Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/sMLf1zYHIc8bj50WcSsACF5013Y.roa
File: sMLf1zYHIc8bj50WcSsACF5013Y.roa (raw, json)
Hash identifier: 59zxN4YVTCju0NGn+wLJPOCRXJgpLwU++r8HP0BFTyM=
Subject key identifier: B0:C2:DF:D7:36:07:21:CF:1B:8F:9D:16:71:2B:00:08:5E:74:D7:76
Certificate issuer: /CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Certificate serial: 018CC26D72C8B1EFCC2960C6DBB51763B3A1
Authority key identifier: 44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/sMLf1zYHIc8bj50WcSsACF5013Y.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48357
IP address blocks: 185.83.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:72:c8:b1:ef:cc:29:60:c6:db:b5:17:63:b3:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c2dfd7360721cf1b8f9d16712b00085e74d776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e7:2d:67:c1:d3:01:55:32:f8:f3:19:01:48:
a6:45:93:ae:3d:12:c7:8d:81:6c:d7:15:1f:78:bd:
f8:07:72:a0:02:0c:11:d6:62:3b:17:2b:af:ba:48:
6b:77:f5:a9:de:75:e9:e3:22:b6:f6:34:42:9c:ad:
c5:01:1e:b3:07:42:51:03:32:d6:81:eb:d8:dc:0f:
30:fb:83:0c:38:1a:50:54:8b:69:ab:31:0f:8d:92:
c4:e7:c4:d4:2c:2b:80:0a:15:2e:52:ec:ae:c6:d7:
81:bb:a8:07:8d:45:84:16:fa:12:f3:3a:65:65:3a:
47:c2:0d:a3:56:ac:b1:97:d0:3d:83:e2:27:ab:f2:
31:5f:01:01:0f:2f:ae:3a:50:5d:0c:7f:8c:08:a0:
9d:3a:67:b1:8f:6c:4c:34:8e:a1:72:56:9a:39:7f:
3b:26:98:50:dc:71:9e:4a:34:de:d7:a2:f9:3a:5b:
08:b7:ac:14:81:78:7a:20:8b:f1:ea:f6:12:62:dd:
22:eb:b5:48:ba:5f:11:34:a9:cd:2f:e5:36:a0:10:
ae:5d:9a:ce:b8:54:fd:92:89:a0:84:f6:7c:14:19:
d6:ab:13:1f:d7:7a:19:ee:d6:cf:00:e3:42:b6:74:
0b:78:d8:8d:62:95:b6:69:f7:14:64:64:f1:60:4c:
41:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C2:DF:D7:36:07:21:CF:1B:8F:9D:16:71:2B:00:08:5E:74:D7:76
X509v3 Authority Key Identifier:
keyid:44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/sMLf1zYHIc8bj50WcSsACF5013Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.214.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:aa:56:f9:0d:c6:c0:76:1d:d5:f5:d7:0a:dc:f7:4b:45:df:
e2:a9:2f:b5:83:1f:25:35:bb:b3:05:c6:64:46:f9:1d:ad:d0:
f3:29:b1:17:e7:9a:c8:42:42:a9:2c:88:b7:f3:b6:78:47:8a:
99:08:5e:35:d0:a3:ca:e1:4b:5b:ee:85:b5:f0:13:09:f5:a6:
47:62:2f:5f:4f:4e:09:2d:88:71:cf:88:57:87:77:1b:d7:e3:
7f:ea:e9:68:d2:cc:68:37:5c:d9:2b:ab:a9:7b:1f:da:66:b2:
19:65:c0:dd:f5:23:2d:fe:6b:14:99:0e:92:b4:b9:64:fc:af:
8f:8f:7d:d2:f0:fa:e1:d4:7d:2c:78:29:29:92:f1:cd:be:20:
6b:09:ec:cd:1e:f0:18:94:f4:b7:6b:3f:74:61:5e:32:8a:94:
e3:b8:e8:18:8b:84:c8:f2:81:42:ed:64:64:25:c0:d2:4d:20:
21:35:b9:d7:a5:ea:9e:9a:1f:f0:a4:79:27:df:03:1c:df:8c:
c2:80:04:97:ea:6c:79:9c:94:dc:85:73:0b:88:87:82:2d:47:
37:3b:2e:3f:02:7d:be:ae:c4:c3:ee:58:38:75:75:31:bc:91:
7e:1e:ce:e2:eb:93:81:3b:6a:8c:d4:04:27:1f:1b:10:b7:02:
6f:4c:d7:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbXLIse/MKWDG27UXY7OhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MDA3MTcyZGY5ZmMyZDRhMmRkYmJhOTM0Y2ViYzlmMDI4
NmQzY2EwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGMyZGZkNzM2MDcyMWNmMWI4ZjlkMTY3MTJiMDAwODVlNzRkNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+ctZ8HTAVUy+PMZAUimRZOuPRLH
jYFs1xUfeL34B3KgAgwR1mI7Fyuvukhrd/Wp3nXp4yK29jRCnK3FAR6zB0JRAzLW
gevY3A8w+4MMOBpQVItpqzEPjZLE58TULCuAChUuUuyuxteBu6gHjUWEFvoS8zpl
ZTpHwg2jVqyxl9A9g+Inq/IxXwEBDy+uOlBdDH+MCKCdOmexj2xMNI6hclaaOX87
JphQ3HGeSjTe16L5OlsIt6wUgXh6IIvx6vYSYt0i67VIul8RNKnNL+U2oBCuXZrO
uFT9komghPZ8FBnWqxMf13oZ7tbPAONCtnQLeNiNYpW2afcUZGTxYExBywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLDC39c2ByHPG4+dFnErAAhedNd2MB8GA1UdIwQY
MBaAFEQAcXLfn8LUot27qTTOvJ8ChtPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYt
MDU4NWRlNGQ0ZWU3LzEvc01MZjF6WUhJYzhiajUwV2NTc0FDRjUwMTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYtMDU4NWRlNGQ0ZWU3
LzEvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVPWMA0G
CSqGSIb3DQEBCwUAA4IBAQA+qlb5DcbAdh3V9dcK3PdLRd/iqS+1gx8lNbuzBcZk
RvkdrdDzKbEX55rIQkKpLIi387Z4R4qZCF410KPK4Utb7oW18BMJ9aZHYi9fT04J
LYhxz4hXh3cb1+N/6ulo0sxoN1zZK6upex/aZrIZZcDd9SMt/msUmQ6StLlk/K+P
j33S8Prh1H0seCkpkvHNviBrCezNHvAYlPS3az90YV4yipTjuOgYi4TI8oFC7WRk
JcDSTSAhNbnXpeqemh/wpHkn3wMc34zCgASX6mx5nJTchXMLiIeCLUc3Oy4/An2+
rsTD7lg4dXUxvJF+Hs7i65OBO2qM1AQnHxsQtwJvTNc9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:00 2024 by rpki-client on console-fra.rpki-client.org