Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/1-_PMtfzbbcgt_ZlqycjdxXnW7DU.roa
File: 1-_PMtfzbbcgt_ZlqycjdxXnW7DU.roa (raw, json)
Hash identifier: f0+ONv5QyEq8FXCC+FAKJzs2OOcf+731VcFw6yjLPLA=
Subject key identifier: FB:F3:CC:B5:FC:DB:6D:C8:2D:FD:99:6A:C9:C8:DD:C5:79:D6:EC:35
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 01856F6FFD6E7CBA6C44038A8AB0FE946B5F
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/1-_PMtfzbbcgt_ZlqycjdxXnW7DU.roa
Signing time: Sun 01 Jan 2023 22:24:48 +0000
ROA not before: Sun 01 Jan 2023 22:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212248
IP address blocks: 185.105.237.0/24 maxlen: 24
185.231.114.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:fd:6e:7c:ba:6c:44:03:8a:8a:b0:fe:94:6b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Jan 1 22:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbf3ccb5fcdb6dc82dfd996ac9c8ddc579d6ec35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6b:e3:07:30:3a:08:25:79:8c:8a:fa:e3:5d:
45:2c:18:8e:0f:04:96:4a:0d:bb:a8:0b:44:5e:ef:
fb:8e:0a:67:92:35:25:4f:2f:51:f2:ff:42:84:c5:
c7:bc:a9:7e:a7:16:38:78:1e:8e:4b:ab:18:2c:1d:
e0:37:68:8b:37:79:41:d3:6b:c9:1e:7c:37:29:f9:
9f:d2:7b:57:58:d7:b3:90:e9:f0:53:f8:09:c1:72:
59:7c:41:3b:96:28:43:c1:5a:d6:13:ca:c5:ab:be:
58:80:53:cb:c7:5b:40:31:86:bc:d4:6e:22:51:47:
c8:02:b4:74:91:02:0f:08:3f:a0:5e:c3:20:9a:ee:
8b:49:a8:d5:99:da:8b:10:0f:f0:da:10:a8:6d:6c:
13:de:a6:04:26:8f:29:56:7a:45:5d:97:43:8a:a3:
f7:47:89:8c:73:c3:1b:d5:5e:c8:81:b5:70:53:77:
9d:69:62:dc:ee:24:0b:00:b3:00:d5:28:1a:84:e1:
8e:09:4e:b7:8a:82:9b:44:63:dc:3c:67:63:2d:f9:
22:f8:3d:d2:22:2b:a3:27:a7:c6:cb:68:4c:a2:29:
be:c1:08:86:c6:14:49:05:f6:9f:ca:ee:5c:e4:df:
89:2e:92:8a:48:83:98:2d:9e:c2:5a:fc:c9:be:15:
28:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F3:CC:B5:FC:DB:6D:C8:2D:FD:99:6A:C9:C8:DD:C5:79:D6:EC:35
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/1-_PMtfzbbcgt_ZlqycjdxXnW7DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.237.0/24
185.231.114.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:4d:be:54:05:c9:e9:3b:06:53:72:68:e6:fe:51:65:05:10:
15:98:3a:68:b6:6d:bc:83:8c:a3:ee:1a:ef:49:7d:73:b8:ce:
22:9b:22:a1:79:85:33:11:52:d8:bc:7e:c1:59:4a:9d:ff:da:
86:56:95:19:35:90:9a:82:c1:c4:d4:05:c0:04:e3:00:45:b4:
8f:4f:7a:ef:72:70:3f:c5:b4:3f:f3:2b:26:29:61:a2:54:c7:
05:98:1e:8d:38:b3:f2:ff:6e:2b:d4:d9:a5:d6:e0:59:94:b5:
0e:c0:57:58:42:c5:6d:c1:bb:02:b2:f3:19:90:3a:23:83:63:
e6:01:64:fe:0e:a1:3d:0d:27:a6:a4:42:50:92:9f:7f:44:fe:
01:9a:8b:77:f8:b7:dc:f4:02:51:d9:c1:4e:72:1b:ec:f0:28:
2f:15:b5:ad:eb:8c:10:0c:b8:96:eb:b9:a2:7f:76:bd:c5:47:
3a:e5:6b:f0:82:99:c8:f4:8d:92:ab:b7:a7:c1:39:99:65:53:
3b:b3:7a:c7:5c:84:c2:a6:3c:ec:44:5f:ba:0f:c8:0a:0e:7f:
51:ce:7e:10:70:1b:9a:f3:d7:8a:9d:6b:44:0e:17:63:d4:21:
c9:1f:be:14:69:f2:52:37:6f:42:df:31:d7:e6:8d:70:98:66:
28:13:75:75
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVvb/1ufLpsRAOKirD+lGtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjMwMTAxMjIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmYzY2NiNWZjZGI2ZGM4MmRmZDk5NmFjOWM4ZGRjNTc5ZDZlYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmvjBzA6CCV5jIr6411FLBiODwSW
Sg27qAtEXu/7jgpnkjUlTy9R8v9ChMXHvKl+pxY4eB6OS6sYLB3gN2iLN3lB02vJ
Hnw3Kfmf0ntXWNezkOnwU/gJwXJZfEE7lihDwVrWE8rFq75YgFPLx1tAMYa81G4i
UUfIArR0kQIPCD+gXsMgmu6LSajVmdqLEA/w2hCobWwT3qYEJo8pVnpFXZdDiqP3
R4mMc8Mb1V7IgbVwU3edaWLc7iQLALMA1SgahOGOCU63ioKbRGPcPGdjLfki+D3S
IiujJ6fGy2hMoim+wQiGxhRJBfafyu5c5N+JLpKKSIOYLZ7CWvzJvhUoQQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPvzzLX8223ILf2ZasnI3cV51uw1MB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvMS1fUE10ZnpiYmNndF9abHF5Y2pkeFhuVzdEVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjIvODI0Zjc4LWRlZTItNDdiYy1hZjJmLTM4Y2I2ZTQxNmYz
YS8xL3lIdFpUbDVuRTZXNENsU0JwYzV4NWxMWVJYTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlp7QME
ALnncjANBgkqhkiG9w0BAQsFAAOCAQEAm02+VAXJ6TsGU3Jo5v5RZQUQFZg6aLZt
vIOMo+4a70l9c7jOIpsioXmFMxFS2Lx+wVlKnf/ahlaVGTWQmoLBxNQFwATjAEW0
j09673JwP8W0P/MrJilholTHBZgejTiz8v9uK9TZpdbgWZS1DsBXWELFbcG7ArLz
GZA6I4Nj5gFk/g6hPQ0npqRCUJKff0T+AZqLd/i33PQCUdnBTnIb7PAoLxW1reuM
EAy4luu5on92vcVHOuVr8IKZyPSNkqu3p8E5mWVTO7N6x1yEwqY87ERfug/ICg5/
Uc5+EHAbmvPXip1rRA4XY9QhyR++FGnyUjdvQt8x1+aNcJhmKBN1dQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org