Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/j2n4WpvHNnNMT_HLeOc8Fx4ivbo.roa
File: j2n4WpvHNnNMT_HLeOc8Fx4ivbo.roa (raw, json)
Hash identifier: vRcAmlMARVT/NMZV0DWpqp3DLh+xF93hNMs32SY4APU=
Subject key identifier: 8F:69:F8:5A:9B:C7:36:73:4C:4F:F1:CB:78:E7:3C:17:1E:22:BD:BA
Certificate issuer: /CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Certificate serial: 176C11A1
Authority key identifier: 44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/j2n4WpvHNnNMT_HLeOc8Fx4ivbo.roa
Signing time: Tue 14 Jun 2022 13:21:45 +0000
ROA not before: Tue 14 Jun 2022 13:21:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48357
IP address blocks: 185.83.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 392958369 (0x176c11a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Validity
Not Before: Jun 14 13:21:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f69f85a9bc736734c4ff1cb78e73c171e22bdba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:13:de:d9:a4:0d:28:4e:7c:d0:09:35:0d:dc:
78:17:fc:15:ad:bb:a7:74:c6:31:ab:e0:67:5d:17:
6e:30:5e:70:25:a2:cf:f1:f2:bb:cd:55:8f:37:5e:
a1:75:c7:11:fc:35:c9:e5:fc:e5:1b:96:92:48:87:
28:82:c2:a8:ff:c1:df:49:99:aa:b6:01:73:e6:3f:
20:30:1f:39:51:9e:35:5b:01:53:1a:bb:de:52:76:
e2:24:36:1a:72:8c:7e:f5:42:4a:84:14:f2:bb:69:
cc:50:ab:22:4c:57:72:80:42:fb:07:e9:23:f1:df:
d7:b9:d5:ac:f5:da:c7:af:3e:85:a9:af:c3:94:a8:
dd:96:04:89:d4:96:f5:f4:0c:c3:57:f4:3b:c9:67:
d1:98:e7:d6:2f:7d:a9:31:1a:36:9d:c3:cf:ba:d0:
86:15:cc:10:f5:ae:7c:7a:2f:d6:0c:da:8a:c8:8b:
8e:ce:ac:1e:37:47:23:52:9f:98:bc:32:3a:84:0e:
26:f3:d7:f0:0b:0d:3f:5c:55:0b:75:88:c2:89:af:
7b:c5:ed:55:38:60:b1:30:fe:06:ec:a8:70:49:07:
14:0e:41:43:9c:8a:9c:be:4b:7d:52:56:7f:73:4c:
e0:ba:0a:7e:f4:57:19:d7:b3:98:3e:93:ad:36:18:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:69:F8:5A:9B:C7:36:73:4C:4F:F1:CB:78:E7:3C:17:1E:22:BD:BA
X509v3 Authority Key Identifier:
keyid:44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/j2n4WpvHNnNMT_HLeOc8Fx4ivbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.214.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:23:f8:d1:d7:56:06:b9:5d:12:05:0c:e9:f5:62:dd:62:a9:
c3:3f:33:ef:cd:11:10:e9:ab:09:6a:b4:bb:4c:91:a4:9e:1e:
bd:17:30:d2:c9:0f:03:e6:00:56:7b:ff:18:bc:b1:d5:02:3b:
88:04:48:a7:7e:c8:42:9f:34:27:7f:e5:65:f3:8e:ef:e8:9c:
50:b5:af:71:c7:2e:23:cd:84:74:fe:b9:71:5b:36:de:da:dd:
ce:9e:8d:db:ba:39:a7:da:f9:8a:5d:d8:b6:d5:56:5d:08:c2:
17:08:8d:a5:36:73:d5:b9:65:35:3b:ef:0c:ad:5d:68:c7:68:
78:fa:b3:27:c7:57:e1:22:b7:a9:b0:33:66:cb:9a:53:d9:ec:
ca:e7:ac:ee:04:90:36:9c:85:85:44:ea:4c:2c:09:34:db:1e:
52:07:52:24:62:ac:3b:b1:33:02:67:fe:db:9c:a8:39:f0:a8:
0d:d5:3c:70:54:7d:10:4b:22:4f:7b:c9:55:e5:e2:d1:53:ca:
9b:c5:46:bc:ef:5f:18:27:69:74:6b:ea:79:bb:ec:68:50:d0:
fc:11:5e:a5:c3:c9:38:ca:8e:b5:6c:5d:fc:2f:3c:fd:1f:98:
87:90:53:f6:a9:e2:55:9c:14:cd:6b:8d:0e:ab:4c:6e:6f:4e:
72:62:4a:81
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF2wRoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDAwNzE3MmRmOWZjMmQ0YTJkZGJiYTkzNGNlYmM5ZjAyODZkM2NhMB4XDTIyMDYx
NDEzMjE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY2OWY4NWE5YmM3
MzY3MzRjNGZmMWNiNzhlNzNjMTcxZTIyYmRiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsT3tmkDShOfNAJNQ3ceBf8Fa27p3TGMavgZ10XbjBecCWi
z/Hyu81VjzdeoXXHEfw1yeX85RuWkkiHKILCqP/B30mZqrYBc+Y/IDAfOVGeNVsB
Uxq73lJ24iQ2GnKMfvVCSoQU8rtpzFCrIkxXcoBC+wfpI/Hf17nVrPXax68+hamv
w5So3ZYEidSW9fQMw1f0O8ln0Zjn1i99qTEaNp3Dz7rQhhXMEPWufHov1gzaisiL
js6sHjdHI1KfmLwyOoQOJvPX8AsNP1xVC3WIwomve8XtVThgsTD+BuyocEkHFA5B
Q5yKnL5LfVJWf3NM4LoKfvRXGdezmD6TrTYYJtcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSPafham8c2c0xP8ct45zwXHiK9ujAfBgNVHSMEGDAWgBREAHFy35/C1KLd
u6k0zryfAobTyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JBQnhjdC1md3RTaTNidXBOTTY4bndLRzA4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvOTQ1ZGJkLTJmYjctNGRkMS05NmE2LTA1ODVkZTRkNGVlNy8x
L2oybjRXcHZITm5OTVRfSExlT2M4Rng0aXZiby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
OTQ1ZGJkLTJmYjctNGRkMS05NmE2LTA1ODVkZTRkNGVlNy8xL1JBQnhjdC1md3RT
aTNidXBOTTY4bndLRzA4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlT1jANBgkqhkiG9w0BAQsFAAOC
AQEA2CP40ddWBrldEgUM6fVi3WKpwz8z780REOmrCWq0u0yRpJ4evRcw0skPA+YA
Vnv/GLyx1QI7iARIp37IQp80J3/lZfOO7+icULWvcccuI82EdP65cVs23trdzp6N
27o5p9r5il3YttVWXQjCFwiNpTZz1bllNTvvDK1daMdoePqzJ8dX4SK3qbAzZsua
U9nsyues7gSQNpyFhUTqTCwJNNseUgdSJGKsO7EzAmf+25yoOfCoDdU8cFR9EEsi
T3vJVeXi0VPKm8VGvO9fGCdpdGvqebvsaFDQ/BFepcPJOMqOtWxd/C88/R+Yh5BT
9qniVZwUzWuNDqtMbm9OcmJKgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:00 2024 by rpki-client on console-fra.rpki-client.org