Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/EaKGPX0sMii9czM_ASaKVd6XBqg.roa
File: EaKGPX0sMii9czM_ASaKVd6XBqg.roa (raw, json)
Hash identifier: WIzEG4FjXg8ua+LNVIepshMQumDtSktniK1o5NmplxE=
Subject key identifier: 11:A2:86:3D:7D:2C:32:28:BD:73:33:3F:01:26:8A:55:DE:97:06:A8
Certificate issuer: /CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Certificate serial: 15FEE292
Authority key identifier: 44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/EaKGPX0sMii9czM_ASaKVd6XBqg.roa
Signing time: Sat 01 Jan 2022 14:02:17 +0000
ROA not before: Sat 01 Jan 2022 14:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58110
IP address blocks: 185.83.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 369025682 (0x15fee292)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Validity
Not Before: Jan 1 14:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11a2863d7d2c3228bd73333f01268a55de9706a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d4:76:c8:f8:1d:be:61:72:d1:8b:9c:fd:f6:
ab:09:4f:4e:67:cf:10:49:6c:3c:37:72:dc:c6:8d:
87:08:8e:00:5b:b0:57:ff:71:9b:04:62:ef:cf:e9:
55:37:76:e1:29:a0:fa:79:b5:46:21:b6:9c:78:8c:
b1:94:bc:03:38:4d:9e:f1:b7:47:4f:12:4d:d7:cc:
1b:fa:1a:fb:9a:44:ac:2e:02:3f:d8:eb:43:96:74:
ea:51:4a:5b:69:77:17:05:87:93:f4:c1:af:2b:87:
39:0b:8a:c6:5d:7a:39:33:ce:fd:8a:6e:fb:61:13:
3b:f9:65:bf:69:56:9d:bb:50:32:1a:f2:25:fa:ab:
11:0a:6f:21:f6:b9:69:6f:3e:68:65:0e:e6:d2:19:
be:3b:40:b3:20:79:80:6f:0a:99:25:8e:18:62:e0:
c6:57:90:3f:d4:71:31:a5:54:c1:b4:be:c4:c3:ad:
d2:ee:93:c7:54:c2:c7:5a:38:3c:b4:a8:75:d6:9d:
b7:78:af:b5:64:a6:4f:ce:aa:f1:22:5c:f2:c6:08:
bb:ac:20:49:a5:92:af:9e:b2:89:ea:59:41:57:88:
8d:cb:f4:39:96:fe:f5:5e:b5:c9:97:83:84:38:e7:
d8:14:b5:5d:82:ab:c9:2f:dd:ac:3e:98:fa:3c:ea:
2e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A2:86:3D:7D:2C:32:28:BD:73:33:3F:01:26:8A:55:DE:97:06:A8
X509v3 Authority Key Identifier:
keyid:44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/EaKGPX0sMii9czM_ASaKVd6XBqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.214.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:42:79:02:b3:58:75:9f:22:82:aa:50:35:72:8e:59:54:56:
d9:bf:92:e9:c9:96:65:9d:cd:80:8d:71:f3:f6:9b:67:e0:4d:
58:da:4b:af:69:f7:77:46:32:52:fb:f5:57:49:03:d8:90:cd:
a5:65:59:35:0d:d4:e7:69:8e:a6:19:11:be:eb:b2:3d:bb:f4:
92:e7:41:21:fa:1b:46:c2:2e:c1:b8:83:7a:fb:b5:73:73:15:
a7:2f:89:4a:aa:55:f2:a8:f4:5a:1a:9a:d7:97:e8:3c:2a:a9:
4e:36:05:2e:06:e6:e5:ff:49:9a:38:83:7b:45:a4:17:a8:10:
94:18:30:72:0d:b6:0b:d0:19:60:26:28:e4:1c:09:2a:f6:29:
a6:a1:71:cf:fd:56:bd:72:3e:dd:41:8c:ad:94:ad:33:da:b4:
1e:08:1f:54:8d:14:84:1b:dc:1a:23:f7:73:10:db:d7:78:48:
53:0c:76:d3:1a:ce:0c:40:0d:b5:50:ae:fc:6a:db:75:39:5a:
42:4f:fd:6c:2c:36:45:40:cc:aa:45:01:bb:af:57:61:8b:85:
0c:4b:08:d8:02:e5:cc:f1:ec:7a:55:e3:7c:e7:37:a5:bf:be:
5c:63:44:ef:fb:58:ef:ac:73:29:b8:69:fc:73:17:44:9f:58:
8a:c8:77:eb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFf7ikjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDAwNzE3MmRmOWZjMmQ0YTJkZGJiYTkzNGNlYmM5ZjAyODZkM2NhMB4XDTIyMDEw
MTE0MDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTFhMjg2M2Q3ZDJj
MzIyOGJkNzMzMzNmMDEyNjhhNTVkZTk3MDZhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHUdsj4Hb5hctGLnP32qwlPTmfPEElsPDdy3MaNhwiOAFuw
V/9xmwRi78/pVTd24Smg+nm1RiG2nHiMsZS8AzhNnvG3R08STdfMG/oa+5pErC4C
P9jrQ5Z06lFKW2l3FwWHk/TBryuHOQuKxl16OTPO/Ypu+2ETO/llv2lWnbtQMhry
JfqrEQpvIfa5aW8+aGUO5tIZvjtAsyB5gG8KmSWOGGLgxleQP9RxMaVUwbS+xMOt
0u6Tx1TCx1o4PLSoddadt3ivtWSmT86q8SJc8sYIu6wgSaWSr56yiepZQVeIjcv0
OZb+9V61yZeDhDjn2BS1XYKryS/drD6Y+jzqLv0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQRooY9fSwyKL1zMz8BJopV3pcGqDAfBgNVHSMEGDAWgBREAHFy35/C1KLd
u6k0zryfAobTyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JBQnhjdC1md3RTaTNidXBOTTY4bndLRzA4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvOTQ1ZGJkLTJmYjctNGRkMS05NmE2LTA1ODVkZTRkNGVlNy8x
L0VhS0dQWDBzTWlpOWN6TV9BU2FLVmQ2WEJxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
OTQ1ZGJkLTJmYjctNGRkMS05NmE2LTA1ODVkZTRkNGVlNy8xL1JBQnhjdC1md3RT
aTNidXBOTTY4bndLRzA4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlT1jANBgkqhkiG9w0BAQsFAAOC
AQEAzkJ5ArNYdZ8igqpQNXKOWVRW2b+S6cmWZZ3NgI1x8/abZ+BNWNpLr2n3d0Yy
Uvv1V0kD2JDNpWVZNQ3U52mOphkRvuuyPbv0kudBIfobRsIuwbiDevu1c3MVpy+J
SqpV8qj0Whqa15foPCqpTjYFLgbm5f9JmjiDe0WkF6gQlBgwcg22C9AZYCYo5BwJ
KvYppqFxz/1WvXI+3UGMrZStM9q0HggfVI0UhBvcGiP3cxDb13hIUwx20xrODEAN
tVCu/GrbdTlaQk/9bCw2RUDMqkUBu69XYYuFDEsI2ALlzPHselXjfOc3pb++XGNE
7/tY76xzKbhp/HMXRJ9Yish36w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:51 2024 by rpki-client on console-ams.rpki-client.org