Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b49562-f157-4382-998e-8f934e71767c/1/DnOc8zdlv9qff2AeiVcC1o_Ppoo.roa
File: DnOc8zdlv9qff2AeiVcC1o_Ppoo.roa (raw, json)
Hash identifier: HnRLcGS2wDUVsyfxeMFudMoJj4dTeN6fAExQN2wOhr0=
Subject key identifier: 0E:73:9C:F3:37:65:BF:DA:9F:7F:60:1E:89:57:02:D6:8F:CF:A6:8A
Certificate issuer: /CN=46947c5c3d4c2fc4c4a4a7428b622a7fef392e29
Certificate serial: 01889096F415AE7BF521329C510A2A84700F
Authority key identifier: 46:94:7C:5C:3D:4C:2F:C4:C4:A4:A7:42:8B:62:2A:7F:EF:39:2E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RpR8XD1ML8TEpKdCi2Iqf-85Lik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b49562-f157-4382-998e-8f934e71767c/1/DnOc8zdlv9qff2AeiVcC1o_Ppoo.roa
Signing time: Tue 06 Jun 2023 12:03:11 +0000
ROA not before: Tue 06 Jun 2023 12:03:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205499
IP address blocks: 185.135.116.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:96:f4:15:ae:7b:f5:21:32:9c:51:0a:2a:84:70:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46947c5c3d4c2fc4c4a4a7428b622a7fef392e29
Validity
Not Before: Jun 6 12:03:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e739cf33765bfda9f7f601e895702d68fcfa68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:de:04:f8:66:32:6e:a5:51:70:5c:a8:a9:02:
64:16:94:f0:04:12:23:cc:e0:c4:2d:52:0a:3c:17:
ce:4a:d0:b7:92:a6:23:f5:06:e5:78:86:16:90:bd:
ff:0c:b1:70:cd:90:5c:1a:07:9a:88:d4:2c:d3:68:
77:67:8d:f3:b9:84:51:ce:d3:c0:61:11:99:13:72:
4a:a8:c7:37:91:5f:08:69:7d:ca:6e:13:f3:e3:e4:
6e:30:e0:f7:dd:7b:eb:9d:a6:6e:8f:2f:f8:7b:cf:
d4:13:b8:06:19:1e:6e:c6:62:be:8a:ef:df:72:c6:
d0:9f:f0:80:ce:f9:f7:0c:16:83:39:26:43:6a:34:
04:92:99:e4:70:3d:3f:cb:e9:7f:12:2f:9b:4d:1f:
b8:e5:81:eb:d1:ad:8a:86:b0:eb:d8:88:12:47:8b:
08:7a:9b:80:df:cf:d0:97:57:71:dc:e1:d3:a3:1d:
bd:f0:77:cc:7c:f1:ea:c3:b9:a3:7c:23:f2:f5:a7:
0b:23:19:cb:0d:e0:7e:86:eb:44:07:d7:b6:c8:0b:
ac:90:0a:83:85:e2:91:98:c3:45:6b:be:b8:2c:a6:
82:60:69:61:c5:55:a9:aa:a2:6b:e4:f3:28:04:92:
e0:06:9f:01:84:a2:27:0e:a5:7e:7a:5a:3d:0e:a9:
57:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:73:9C:F3:37:65:BF:DA:9F:7F:60:1E:89:57:02:D6:8F:CF:A6:8A
X509v3 Authority Key Identifier:
keyid:46:94:7C:5C:3D:4C:2F:C4:C4:A4:A7:42:8B:62:2A:7F:EF:39:2E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RpR8XD1ML8TEpKdCi2Iqf-85Lik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b49562-f157-4382-998e-8f934e71767c/1/DnOc8zdlv9qff2AeiVcC1o_Ppoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b49562-f157-4382-998e-8f934e71767c/1/RpR8XD1ML8TEpKdCi2Iqf-85Lik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.116.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:1e:c3:d0:b0:42:2b:c1:15:24:5d:c2:36:a0:50:75:7b:7a:
