Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/SU4bEOcuppUE5t0m0RjHqCByfyY.roa
File: SU4bEOcuppUE5t0m0RjHqCByfyY.roa (raw, json)
Hash identifier: SZQs/PivGojcGJ+ppBjITrPriv3TMMxVTdwSCQk34KM=
Subject key identifier: 49:4E:1B:10:E7:2E:A6:95:04:E6:DD:26:D1:18:C7:A8:20:72:7F:26
Certificate issuer: /CN=9280aa6150904e20f884a463c9b66ae6d4161b9b
Certificate serial: 09C196C1
Authority key identifier: 92:80:AA:61:50:90:4E:20:F8:84:A4:63:C9:B6:6A:E6:D4:16:1B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/koCqYVCQTiD4hKRjybZq5tQWG5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/SU4bEOcuppUE5t0m0RjHqCByfyY.roa
Signing time: Sat 01 Jan 2022 08:53:51 +0000
ROA not before: Sat 01 Jan 2022 08:53:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201520
IP address blocks: 185.95.0.0/24 maxlen: 24
185.95.3.0/24 maxlen: 24
185.95.2.0/24 maxlen: 24
185.95.1.0/24 maxlen: 24
185.15.198.0/24 maxlen: 24
185.15.197.0/24 maxlen: 24
185.15.196.0/24 maxlen: 24
185.15.199.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163681985 (0x9c196c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9280aa6150904e20f884a463c9b66ae6d4161b9b
Validity
Not Before: Jan 1 08:53:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=494e1b10e72ea69504e6dd26d118c7a820727f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f3:0a:5e:48:e3:17:74:93:39:76:a0:cc:40:
e4:6a:4e:9b:99:3f:7c:78:91:b2:56:c8:36:f5:19:
35:72:91:f6:42:15:94:82:1b:60:33:80:b7:b5:41:
3f:70:1d:f4:e3:23:bb:d2:d1:4a:93:40:ae:c6:d3:
4d:e4:ca:58:e1:27:da:8a:ea:1c:7b:c3:78:e4:5b:
9f:f4:cc:a9:16:07:a1:49:96:f8:0e:1c:7c:db:19:
5f:f7:f4:14:0b:d4:61:10:9e:a5:a7:e7:fb:29:32:
fb:ed:8d:d6:1f:4c:3e:f7:8f:60:75:7a:a4:0d:3a:
44:f7:c4:aa:a2:77:20:9f:4c:50:ee:db:40:8a:6a:
0d:72:b3:e3:f4:bc:cf:e5:eb:e5:9c:99:d9:59:33:
09:4e:c7:7e:9d:ba:50:3f:a5:50:53:a8:fe:4a:81:
3b:b9:d1:87:c6:ec:5a:c9:68:a3:3b:25:80:c7:50:
14:ac:f8:7e:8b:98:36:a4:21:9f:56:4a:25:0c:b2:
19:74:96:24:9c:62:63:12:4f:32:cf:69:50:10:9c:
07:25:5f:31:05:39:5b:2c:7d:48:b4:0c:f4:9b:36:
1b:47:e0:14:71:07:27:87:22:4a:12:ec:c0:5f:62:
5b:91:f9:a0:81:39:7a:c8:ef:cd:53:cd:cf:78:8c:
09:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4E:1B:10:E7:2E:A6:95:04:E6:DD:26:D1:18:C7:A8:20:72:7F:26
X509v3 Authority Key Identifier:
keyid:92:80:AA:61:50:90:4E:20:F8:84:A4:63:C9:B6:6A:E6:D4:16:1B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koCqYVCQTiD4hKRjybZq5tQWG5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/SU4bEOcuppUE5t0m0RjHqCByfyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/koCqYVCQTiD4hKRjybZq5tQWG5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.196.0/22
