Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/cBSMQgA-bZ89oKXIYhwfo9lYi-w.roa
File: cBSMQgA-bZ89oKXIYhwfo9lYi-w.roa (raw, json)
Hash identifier: y3AfcrFa1CxbFnAHvnkBfRe949qmpATtlIfnLyy8fAM=
Subject key identifier: 70:14:8C:42:00:3E:6D:9F:3D:A0:A5:C8:62:1C:1F:A3:D9:58:8B:EC
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29EF58BF
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/cBSMQgA-bZ89oKXIYhwfo9lYi-w.roa
Signing time: Sat 01 Jan 2022 13:54:25 +0000
ROA not before: Sat 01 Jan 2022 13:54:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61264
IP address blocks: 95.181.144.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703551679 (0x29ef58bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70148c42003e6d9f3da0a5c8621c1fa3d9588bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:62:b2:76:eb:c0:00:a6:19:02:fb:ac:e4:5e:
90:41:49:b4:b0:5b:d5:25:0a:a8:8e:64:fa:15:34:
2c:ca:a3:46:15:39:48:c2:1c:db:4a:37:74:b6:d5:
b2:c6:62:33:ab:96:1f:e1:92:9b:56:0f:fc:01:b1:
f6:32:f4:1a:5c:f4:fa:10:d8:ab:9f:4f:55:9e:98:
b8:5f:db:1c:eb:9f:48:8d:c7:b2:bb:6e:03:05:cf:
5e:fb:d7:21:e7:c6:a9:1c:45:d7:40:02:73:8c:d0:
8c:f7:80:17:9e:2b:48:0d:fd:8c:94:8b:34:9d:ce:
aa:5c:18:39:26:3d:e4:34:5f:c2:07:a6:7c:f9:2f:
ee:d8:b8:f1:fd:55:cc:cd:ff:de:20:e6:b8:14:99:
d3:56:9f:fd:a0:f9:bb:9a:93:54:b9:0f:ae:1a:c2:
e7:c2:de:66:24:3a:53:ee:a1:96:57:63:5b:4f:37:
78:af:f1:3f:97:76:d5:7a:d9:73:11:72:b1:b5:03:
46:fd:18:b7:d3:0b:1e:c7:27:c3:e0:10:48:c9:8c:
ee:65:03:39:88:5f:10:1b:bf:3c:8f:d3:f5:66:3f:
4c:62:cf:68:e6:f0:ff:c6:a8:1e:40:36:0f:57:93:
4f:a4:8c:6e:02:92:69:d1:e4:3e:f1:c5:25:c8:2f:
00:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:14:8C:42:00:3E:6D:9F:3D:A0:A5:C8:62:1C:1F:A3:D9:58:8B:EC
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/cBSMQgA-bZ89oKXIYhwfo9lYi-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.144.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:77:2e:a5:b6:ee:e4:9a:9c:53:cd:05:02:43:08:0c:ed:5c:
33:62:35:50:4d:26:7b:27:2f:aa:0f:24:e8:53:a7:d2:59:82:
1d:28:58:57:e7:8f:0c:9b:11:e9:22:c2:6f:a6:5e:fd:46:99:
b2:fc:26:87:7c:ed:4c:d5:75:02:28:72:86:35:f7:1d:a5:78:
3c:45:fa:bc:07:34:f3:9b:a1:f8:4f:ce:52:42:62:d6:4e:86:
a1:c8:25:7e:04:22:c3:2b:d4:07:27:09:5c:0e:bb:18:3b:f4:
aa:05:f7:2f:23:04:b8:10:3a:53:55:f3:73:85:fa:99:2b:2f:
fc:50:13:ab:65:a0:22:3e:32:7f:79:e3:a0:65:8b:da:2b:ba:
71:9e:19:c8:62:d9:6b:7d:1c:ae:f5:8a:1e:d3:2a:e7:d9:8f:
10:64:86:b9:47:92:1b:c1:fd:88:6b:f4:90:ad:45:99:91:21:
53:0d:16:55:4f:f7:f9:96:16:15:5f:75:4d:b2:9e:c7:2c:8e:
ad:3f:38:6f:64:ae:38:57:65:94:53:58:6b:93:49:99:61:d8:
7b:d6:b8:6c:53:a9:a6:4a:78:e5:e0:95:a7:87:b7:76:88:dc:
d7:95:9e:bd:84:40:91:ae:ff:7a:c2:d4:6b:1f:89:3e:e0:62:
42:0c:d5:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKe9YvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzAxNDhjNDIwMDNl
NmQ5ZjNkYTBhNWM4NjIxYzFmYTNkOTU4OGJlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxisnbrwACmGQL7rORekEFJtLBb1SUKqI5k+hU0LMqjRhU5
SMIc20o3dLbVssZiM6uWH+GSm1YP/AGx9jL0Glz0+hDYq59PVZ6YuF/bHOufSI3H
srtuAwXPXvvXIefGqRxF10ACc4zQjPeAF54rSA39jJSLNJ3OqlwYOSY95DRfwgem
fPkv7ti48f1VzM3/3iDmuBSZ01af/aD5u5qTVLkPrhrC58LeZiQ6U+6hlldjW083
eK/xP5d21XrZcxFysbUDRv0Yt9MLHscnw+AQSMmM7mUDOYhfEBu/PI/T9WY/TGLP
aObw/8aoHkA2D1eTT6SMbgKSadHkPvHFJcgvABMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRwFIxCAD5tnz2gpchiHB+j2ViL7DAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L2NCU01RZ0EtYlo4OW9LWElZaHdmbzlsWWktdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF+1kDANBgkqhkiG9w0BAQsFAAOC
AQEAK3cupbbu5JqcU80FAkMIDO1cM2I1UE0meycvqg8k6FOn0lmCHShYV+ePDJsR
6SLCb6Ze/UaZsvwmh3ztTNV1AihyhjX3HaV4PEX6vAc085uh+E/OUkJi1k6Gocgl
fgQiwyvUBycJXA67GDv0qgX3LyMEuBA6U1Xzc4X6mSsv/FATq2WgIj4yf3njoGWL
2iu6cZ4ZyGLZa30crvWKHtMq59mPEGSGuUeSG8H9iGv0kK1FmZEhUw0WVU/3+ZYW
FV91TbKexyyOrT84b2SuOFdllFNYa5NJmWHYe9a4bFOppkp45eCVp4e3dojc15We
vYRAka7/esLUax+JPuBiQgzVMA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:13 2023 by rpki-client on console-ams.rpki-client.org