Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/BsRgmhfhSdvbnKiqz4OCqqY65kQ.roa
File: BsRgmhfhSdvbnKiqz4OCqqY65kQ.roa (raw, json)
Hash identifier: QWIWvjkZVyvFbgbQ0nqmmR61C6Shpjsv6soMuEHHCVE=
Subject key identifier: 06:C4:60:9A:17:E1:49:DB:DB:9C:A8:AA:CF:83:82:AA:A6:3A:E6:44
Certificate issuer: /CN=aad0a5f4e8f7e13c7cb535c64f79e20b3f01d624
Certificate serial: 03260D63
Authority key identifier: AA:D0:A5:F4:E8:F7:E1:3C:7C:B5:35:C6:4F:79:E2:0B:3F:01:D6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/BsRgmhfhSdvbnKiqz4OCqqY65kQ.roa
Signing time: Sat 01 Jan 2022 16:05:19 +0000
ROA not before: Sat 01 Jan 2022 16:05:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212040
IP address blocks: 185.223.160.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52825443 (0x3260d63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aad0a5f4e8f7e13c7cb535c64f79e20b3f01d624
Validity
Not Before: Jan 1 16:05:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06c4609a17e149dbdb9ca8aacf8382aaa63ae644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:55:3a:34:81:e0:d0:d1:f3:5b:98:1e:c7:b4:
95:d5:af:cb:25:77:70:0a:50:6c:34:7b:97:af:5c:
d7:2f:1b:81:c1:18:47:4f:f1:df:9b:ea:9f:11:fc:
45:4e:20:dc:26:51:e9:05:fe:23:d9:2a:bd:3e:6a:
ab:e0:aa:52:7e:d4:36:14:b3:c6:9e:7b:5a:79:c1:
fb:30:e4:83:38:79:c9:e0:f6:ef:79:ee:93:0a:a5:
a0:30:d9:d9:29:c2:3b:1f:c4:aa:22:0f:72:ec:f9:
da:42:fa:7c:11:0c:46:cd:38:8a:9b:f3:49:d1:9b:
3f:4b:9c:c7:57:a1:50:77:e2:a2:45:3b:49:94:0d:
35:d9:f7:a6:ff:db:45:14:9e:c0:17:1a:56:be:1b:
3a:72:54:d5:7b:89:31:bc:eb:b8:47:8f:94:47:f7:
3c:78:4c:ac:e0:e1:d6:bf:47:f2:79:40:50:17:81:
fb:65:d7:0f:45:cc:f5:ae:d2:da:f5:94:fb:39:75:
e1:f9:ca:2c:2b:2d:7a:4c:6e:ad:cf:ab:e9:b5:8e:
70:e9:35:25:17:98:35:af:2f:1a:94:75:96:2e:5e:
00:e1:e0:6e:cd:05:97:15:81:70:e2:5c:c0:ad:6d:
54:04:30:9c:01:fe:78:d6:89:1e:bf:54:cf:dd:fd:
47:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C4:60:9A:17:E1:49:DB:DB:9C:A8:AA:CF:83:82:AA:A6:3A:E6:44
X509v3 Authority Key Identifier:
keyid:AA:D0:A5:F4:E8:F7:E1:3C:7C:B5:35:C6:4F:79:E2:0B:3F:01:D6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/BsRgmhfhSdvbnKiqz4OCqqY65kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/101a15-ef3d-4155-bf13-b7ef042c857b/1/qtCl9Oj34Tx8tTXGT3niCz8B1iQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.160.0/24
Signature Algorithm: sha256WithRSAEncryption
39:71:5f:04:9e:e8:0f:f7:6d:2f:f7:d2:16:20:5b:a7:4d:1b:
