Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/hiB3kXCNrloHQhYeEs41hjeF3mo.roa
File: hiB3kXCNrloHQhYeEs41hjeF3mo.roa (raw, json)
Hash identifier: 1rZEjUJ36mbN2WpD/Ltqk3n/HRxJ4GNrgsnyWnea4QA=
Subject key identifier: 86:20:77:91:70:8D:AE:5A:07:42:16:1E:12:CE:35:86:37:85:DE:6A
Certificate issuer: /CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Certificate serial: 01856CA5CE637D1C348108829232B8EC433E
Authority key identifier: 44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/hiB3kXCNrloHQhYeEs41hjeF3mo.roa
Signing time: Sun 01 Jan 2023 09:24:43 +0000
ROA not before: Sun 01 Jan 2023 09:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58110
IP address blocks: 185.83.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:ce:63:7d:1c:34:81:08:82:92:32:b8:ec:43:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Validity
Not Before: Jan 1 09:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86207791708dae5a0742161e12ce35863785de6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:76:65:5b:58:97:7e:9b:ec:6c:d5:67:37:e4:
17:5a:76:9a:1a:61:4b:7d:c6:9f:6d:ee:c3:41:cc:
9e:4b:df:6d:74:63:23:4d:2e:34:56:6d:bf:33:2e:
e8:b8:85:34:3b:df:1a:77:97:41:e1:61:a4:1e:0b:
ef:78:f0:c4:9f:57:01:23:04:9d:23:f4:12:51:05:
18:f6:9b:c9:c9:88:49:b1:db:72:e7:54:10:89:d9:
8f:e4:07:17:31:c4:12:63:08:ee:83:08:d6:da:d4:
10:3e:b6:fe:db:64:09:75:20:00:25:ad:0b:36:f2:
34:34:99:b8:c6:d3:7c:c0:f4:ed:f5:9a:19:27:a1:
7d:6c:84:cc:0c:c9:df:bd:2b:12:8e:ff:13:43:5a:
92:62:30:b7:ac:7a:2c:03:1d:35:41:c8:e3:73:dd:
62:63:f4:21:c9:42:9e:e6:b7:c4:2a:bf:6d:6d:e6:
13:f6:31:57:8e:68:45:ff:a5:fa:37:ed:c7:67:2a:
14:6d:10:f4:86:9d:0b:9b:a5:d7:29:53:a5:e6:fd:
e6:d6:11:c1:4f:46:0a:c8:c8:eb:90:3b:2c:6d:39:
7a:ab:ee:b7:27:05:82:b0:7a:97:0c:6f:88:5a:e7:
2a:48:d2:62:1e:3f:21:1b:d9:6b:0b:52:8d:06:a7:
72:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:20:77:91:70:8D:AE:5A:07:42:16:1E:12:CE:35:86:37:85:DE:6A
X509v3 Authority Key Identifier:
keyid:44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/hiB3kXCNrloHQhYeEs41hjeF3mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.214.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:c4:c8:12:a3:94:24:6a:7d:e1:a6:db:bb:30:db:c4:cb:0d:
c2:13:49:7c:1d:ce:02:be:db:82:01:a9:e0:80:e2:33:d2:90:
e5:8b:50:8f:c7:e1:6d:d5:26:48:30:29:d7:a6:32:73:ac:05:
08:22:71:56:80:2c:dc:d5:20:c4:13:cd:ac:e0:9f:76:0b:8c:
8a:e5:dd:73:90:5e:09:24:48:fe:8b:e8:94:ef:02:18:4c:b3:
dc:33:50:1e:b0:a4:a4:b0:32:32:77:1a:c6:5c:48:4e:0a:4b:
c3:9a:7b:9a:3e:38:b8:b1:4b:fa:07:87:5f:7e:e6:1c:08:5a:
d4:23:88:f5:f0:3d:a7:8e:7b:8f:64:ac:1c:7f:56:4e:05:19:
83:99:35:9f:e6:a4:ad:be:1c:a9:f3:68:42:21:b7:db:10:fa:
c9:21:5e:90:dd:a0:d5:c2:07:4c:52:71:72:38:70:76:c8:1b:
78:19:b7:7f:d9:2a:e2:9a:59:a5:78:62:31:ec:2f:7a:7a:74:
80:7a:83:34:7d:fc:ea:a1:f6:ce:2a:54:c9:5a:28:13:65:e1:
92:97:5e:6c:fc:98:5a:8a:c7:b6:04:2a:8a:68:69:38:9f:61:
92:e2:0d:24:43:75:f8:2f:29:08:36:00:8b:d1:ea:a7:c0:b2:
ed:bb:7d:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVspc5jfRw0gQiCkjK47EM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MDA3MTcyZGY5ZmMyZDRhMmRkYmJhOTM0Y2ViYzlmMDI4
NmQzY2EwHhcNMjMwMTAxMDkyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjIwNzc5MTcwOGRhZTVhMDc0MjE2MWUxMmNlMzU4NjM3ODVkZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHZlW1iXfpvsbNVnN+QXWnaaGmFL
fcafbe7DQcyeS99tdGMjTS40Vm2/My7ouIU0O98ad5dB4WGkHgvvePDEn1cBIwSd
I/QSUQUY9pvJyYhJsdty51QQidmP5AcXMcQSYwjugwjW2tQQPrb+22QJdSAAJa0L
NvI0NJm4xtN8wPTt9ZoZJ6F9bITMDMnfvSsSjv8TQ1qSYjC3rHosAx01Qcjjc91i
Y/QhyUKe5rfEKr9tbeYT9jFXjmhF/6X6N+3HZyoUbRD0hp0Lm6XXKVOl5v3m1hHB
T0YKyMjrkDssbTl6q+63JwWCsHqXDG+IWucqSNJiHj8hG9lrC1KNBqdy8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYgd5Fwja5aB0IWHhLONYY3hd5qMB8GA1UdIwQY
MBaAFEQAcXLfn8LUot27qTTOvJ8ChtPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYt
MDU4NWRlNGQ0ZWU3LzEvaGlCM2tYQ05ybG9IUWhZZUVzNDFoamVGM21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYtMDU4NWRlNGQ0ZWU3
LzEvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVPWMA0G
CSqGSIb3DQEBCwUAA4IBAQB7xMgSo5Qkan3hptu7MNvEyw3CE0l8Hc4CvtuCAang
gOIz0pDli1CPx+Ft1SZIMCnXpjJzrAUIInFWgCzc1SDEE82s4J92C4yK5d1zkF4J
JEj+i+iU7wIYTLPcM1AesKSksDIydxrGXEhOCkvDmnuaPji4sUv6B4dffuYcCFrU
I4j18D2njnuPZKwcf1ZOBRmDmTWf5qStvhyp82hCIbfbEPrJIV6Q3aDVwgdMUnFy
OHB2yBt4Gbd/2SrimlmleGIx7C96enSAeoM0ffzqofbOKlTJWigTZeGSl15s/Jha
ise2BCqKaGk4n2GS4g0kQ3X4LykINgCL0eqnwLLtu311
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:51 2024 by rpki-client on console-ams.rpki-client.org