6a:c3:5c:d6:96:aa:e3:f7:0c:ca:b3:2c:da:8e:5a:fa:e9:dc:
ea:3a:49:7e:17:82:ab:99:ac:ee:2c:25:10:5c:69:fc:4e:52:
dd:30:06:f9:e5:fa:09:fe:91:94:f2:03:6c:fd:46:31:33:29:
0a:bf:f6:26:e5:ec:68:92:36:12:d7:f1:d5:47:6e:b9:b1:42:
9a:d1:8d:1e:1f:11:e6:d1:96:02:3e:d4:7c:0d:ae:27:ed:90:
38:8e:78:c8:e5:b1:97:94:72:c6:dc:9e:2f:0c:35:56:ac:42:
d3:8a:2a:63:53:92:b0:ad:30:d2:df:24:6f:6d:1b:66:4c:69:
87:63:80:87:d6:2e:60:82:9a:1c:a6:50:f0:65:69:94:3d:9c:
08:11:07:51:e3:bc:ac:f6:bb:51:a6:52:60:d1:bc:96:a6:05:
38:1b:d9:9a:87:b7:93:0c:b0:f7:c9:30:d9:67:c9:c9:a5:7c:
c8:48:e9:35:0f:23:99:a5:83:8d:df:6d:45:29:01:68:eb:90:
0c:73:f6:9a:a2:78:e3:f8:4b:d7:15:e6:f6:e2:be:71:58:19:
53:91:ad:95:d0:9f:0c:fc:e7:bb:d5:f7:d2:48:c3:52:9e:94:
ca:1c:9e:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiQlvQVrnv1ITKcUQoqhHAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OTQ3YzVjM2Q0YzJmYzRjNGE0YTc0MjhiNjIyYTdmZWYz
OTJlMjkwHhcNMjMwNjA2MTIwMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTczOWNmMzM3NjViZmRhOWY3ZjYwMWU4OTU3MDJkNjhmY2ZhNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt4E+GYybqVRcFyoqQJkFpTwBBIj
zODELVIKPBfOStC3kqYj9QbleIYWkL3/DLFwzZBcGgeaiNQs02h3Z43zuYRRztPA
YRGZE3JKqMc3kV8IaX3KbhPz4+RuMOD33XvrnaZujy/4e8/UE7gGGR5uxmK+iu/f
csbQn/CAzvn3DBaDOSZDajQEkpnkcD0/y+l/Ei+bTR+45YHr0a2KhrDr2IgSR4sI
epuA38/Ql1dx3OHTox298HfMfPHqw7mjfCPy9acLIxnLDeB+hutEB9e2yAuskAqD
heKRmMNFa764LKaCYGlhxVWpqqJr5PMoBJLgBp8BhKInDqV+elo9DqlXMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5znPM3Zb/an39gHolXAtaPz6aKMB8GA1UdIwQY
MBaAFEaUfFw9TC/ExKSnQotiKn/vOS4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnBSOFhEMU1MOFRFcEtkQ2kySXFmLTg1TGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iNDk1NjItZjE1Ny00MzgyLTk5OGUt
OGY5MzRlNzE3NjdjLzEvRG5PYzh6ZGx2OXFmZjJBZWlWY0Mxb19QcG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9iNDk1NjItZjE1Ny00MzgyLTk5OGUtOGY5MzRlNzE3Njdj
LzEvUnBSOFhEMU1MOFRFcEtkQ2kySXFmLTg1TGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYd0MA0G
CSqGSIb3DQEBCwUAA4IBAQANHsPQsEIrwRUkXcI2oFB1e3pqw1zWlqrj9wzKsyza
jlr66dzqOkl+F4KrmazuLCUQXGn8TlLdMAb55foJ/pGU8gNs/UYxMykKv/Ym5exo
kjYS1/HVR265sUKa0Y0eHxHm0ZYCPtR8Da4n7ZA4jnjI5bGXlHLG3J4vDDVWrELT
iipjU5KwrTDS3yRvbRtmTGmHY4CH1i5ggpocplDwZWmUPZwIEQdR47ys9rtRplJg
0byWpgU4G9mah7eTDLD3yTDZZ8nJpXzISOk1DyOZpYON321FKQFo65AMc/aaonjj
+EvXFeb24r5xWBlTka2V0J8M/Oe71ffSSMNSnpTKHJ7k
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:46 2025 by rpki-client