19:5f:86:9c:ba:05:91:b5:be:ac:1d:4e:d5:94:ae:7d:51:20:
fd:0c:2f:11:06:2e:ef:93:21:ce:b3:10:12:84:5f:43:37:a8:
ee:eb:79:fd:ca:f3:46:c1:fa:37:a3:2d:b8:d7:68:9c:18:5e:
53:6c:c2:82:cb:e9:eb:c8:9e:01:fb:3a:5c:d8:cb:93:f6:de:
36:03:9a:7e:13:c1:da:c6:d7:0a:80:17:89:e6:6d:1e:2a:64:
88:74:6e:35:8e:f3:02:ad:c5:92:e6:db:99:f6:50:62:16:76:
66:41:19:b6:ed:3d:22:a7:42:af:9e:ac:6a:c7:1a:a1:aa:82:
5e:11:3d:93:6d:56:9b:c4:01:17:46:48:04:a2:91:40:d2:cd:
3c:61:10:a9:ec:08:4d:db:b7:ab:ca:6f:4e:98:66:84:0b:0e:
a1:ae:e6:b3:dd:30:7c:0b:f7:a5:f6:59:a7:a3:62:fa:37:a7:
ac:fe:10:39:30:28:3f:4e:2d:65:f7:2d:bf:94:bb:8d:6a:7c:
f1:69:74:76:7e:83:c5:90:37:25:65:64:ba:0d:f3:5e:9a:1c:
43:11:44:0a:e7:74:3d:fc:b4:b7:89:2f:73:b0:ea:62:33:38:
a9:bc:cd:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyYNYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YWQwYTVmNGU4ZjdlMTNjN2NiNTM1YzY0Zjc5ZTIwYjNmMDFkNjI0MB4XDTIyMDEw
MTE2MDUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZjNDYwOWExN2Ux
NDlkYmRiOWNhOGFhY2Y4MzgyYWFhNjNhZTY0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOhVOjSB4NDR81uYHse0ldWvyyV3cApQbDR7l69c1y8bgcEY
R0/x35vqnxH8RU4g3CZR6QX+I9kqvT5qq+CqUn7UNhSzxp57WnnB+zDkgzh5yeD2
73nukwqloDDZ2SnCOx/EqiIPcuz52kL6fBEMRs04ipvzSdGbP0ucx1ehUHfiokU7
SZQNNdn3pv/bRRSewBcaVr4bOnJU1XuJMbzruEePlEf3PHhMrODh1r9H8nlAUBeB
+2XXD0XM9a7S2vWU+zl14fnKLCstekxurc+r6bWOcOk1JReYNa8vGpR1li5eAOHg
bs0FlxWBcOJcwK1tVAQwnAH+eNaJHr9Uz939R7sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGxGCaF+FJ29ucqKrPg4KqpjrmRDAfBgNVHSMEGDAWgBSq0KX06PfhPHy1
NcZPeeILPwHWJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F0Q2w5T2ozNFR4OHRUWEdUM25pQ3o4QjFpUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvMTAxYTE1LWVmM2QtNDE1NS1iZjEzLWI3ZWYwNDJjODU3Yi8x
L0JzUmdtaGZoU2R2Ym5LaXF6NE9DcXFZNjVrUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
MTAxYTE1LWVmM2QtNDE1NS1iZjEzLWI3ZWYwNDJjODU3Yi8xL3F0Q2w5T2ozNFR4
OHRUWEdUM25pQ3o4QjFpUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnfoDANBgkqhkiG9w0BAQsFAAOC
AQEAOXFfBJ7oD/dtL/fSFiBbp00bGV+GnLoFkbW+rB1O1ZSufVEg/QwvEQYu75Mh
zrMQEoRfQzeo7ut5/crzRsH6N6MtuNdonBheU2zCgsvp68ieAfs6XNjLk/beNgOa
fhPB2sbXCoAXieZtHipkiHRuNY7zAq3FkubbmfZQYhZ2ZkEZtu09IqdCr56sasca
oaqCXhE9k21Wm8QBF0ZIBKKRQNLNPGEQqewITdu3q8pvTphmhAsOoa7ms90wfAv3
pfZZp6Ni+jenrP4QOTAoP04tZfctv5S7jWp88Wl0dn6DxZA3JWVkug3zXpocQxFE
Cud0Pfy0t4kvc7DqYjM4qbzNAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:31 2024 by rpki-client on console-ams.rpki-client.org