Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/BT1unS3mNVidhoCs7gGSFPSRD1c.roa
File: BT1unS3mNVidhoCs7gGSFPSRD1c.roa (raw, json)
Hash identifier: 4frtMm5oLS5EUQ5mff6Tpkv8AHxHXRdn9XPSLIUbyME=
Subject key identifier: 05:3D:6E:9D:2D:E6:35:58:9D:86:80:AC:EE:01:92:14:F4:91:0F:57
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 018BCF0782060757B1099AA9902130DF8130
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/BT1unS3mNVidhoCs7gGSFPSRD1c.roa
Signing time: Tue 14 Nov 2023 18:10:57 +0000
ROA not before: Tue 14 Nov 2023 18:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208885
IP address blocks: 185.33.61.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cf:07:82:06:07:57:b1:09:9a:a9:90:21:30:df:81:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Nov 14 18:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=053d6e9d2de635589d8680acee019214f4910f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d8:9d:f1:ac:4e:04:5c:5b:12:f3:03:ce:7e:
7f:cd:96:c6:ad:9c:80:92:9c:a9:8f:ac:78:66:0d:
9c:04:09:8f:01:9d:08:3e:dc:11:00:ac:fc:7d:b8:
2a:9f:a1:a9:57:c3:58:ce:26:77:30:8b:48:1e:75:
b2:6c:6e:34:c6:95:18:80:ac:b5:d7:49:31:2e:8f:
64:7a:b7:83:7c:16:77:3e:8c:11:43:2c:a3:a7:97:
d9:de:2f:12:c8:d5:63:dc:7b:9b:23:08:78:5d:eb:
13:98:a0:d6:e5:d0:87:7d:57:0e:8c:ee:76:ed:4c:
97:7f:8f:3c:f3:89:92:8a:3c:51:ac:fe:32:e4:7c:
ab:95:fc:98:2a:d4:f4:a0:08:f8:fc:8d:44:9f:d9:
93:12:0e:c6:d5:1a:ad:f3:43:ec:21:08:93:0e:36:
9e:68:4e:d5:9f:3b:b7:f7:31:3a:d1:28:95:d8:e1:
a7:5f:f4:d4:49:5c:d3:49:71:b3:32:41:5e:5a:0d:
20:d0:aa:d7:7f:df:81:97:fb:bd:37:88:00:cb:39:
c6:9d:ee:71:24:f4:1f:44:2b:58:11:6d:44:74:93:
7a:5f:34:08:ec:24:20:1f:e0:08:97:e0:38:07:6a:
0e:f7:8e:79:cb:e6:92:0c:9b:55:23:09:23:5f:c2:
37:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:3D:6E:9D:2D:E6:35:58:9D:86:80:AC:EE:01:92:14:F4:91:0F:57
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/BT1unS3mNVidhoCs7gGSFPSRD1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.61.0/24
Signature Algorithm: sha256WithRSAEncryption
92:cb:b3:0c:1c:51:d6:24:8f:7c:c2:25:b0:ae:a2:e6:a7:eb:
27:2b:08:21:56:03:a3:a4:d9:8a:05:b7:ca:21:4c:a5:31:33:
88:1a:59:bd:08:fa:aa:d6:82:72:94:4e:ed:c6:c5:ae:dd:43:
8f:fc:a3:6d:6f:71:7d:40:73:52:d8:cc:38:82:4f:ad:1f:f9:
b7:a4:ce:08:6b:dd:d8:10:3b:cc:9a:36:d6:e6:92:e3:d3:91:
ce:70:75:f7:a7:71:b3:1c:7c:61:7c:c6:37:ba:35:a6:4b:2e:
26:c4:af:22:fa:5a:37:6d:34:00:68:62:39:f5:a7:03:35:19:
f9:23:65:1a:4f:0d:ca:40:10:6c:68:5b:9f:ea:e3:09:2f:1b:
cf:f9:71:ad:d7:3c:72:12:fd:0c:82:85:25:31:d6:c3:4c:bf:
5c:0e:a6:b6:d6:9d:ed:60:6d:8b:d8:d2:25:cd:ed:1c:ea:cc:
01:f3:19:54:8c:bf:83:05:4e:29:ba:3c:13:76:52:7d:f5:76:
35:7c:f4:bf:38:8a:46:fb:ff:fd:4b:5f:14:27:c1:ff:5a:d1:
22:cf:33:ee:b9:60:e8:e5:87:22:9c:98:d2:41:8c:9d:0c:4f:
ea:0d:88:54:48:96:a8:ba:6b:5d:f8:9d:c5:9f:71:7d:51:e6:
84:22:64:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvPB4IGB1exCZqpkCEw34EwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjMxMTE0MTgxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTNkNmU5ZDJkZTYzNTU4OWQ4NjgwYWNlZTAxOTIxNGY0OTEwZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9id8axOBFxbEvMDzn5/zZbGrZyA
kpypj6x4Zg2cBAmPAZ0IPtwRAKz8fbgqn6GpV8NYziZ3MItIHnWybG40xpUYgKy1
10kxLo9kereDfBZ3PowRQyyjp5fZ3i8SyNVj3HubIwh4XesTmKDW5dCHfVcOjO52
7UyXf48884mSijxRrP4y5HyrlfyYKtT0oAj4/I1En9mTEg7G1Rqt80PsIQiTDjae
aE7Vnzu39zE60SiV2OGnX/TUSVzTSXGzMkFeWg0g0KrXf9+Bl/u9N4gAyznGne5x
JPQfRCtYEW1EdJN6XzQI7CQgH+AIl+A4B2oO9455y+aSDJtVIwkjX8I3vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAU9bp0t5jVYnYaArO4BkhT0kQ9XMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvQlQxdW5TM21OVmlkaG9DczdnR1NGUFNSRDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSE9MA0G
CSqGSIb3DQEBCwUAA4IBAQCSy7MMHFHWJI98wiWwrqLmp+snKwghVgOjpNmKBbfK
IUylMTOIGlm9CPqq1oJylE7txsWu3UOP/KNtb3F9QHNS2Mw4gk+tH/m3pM4Ia93Y
EDvMmjbW5pLj05HOcHX3p3GzHHxhfMY3ujWmSy4mxK8i+lo3bTQAaGI59acDNRn5
I2UaTw3KQBBsaFuf6uMJLxvP+XGt1zxyEv0MgoUlMdbDTL9cDqa21p3tYG2L2NIl
ze0c6swB8xlUjL+DBU4pujwTdlJ99XY1fPS/OIpG+//9S18UJ8H/WtEizzPuuWDo
5YcinJjSQYydDE/qDYhUSJaoumtd+J3Fn3F9UeaEImST
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org