185.95.0.0/22
Signature Algorithm: sha256WithRSAEncryption
50:10:f5:86:fe:97:9e:e6:5c:14:47:e2:90:75:7d:e9:51:5b:
db:fe:e0:15:7a:c0:27:58:ba:36:48:05:a3:9e:01:ce:da:af:
eb:e1:f8:ce:44:78:0b:31:f3:88:f8:23:5d:d4:24:8a:f3:07:
74:9b:d3:10:a2:f9:c2:e6:2f:d0:00:1f:10:4b:b9:04:62:54:
90:4a:39:8d:2f:80:15:9f:75:2f:af:e5:af:36:7e:81:1e:5a:
dc:ad:ab:d3:49:e5:c7:3e:ca:d2:69:90:d8:91:88:58:a6:9b:
d9:bf:eb:b3:26:61:df:67:9b:ca:8e:68:a6:a2:4e:d4:1b:5a:
70:35:37:6f:24:73:bd:82:24:88:93:f2:1a:75:1e:93:75:ff:
44:33:23:77:a7:b0:07:f5:b1:39:29:a5:73:46:22:2b:36:12:
6b:ff:56:da:b0:07:c7:e6:c3:d7:2c:7c:62:a7:dd:eb:5a:1f:
6a:8c:e6:9a:8c:ea:e2:1f:a3:77:0c:7a:97:63:45:50:ad:65:
48:30:cf:38:91:9d:ac:bf:f1:af:da:85:5d:b6:70:cc:5c:c2:
c6:54:ff:91:90:dd:48:7a:c0:da:28:99:c4:ab:be:f2:25:d5:
c1:13:3f:ca:32:e5:6d:13:63:ce:5c:13:84:b8:d2:e3:8d:63:
22:e1:f0:43
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECcGWwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjgwYWE2MTUwOTA0ZTIwZjg4NGE0NjNjOWI2NmFlNmQ0MTYxYjliMB4XDTIyMDEw
MTA4NTM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk0ZTFiMTBlNzJl
YTY5NTA0ZTZkZDI2ZDExOGM3YTgyMDcyN2YyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbzCl5I4xd0kzl2oMxA5GpOm5k/fHiRslbINvUZNXKR9kIV
lIIbYDOAt7VBP3Ad9OMju9LRSpNArsbTTeTKWOEn2orqHHvDeORbn/TMqRYHoUmW
+A4cfNsZX/f0FAvUYRCepafn+yky++2N1h9MPvePYHV6pA06RPfEqqJ3IJ9MUO7b
QIpqDXKz4/S8z+Xr5ZyZ2VkzCU7Hfp26UD+lUFOo/kqBO7nRh8bsWsloozslgMdQ
FKz4fouYNqQhn1ZKJQyyGXSWJJxiYxJPMs9pUBCcByVfMQU5Wyx9SLQM9Js2G0fg
FHEHJ4ciShLswF9iW5H5oIE5esjvzVPNz3iMCbUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRJThsQ5y6mlQTm3SbRGMeoIHJ/JjAfBgNVHSMEGDAWgBSSgKphUJBOIPiE
pGPJtmrm1BYbmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tvQ3FZVkNRVGlENGhLUmp5YlpxNXRRV0c1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvZDA4YmJkLTA4YjAtNGEyMi04YjU3LTdlMDE3MTE1MGNmYi8x
L1NVNGJFT2N1cHBVRTV0MG0wUmpIcUNCeWZ5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
ZDA4YmJkLTA4YjAtNGEyMi04YjU3LTdlMDE3MTE1MGNmYi8xL2tvQ3FZVkNRVGlE
NGhLUmp5YlpxNXRRV0c1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkPxAMEArlfADANBgkqhkiG9w0B
AQsFAAOCAQEAUBD1hv6XnuZcFEfikHV96VFb2/7gFXrAJ1i6NkgFo54Bztqv6+H4
zkR4CzHziPgjXdQkivMHdJvTEKL5wuYv0AAfEEu5BGJUkEo5jS+AFZ91L6/lrzZ+
gR5a3K2r00nlxz7K0mmQ2JGIWKab2b/rsyZh32ebyo5opqJO1BtacDU3byRzvYIk
iJPyGnUek3X/RDMjd6ewB/WxOSmlc0YiKzYSa/9W2rAHx+bD1yx8Yqfd61ofaozm
mozq4h+jdwx6l2NFUK1lSDDPOJGdrL/xr9qFXbZwzFzCxlT/kZDdSHrA2iiZxKu+
8iXVwRM/yjLlbRNjzlwThLjS441jIuHwQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org