Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/ApVNTUm7XWhh8lzWQ7OveDNO0vU.roa
File: ApVNTUm7XWhh8lzWQ7OveDNO0vU.roa (raw, json)
Hash identifier: OZfrSOABGq5vkrWxJr9z6rHy0CCI77qwJiEAe0TvY88=
Subject key identifier: 02:95:4D:4D:49:BB:5D:68:61:F2:5C:D6:43:B3:AF:78:33:4E:D2:F5
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0186EAE95C83C88F5BE2296BD4E743B9C816
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/ApVNTUm7XWhh8lzWQ7OveDNO0vU.roa
Signing time: Thu 16 Mar 2023 14:53:27 +0000
ROA not before: Thu 16 Mar 2023 14:53:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206670
IP address blocks: 185.33.61.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ea:e9:5c:83:c8:8f:5b:e2:29:6b:d4:e7:43:b9:c8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Mar 16 14:53:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02954d4d49bb5d6861f25cd643b3af78334ed2f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b3:32:b2:05:b3:26:80:02:c3:71:ea:d9:ce:
45:d3:fa:17:67:ac:3d:28:df:23:19:d7:11:8a:10:
c8:4d:96:a0:87:a6:be:20:7a:86:e4:b8:be:60:43:
c8:c6:2e:80:ff:35:a1:8d:10:a3:f4:c3:7b:7a:45:
b6:79:7f:14:6c:5f:24:70:6e:d3:36:b1:93:84:7a:
02:67:38:c5:5d:f3:47:07:c4:f5:19:19:1b:a8:e8:
90:90:c6:58:da:00:86:43:6b:11:e0:8b:2b:3f:b5:
3c:41:01:5d:b1:87:fc:88:c0:d2:01:2e:8f:6c:a5:
ab:f3:33:f2:d8:22:c3:b1:cb:4a:eb:6c:fd:5b:32:
73:7a:6c:ba:eb:ba:e8:93:1c:2c:a6:bc:56:ea:e3:
0d:98:0e:16:f0:7e:38:7f:99:f8:53:b6:64:a3:65:
9b:a5:f4:6b:76:c6:a4:c8:da:58:67:6f:03:33:5a:
3f:d0:13:19:7e:84:31:48:92:26:d5:b1:f4:91:0d:
e4:d7:b7:f1:69:60:72:92:7a:c2:3c:e9:41:1c:54:
4b:d3:63:c1:a0:a4:93:74:72:77:9c:6a:21:a1:07:
d0:ef:44:2e:24:3d:5f:8d:f4:91:b4:39:19:58:d5:
4b:4e:64:05:33:3f:dd:e8:a9:7e:3f:e3:f8:86:e2:
8c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:95:4D:4D:49:BB:5D:68:61:F2:5C:D6:43:B3:AF:78:33:4E:D2:F5
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/ApVNTUm7XWhh8lzWQ7OveDNO0vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.61.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:36:cc:29:2a:8b:d8:f8:25:e5:0a:6b:ae:69:98:42:91:3c:
da:fb:73:ab:97:c1:81:15:f6:34:5f:65:1d:5a:06:c5:69:57:
07:e0:e0:17:ec:36:7d:92:c5:a8:64:c0:8e:4c:50:49:3e:e0:
f2:24:4b:57:5b:14:f3:ec:d1:3c:7e:5e:1d:f6:3c:a0:10:10:
60:2a:c3:2c:a5:c5:6c:49:20:51:ae:eb:83:e8:ad:65:da:aa:
a2:8b:52:ba:a9:6e:30:97:48:c6:d5:70:a6:1d:21:3c:14:4b:
a2:be:27:41:c2:bb:ed:27:3f:23:43:41:9d:40:99:05:37:cf:
cb:c3:c4:d0:7c:58:9b:65:ef:2c:3e:4c:48:ef:f1:93:86:f9:
3a:1e:fa:4b:59:78:6d:c4:85:de:79:b9:f4:6c:34:83:c3:da:
5a:f5:86:ed:4d:9e:96:35:61:05:13:28:69:96:f6:da:60:b3:
5b:aa:1b:83:e6:dd:77:8f:b7:84:1e:b5:c3:d1:b6:a2:8a:4e:
90:00:13:d8:ff:c7:ad:42:98:c4:bd:4f:ea:ac:55:23:81:6e:
29:f1:e3:65:81:95:bc:74:d1:66:4b:b2:cf:23:fc:dc:71:41:
96:29:46:cb:a8:e6:35:c1:1d:aa:5e:62:44:88:9a:1a:a3:9b:
50:7a:13:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbq6VyDyI9b4ilr1OdDucgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjMwMzE2MTQ1MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjk1NGQ0ZDQ5YmI1ZDY4NjFmMjVjZDY0M2IzYWY3ODMzNGVkMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirMysgWzJoACw3Hq2c5F0/oXZ6w9
KN8jGdcRihDITZagh6a+IHqG5Li+YEPIxi6A/zWhjRCj9MN7ekW2eX8UbF8kcG7T
NrGThHoCZzjFXfNHB8T1GRkbqOiQkMZY2gCGQ2sR4IsrP7U8QQFdsYf8iMDSAS6P
bKWr8zPy2CLDsctK62z9WzJzemy667rokxwsprxW6uMNmA4W8H44f5n4U7Zko2Wb
pfRrdsakyNpYZ28DM1o/0BMZfoQxSJIm1bH0kQ3k17fxaWByknrCPOlBHFRL02PB
oKSTdHJ3nGohoQfQ70QuJD1fjfSRtDkZWNVLTmQFMz/d6Kl+P+P4huKMkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKVTU1Ju11oYfJc1kOzr3gzTtL1MB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvQXBWTlRVbTdYV2hoOGx6V1E3T3ZlRE5PMHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSE9MA0G
CSqGSIb3DQEBCwUAA4IBAQBPNswpKovY+CXlCmuuaZhCkTza+3Orl8GBFfY0X2Ud
WgbFaVcH4OAX7DZ9ksWoZMCOTFBJPuDyJEtXWxTz7NE8fl4d9jygEBBgKsMspcVs
SSBRruuD6K1l2qqii1K6qW4wl0jG1XCmHSE8FEuividBwrvtJz8jQ0GdQJkFN8/L
w8TQfFibZe8sPkxI7/GThvk6HvpLWXhtxIXeebn0bDSDw9pa9YbtTZ6WNWEFEyhp
lvbaYLNbqhuD5t13j7eEHrXD0baiik6QABPY/8etQpjEvU/qrFUjgW4p8eNlgZW8
dNFmS7LPI/zccUGWKUbLqOY1wR2qXmJEiJoao5tQehON
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org