Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/M3PxxpyhX2LhIcQSrfR2wrJuCpA.roa
File: M3PxxpyhX2LhIcQSrfR2wrJuCpA.roa (raw, json)
Hash identifier: GwHANIRiu/kMsVcdkoXJuYTxlLONmeURvgIaaSHSqz4=
Subject key identifier: 33:73:F1:C6:9C:A1:5F:62:E1:21:C4:12:AD:F4:76:C2:B2:6E:0A:90
Certificate issuer: /CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Certificate serial: 01856CA5CD78D5260BF95715E58383EF6D8C
Authority key identifier: 44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/M3PxxpyhX2LhIcQSrfR2wrJuCpA.roa
Signing time: Sun 01 Jan 2023 09:24:43 +0000
ROA not before: Sun 01 Jan 2023 09:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48357
IP address blocks: 185.83.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:cd:78:d5:26:0b:f9:57:15:e5:83:83:ef:6d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Validity
Not Before: Jan 1 09:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3373f1c69ca15f62e121c412adf476c2b26e0a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:57:0f:41:e7:a3:04:8d:d2:39:0e:61:82:94:
d1:87:b3:5c:9c:8e:d2:5a:01:d5:67:3e:48:e4:42:
46:15:7c:57:dc:dc:7b:6f:e2:85:19:55:3f:c9:9f:
5c:b7:72:06:e4:e3:02:82:7c:22:3a:81:ca:0f:6d:
07:91:4e:45:e5:fd:d1:cd:ab:65:ac:7e:ed:25:7c:
53:94:fe:d0:6f:1a:a0:29:c5:55:3f:81:e8:0c:c9:
b1:f5:3c:ce:4d:74:ac:30:db:1d:af:31:e8:25:6e:
1c:ff:7f:99:51:1e:3c:13:09:37:f4:4f:d5:e4:7e:
19:6d:cb:10:29:df:6a:1e:71:74:ae:14:f7:cf:bc:
8b:fe:f0:a4:63:63:a5:ae:ea:2c:e4:d1:0c:c2:d0:
42:82:1c:94:ef:a3:33:e9:4e:1f:e2:a5:7b:82:61:
3b:b7:fa:05:b1:57:c5:c0:29:0c:45:57:85:7a:7d:
44:f4:8d:2a:18:d6:1c:b6:63:e0:83:c7:c2:dd:3e:
cd:80:2e:79:56:7f:17:31:27:81:33:48:f2:fa:d0:
af:a7:5a:4a:a5:b4:72:2b:4b:36:59:fe:bc:4d:eb:
c8:1e:57:4b:18:29:2d:81:0f:d1:ec:4a:b1:37:09:
85:75:5d:99:5b:dc:48:07:af:b5:b4:f0:3b:a0:23:
a8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:73:F1:C6:9C:A1:5F:62:E1:21:C4:12:AD:F4:76:C2:B2:6E:0A:90
X509v3 Authority Key Identifier:
keyid:44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/M3PxxpyhX2LhIcQSrfR2wrJuCpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.214.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:8b:71:9c:40:a0:2b:72:8f:a3:f6:87:bb:cc:4f:c7:20:77:
5d:20:ad:d0:d9:75:2a:9f:ec:71:c3:74:d8:6a:0f:fd:a8:2b:
cc:41:1c:f3:33:5e:99:af:44:6f:8f:08:6b:1a:5d:3a:04:a1:
48:5d:3b:8e:08:41:31:12:b2:ce:e6:bb:9f:a5:a0:e4:ff:0c:
ea:ba:31:6b:35:32:92:bd:b3:b4:5e:92:12:e6:e3:08:31:69:
f8:1c:50:f6:57:cb:a3:11:60:0f:68:37:ab:46:da:c7:96:55:
f3:0e:78:82:de:8d:8f:5e:c8:b1:24:52:f3:2e:17:df:c1:3d:
eb:5f:a3:73:30:ac:41:10:a6:96:01:23:7c:7f:55:7c:89:b8:
43:45:46:1f:6d:96:53:d4:92:56:f5:64:9f:69:16:77:99:c1:
75:c5:39:34:1d:d7:b2:48:4f:c3:c8:3e:68:a6:d8:77:4d:43:
59:c0:88:f1:e2:1f:32:59:5b:a9:ab:51:65:38:55:97:e7:2c:
be:2c:da:8c:50:be:5d:3c:84:51:67:de:31:a8:b8:a2:3a:98:
a1:35:ab:ba:43:ff:69:a5:0b:c0:cf:96:7d:88:61:af:5d:17:
26:6e:ee:6f:25:cf:3d:95:21:39:b6:39:e3:62:f9:ee:fc:e9:
c8:18:35:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVspc141SYL+VcV5YOD722MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MDA3MTcyZGY5ZmMyZDRhMmRkYmJhOTM0Y2ViYzlmMDI4
NmQzY2EwHhcNMjMwMTAxMDkyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzczZjFjNjljYTE1ZjYyZTEyMWM0MTJhZGY0NzZjMmIyNmUwYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFcPQeejBI3SOQ5hgpTRh7NcnI7S
WgHVZz5I5EJGFXxX3Nx7b+KFGVU/yZ9ct3IG5OMCgnwiOoHKD20HkU5F5f3Rzatl
rH7tJXxTlP7QbxqgKcVVP4HoDMmx9TzOTXSsMNsdrzHoJW4c/3+ZUR48Ewk39E/V
5H4ZbcsQKd9qHnF0rhT3z7yL/vCkY2Olruos5NEMwtBCghyU76Mz6U4f4qV7gmE7
t/oFsVfFwCkMRVeFen1E9I0qGNYctmPgg8fC3T7NgC55Vn8XMSeBM0jy+tCvp1pK
pbRyK0s2Wf68TevIHldLGCktgQ/R7EqxNwmFdV2ZW9xIB6+1tPA7oCOo2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNz8cacoV9i4SHEEq30dsKybgqQMB8GA1UdIwQY
MBaAFEQAcXLfn8LUot27qTTOvJ8ChtPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYt
MDU4NWRlNGQ0ZWU3LzEvTTNQeHhweWhYMkxoSWNRU3JmUjJ3ckp1Q3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYtMDU4NWRlNGQ0ZWU3
LzEvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVPWMA0G
CSqGSIb3DQEBCwUAA4IBAQChi3GcQKArco+j9oe7zE/HIHddIK3Q2XUqn+xxw3TY
ag/9qCvMQRzzM16Zr0RvjwhrGl06BKFIXTuOCEExErLO5rufpaDk/wzqujFrNTKS
vbO0XpIS5uMIMWn4HFD2V8ujEWAPaDerRtrHllXzDniC3o2PXsixJFLzLhffwT3r
X6NzMKxBEKaWASN8f1V8ibhDRUYfbZZT1JJW9WSfaRZ3mcF1xTk0HdeySE/DyD5o
pth3TUNZwIjx4h8yWVupq1FlOFWX5yy+LNqMUL5dPIRRZ94xqLiiOpihNau6Q/9p
pQvAz5Z9iGGvXRcmbu5vJc89lSE5tjnjYvnu/OnIGDVc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:00 2024 by rpki-client on console-fra.rpki-client.org