Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/a3phES_ZDw87OhBpb-uMgCAzYt0.roa
File: a3phES_ZDw87OhBpb-uMgCAzYt0.roa (raw, json)
Hash identifier: 5pzbQoeVdUDW6bH17Dl43b1ySzO32MCBmnlYr6mBPlE=
Subject key identifier: 6B:7A:61:11:2F:D9:0F:0F:3B:3A:10:69:6F:EB:8C:80:20:33:62:DD
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29EA6EB6
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/a3phES_ZDw87OhBpb-uMgCAzYt0.roa
Signing time: Sat 01 Jan 2022 13:54:21 +0000
ROA not before: Sat 01 Jan 2022 13:54:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47873
IP address blocks: 185.19.178.0/23 maxlen: 23
185.19.176.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703229622 (0x29ea6eb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b7a61112fd90f0f3b3a10696feb8c80203362dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:96:0b:37:1b:f6:48:ba:41:3f:e3:0c:1f:d0:
81:27:4e:71:00:f4:81:de:21:76:ba:8c:a6:95:44:
41:a7:22:3a:cc:d3:bf:54:3a:01:31:57:16:75:d4:
0e:1a:5e:49:6e:47:52:ec:bb:e7:1b:61:6d:ba:08:
4a:1c:64:8d:f4:5c:3f:8a:5d:83:d5:a1:2d:d8:bd:
e6:0b:ba:e4:15:72:f3:76:ef:27:11:7a:c2:55:5e:
4c:98:af:6e:be:e2:ff:fd:fa:fe:95:e6:5b:08:52:
39:91:98:ba:d6:30:05:16:b2:ae:88:f5:49:cb:89:
a4:8a:a7:70:7c:58:56:f2:72:56:9a:5c:e3:b1:39:
c8:fe:9b:18:82:15:6b:30:c5:5c:17:0f:5b:e4:d4:
eb:7e:28:53:cd:59:39:ec:d1:98:bf:7e:f1:58:8b:
5a:d8:54:13:ec:7a:32:a7:17:c5:99:d5:02:a2:f6:
aa:73:83:ad:39:1b:1d:63:14:aa:76:c0:26:49:38:
01:c6:e4:dd:cd:50:90:2d:e0:80:4d:40:83:6f:91:
ba:87:74:8d:9c:7b:54:75:4a:54:6d:90:5d:e9:7a:
8f:3e:7b:fc:66:8c:cf:87:72:e1:1c:84:c4:df:02:
6c:e6:07:ea:80:28:c9:45:bd:0c:76:8c:06:eb:d8:
41:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7A:61:11:2F:D9:0F:0F:3B:3A:10:69:6F:EB:8C:80:20:33:62:DD
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/a3phES_ZDw87OhBpb-uMgCAzYt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.176.0/22
Signature Algorithm: sha256WithRSAEncryption
d8:59:60:74:6a:0b:ec:cd:ed:1e:3b:f7:42:88:48:dc:ca:6e:
d0:7f:a0:a4:b2:f9:51:be:e8:ab:d1:b8:96:24:f5:fd:06:c6:
7a:bd:b4:e6:6d:c8:79:b5:9b:29:98:45:5d:76:b2:bf:69:61:
2f:7a:07:48:30:d3:af:75:56:65:be:7a:2d:b1:23:b8:b6:c4:
79:82:69:dd:e1:22:e6:af:21:41:b5:50:48:74:9e:e2:e7:4a:
e6:31:a1:ef:7e:a1:14:bc:31:15:80:76:9b:42:7d:8a:48:ad:
f8:22:03:94:89:66:e0:32:9e:58:86:52:44:64:24:02:9b:98:
c4:3c:bd:f6:60:06:9a:bb:80:1c:f3:f5:c2:4c:d6:52:28:82:
f6:0e:c0:f0:d4:23:53:dd:cc:c9:ef:2a:cd:4d:43:ee:15:da:
76:8c:cf:df:25:27:95:c6:3a:0a:2a:9e:26:e3:79:40:5f:e8:
9c:e4:af:3e:ee:6c:a8:f5:3c:8d:f6:30:95:61:0f:d6:f7:62:
1a:3c:ea:4e:03:bc:c5:54:48:78:0a:a7:40:d3:18:d3:f9:5c:
d2:ea:cf:b9:5e:c2:b6:51:88:c4:f3:20:9d:5e:2f:b3:18:61:
6b:f4:a8:06:6c:d2:be:39:1c:56:6e:e4:87:3d:4f:cd:98:1e:
29:14:58:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKeputjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI3YTYxMTEyZmQ5
MGYwZjNiM2ExMDY5NmZlYjhjODAyMDMzNjJkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeWCzcb9ki6QT/jDB/QgSdOcQD0gd4hdrqMppVEQaciOszT
v1Q6ATFXFnXUDhpeSW5HUuy75xthbboIShxkjfRcP4pdg9WhLdi95gu65BVy83bv
JxF6wlVeTJivbr7i//36/pXmWwhSOZGYutYwBRayroj1ScuJpIqncHxYVvJyVppc
47E5yP6bGIIVazDFXBcPW+TU634oU81ZOezRmL9+8ViLWthUE+x6MqcXxZnVAqL2
qnODrTkbHWMUqnbAJkk4Acbk3c1QkC3ggE1Ag2+Ruod0jZx7VHVKVG2QXel6jz57
/GaMz4dy4RyExN8CbOYH6oAoyUW9DHaMBuvYQQ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRremERL9kPDzs6EGlv64yAIDNi3TAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L2EzcGhFU19aRHc4N09oQnBiLXVNZ0NBell0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkTsDANBgkqhkiG9w0BAQsFAAOC
AQEA2FlgdGoL7M3tHjv3QohI3Mpu0H+gpLL5Ub7oq9G4liT1/QbGer205m3IebWb
KZhFXXayv2lhL3oHSDDTr3VWZb56LbEjuLbEeYJp3eEi5q8hQbVQSHSe4udK5jGh
736hFLwxFYB2m0J9ikit+CIDlIlm4DKeWIZSRGQkApuYxDy99mAGmruAHPP1wkzW
UiiC9g7A8NQjU93Mye8qzU1D7hXadozP3yUnlcY6CiqeJuN5QF/onOSvPu5sqPU8
jfYwlWEP1vdiGjzqTgO8xVRIeAqnQNMY0/lc0urPuV7CtlGIxPMgnV4vsxhha/So
BmzSvjkcVm7khz1PzZgeKRRYVw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:13 2023 by rpki-client on console-ams.rpki-client.org