Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/fhFC1JLLOjlzm97oIa5KIcNgRtU.roa
File: fhFC1JLLOjlzm97oIa5KIcNgRtU.roa (raw, json)
Hash identifier: V4oGyHYumj/7KtNi9X4lXgkIyRBk6HWj2W71eOlP6ZU=
Subject key identifier: 7E:11:42:D4:92:CB:3A:39:73:9B:DE:E8:21:AE:4A:21:C3:60:46:D5
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 0184C4DEB92310EE8E0C8929D4545C75BD2F
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/fhFC1JLLOjlzm97oIa5KIcNgRtU.roa
Signing time: Tue 29 Nov 2022 19:30:41 +0000
ROA not before: Tue 29 Nov 2022 19:30:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20668
IP address blocks: 185.206.53.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:de:b9:23:10:ee:8e:0c:89:29:d4:54:5c:75:bd:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Nov 29 19:30:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e1142d492cb3a39739bdee821ae4a21c36046d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:ca:77:80:f9:e6:0e:08:1a:48:42:48:14:
33:27:2d:05:ea:bd:cc:f9:4c:67:c4:cd:3f:da:19:
b2:b4:f1:74:57:a4:11:41:d5:5d:1b:e1:22:46:4b:
17:c2:60:7f:e1:bf:ef:61:a1:87:ad:38:df:7b:dd:
50:93:2c:ce:93:48:b2:b4:0e:d9:ac:b6:ee:d7:50:
31:89:71:50:a7:11:52:48:61:64:65:dc:db:fb:34:
1a:b1:cc:fd:f9:b0:f6:b9:1f:6a:4b:f7:50:b6:f7:
a6:33:04:0d:26:ae:8e:f4:d8:42:72:f4:a2:64:e9:
9c:c6:8d:0a:c2:73:14:e9:a0:29:aa:a4:6f:99:6f:
94:1f:86:03:02:5a:d0:fe:fa:05:e6:e6:32:5c:ff:
7f:6d:37:9b:9f:b3:33:f1:76:b8:7c:35:af:e4:96:
7e:4b:67:91:62:6e:56:5f:e6:f2:c4:d1:e9:18:ba:
82:ee:ab:20:5e:66:41:d5:63:f2:36:84:57:a9:fd:
8a:82:a0:9f:ac:90:15:6f:17:5a:94:b2:20:f5:36:
95:fb:07:4b:e7:e0:37:ff:99:be:7d:a3:a2:c4:15:
13:ed:7a:aa:7a:dc:67:5e:85:f6:1b:8d:ae:5c:82:
70:9b:b3:30:51:4f:de:72:51:48:64:8d:cc:60:de:
4b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:11:42:D4:92:CB:3A:39:73:9B:DE:E8:21:AE:4A:21:C3:60:46:D5
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/fhFC1JLLOjlzm97oIa5KIcNgRtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.53.0/24
Signature Algorithm: sha256WithRSAEncryption
07:4f:02:97:40:22:c6:e5:a2:50:38:ff:f0:7d:b6:bd:ba:be:
a0:d6:b4:c6:99:7e:de:54:78:2c:1a:ce:17:f8:eb:2b:57:0c:
b7:95:bf:fd:38:ef:aa:0b:50:3a:68:51:b7:fa:8d:71:e2:b6:
7f:84:c4:37:e0:6b:ca:21:e1:50:37:6e:7e:25:99:b6:c9:61:
d9:8e:53:26:40:1a:85:7f:a6:b6:fd:03:21:8c:34:3b:e1:31:
c6:9d:ff:09:de:d3:77:88:8b:bb:fc:c0:d7:5e:ab:ff:71:86:
0f:56:e3:c4:2b:54:c4:5c:f7:5a:23:5d:bb:ae:1e:5c:6a:c2:
d1:4d:92:6e:d9:f2:92:f0:16:2a:bc:d6:45:39:e1:f9:91:e5:
61:02:29:ea:04:42:5c:6d:0e:59:a6:63:92:d1:f9:55:c1:e3:
4e:61:5f:58:2f:0d:72:b1:a9:a4:dd:1e:5c:af:59:1b:81:99:
b1:c1:df:87:11:5f:c0:96:67:fe:49:20:41:2e:b4:b8:06:13:
3a:e7:29:9f:60:36:1b:a7:d0:05:0a:29:d2:4f:2a:40:62:ed:
1d:1d:05:3c:69:51:3b:71:e4:89:fc:46:07:72:6e:38:b9:82:
3c:d1:52:0a:9e:71:9e:3d:8d:37:35:af:2c:d0:0a:e1:f6:c0:
28:df:8a:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTE3rkjEO6ODIkp1FRcdb0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjIxMTI5MTkzMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTExNDJkNDkyY2IzYTM5NzM5YmRlZTgyMWFlNGEyMWMzNjA0NmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSzKd4D55g4IGkhCSBQzJy0F6r3M
+UxnxM0/2hmytPF0V6QRQdVdG+EiRksXwmB/4b/vYaGHrTjfe91QkyzOk0iytA7Z
rLbu11AxiXFQpxFSSGFkZdzb+zQascz9+bD2uR9qS/dQtvemMwQNJq6O9NhCcvSi
ZOmcxo0KwnMU6aApqqRvmW+UH4YDAlrQ/voF5uYyXP9/bTebn7Mz8Xa4fDWv5JZ+
S2eRYm5WX+byxNHpGLqC7qsgXmZB1WPyNoRXqf2KgqCfrJAVbxdalLIg9TaV+wdL
5+A3/5m+faOixBUT7XqqetxnXoX2G42uXIJwm7MwUU/eclFIZI3MYN5LxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4RQtSSyzo5c5ve6CGuSiHDYEbVMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvZmhGQzFKTExPamx6bTk3b0lhNUtJY05nUnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc41MA0G
CSqGSIb3DQEBCwUAA4IBAQAHTwKXQCLG5aJQOP/wfba9ur6g1rTGmX7eVHgsGs4X
+OsrVwy3lb/9OO+qC1A6aFG3+o1x4rZ/hMQ34GvKIeFQN25+JZm2yWHZjlMmQBqF
f6a2/QMhjDQ74THGnf8J3tN3iIu7/MDXXqv/cYYPVuPEK1TEXPdaI127rh5casLR
TZJu2fKS8BYqvNZFOeH5keVhAinqBEJcbQ5ZpmOS0flVweNOYV9YLw1ysamk3R5c
r1kbgZmxwd+HEV/Almf+SSBBLrS4BhM65ymfYDYbp9AFCinSTypAYu0dHQU8aVE7
ceSJ/EYHcm44uYI80VIKnnGePY03Na8s0Arh9sAo34oN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org