV3lKdmtvWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkpFzANBgkqhkiG9w0BAQsFAAOC
AQEAL7QK4R2CtIWD2WgrCU1SemU9q/K/T1ul840QkvjYYBD+6ZEic42ufI1JgnZx
UcUP5MHlD3K/zQBaxqMV6Sqs0njvKHBj3XAlj4uyqJEIjWxBkZcMECC7wb6Z3g/r
Lau/yCP9CLWi3amRTYaWDpCZ7dfC4OeoqX6FpakvfUByw0ucBQ4kL4cGEUopbFNs
GPU+guHVugWcoww3TCkRNuvpvaOKLp+woPvywpUoFFnsaYl5HxV3HYXbcBuZr+N/
3wZL4oKGTeSyBtk93I0IHjc/8r8+POnYLb7Eou49LFb2wT2wQ8AthbNJihz3jxDJ
Hg2LEV1Ly0WN1Dd/2AeULod5GQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:22 2023 by rpki-client on console-fra.rpki-client.org