Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/5a2514-efec-499a-b00e-b726c1cac110/1/vW9VspNVOIdelzmoPxgE5uyGSs8.roa
File: vW9VspNVOIdelzmoPxgE5uyGSs8.roa (raw, json)
Hash identifier: 0tdtNOGG4zsW0EKl9EkrBdI/f/f+NY+1rOsjBbbG6TE=
Subject key identifier: BD:6F:55:B2:93:55:38:87:5E:97:39:A8:3F:18:04:E6:EC:86:4A:CF
Certificate issuer: /CN=3ba7f6c0b9e40a55e29cf36237c78998fcb1eaea
Certificate serial: 018828B2E0B676AA946262A77ED2E22E95A4
Authority key identifier: 3B:A7:F6:C0:B9:E4:0A:55:E2:9C:F3:62:37:C7:89:98:FC:B1:EA:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6f2wLnkClXinPNiN8eJmPyx6uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/5a2514-efec-499a-b00e-b726c1cac110/1/vW9VspNVOIdelzmoPxgE5uyGSs8.roa
Signing time: Wed 17 May 2023 07:53:11 +0000
ROA not before: Wed 17 May 2023 07:53:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205374
IP address blocks: 185.219.86.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:28:b2:e0:b6:76:aa:94:62:62:a7:7e:d2:e2:2e:95:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba7f6c0b9e40a55e29cf36237c78998fcb1eaea
Validity
Not Before: May 17 07:53:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd6f55b2935538875e9739a83f1804e6ec864acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9c:54:bc:00:ac:9f:16:ca:d0:53:32:1d:ac:
2f:87:6e:bd:26:ba:29:bc:53:5b:bf:2a:29:28:c3:
9f:10:f2:6e:f2:37:7f:b9:32:8b:b1:80:76:18:25:
b7:ba:bb:58:ca:dd:2b:f5:1e:bf:6b:2f:0a:94:15:
2e:de:52:04:9a:7a:97:ce:5a:95:92:c5:a7:c7:a5:
b7:b7:54:e5:69:77:0b:9e:ab:72:29:13:5b:8d:e1:
9f:c9:40:f4:57:9e:75:58:f5:84:b0:e0:6a:ef:dc:
41:53:84:fc:b4:c9:d0:13:03:3e:0d:72:cf:4f:08:
5f:f1:6d:3f:f5:fa:c3:29:c1:37:ec:be:01:2d:7e:
ea:45:e1:09:ba:8b:8e:bd:01:3c:7f:64:cc:3e:1f:
84:99:b9:ef:f6:65:c9:60:40:0a:ba:bc:af:62:b0:
ed:db:c0:25:80:ff:50:ee:7a:db:99:fb:e9:d9:72:
af:3b:11:ff:fc:ab:2b:3e:c1:e6:dc:cd:e0:5c:9d:
26:1a:f3:0f:4f:3c:fb:da:d9:b9:03:14:a4:c3:c1:
a4:ca:e8:76:37:00:2a:91:17:85:c0:e9:67:5b:f1:
cd:d1:f5:00:86:d3:45:1b:4f:47:bf:62:92:a3:3c:
b3:ae:b3:9d:15:8f:c4:fe:75:fb:c9:32:c1:7c:10:
a7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6F:55:B2:93:55:38:87:5E:97:39:A8:3F:18:04:E6:EC:86:4A:CF
X509v3 Authority Key Identifier:
keyid:3B:A7:F6:C0:B9:E4:0A:55:E2:9C:F3:62:37:C7:89:98:FC:B1:EA:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6f2wLnkClXinPNiN8eJmPyx6uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/5a2514-efec-499a-b00e-b726c1cac110/1/vW9VspNVOIdelzmoPxgE5uyGSs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/5a2514-efec-499a-b00e-b726c1cac110/1/O6f2wLnkClXinPNiN8eJmPyx6uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.86.0/24
Signature Algorithm: sha256WithRSAEncryption
35:52:52:58:12:13:c2:84:b3:77:0e:09:ef:f8:cd:55:c9:c9:
aa:4d:ff:1c:7d:19:7f:82:56:4d:ad:c3:15:57:4f:08:43:22:
59:0d:ae:95:f7:40:b5:8d:ce:28:49:16:6d:86:eb:b1:58:78:
35:15:7c:d1:9d:a8:50:5a:c1:9a:a3:3a:73:a6:d0:7f:d1:a9:
da:8a:a7:e7:53:57:02:ff:70:b4:e3:29:11:b6:d0:3c:78:a8:
15:cc:4d:c2:86:fb:52:75:62:30:7a:8a:54:cc:34:ac:81:99:
8f:20:de:5a:cd:0f:f9:a3:3c:a5:35:00:b1:fb:a3:d6:f5:8e:
bc:48:5e:65:42:a1:35:c0:79:f6:a8:8f:62:8a:28:cc:dd:90:
c2:d6:19:bf:f7:d2:6d:a3:7d:cc:e9:37:1a:db:08:3d:f2:00:
f0:b0:6d:34:d4:1b:f5:46:87:d5:d5:3a:4d:4a:8f:e2:63:31:
d4:b6:ae:97:48:c8:b7:13:fe:70:8f:b7:3d:50:03:b7:09:b2:
fa:59:f1:cc:04:5a:6f:9f:d8:90:b4:be:ce:0f:f3:ae:df:26:
95:10:59:5f:3a:a0:22:a9:55:50:74:67:27:85:69:5d:fe:74:
4a:90:e3:56:cc:39:75:ba:57:9e:7f:ef:8c:45:e7:2f:ab:2a:
b2:7d:b8:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgosuC2dqqUYmKnftLiLpWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTdmNmMwYjllNDBhNTVlMjljZjM2MjM3Yzc4OTk4ZmNi
MWVhZWEwHhcNMjMwNTE3MDc1MzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDZmNTViMjkzNTUzODg3NWU5NzM5YTgzZjE4MDRlNmVjODY0YWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZxUvACsnxbK0FMyHawvh269Jrop
vFNbvyopKMOfEPJu8jd/uTKLsYB2GCW3urtYyt0r9R6/ay8KlBUu3lIEmnqXzlqV
ksWnx6W3t1TlaXcLnqtyKRNbjeGfyUD0V551WPWEsOBq79xBU4T8tMnQEwM+DXLP
Twhf8W0/9frDKcE37L4BLX7qReEJuouOvQE8f2TMPh+Embnv9mXJYEAKuryvYrDt
28AlgP9Q7nrbmfvp2XKvOxH//KsrPsHm3M3gXJ0mGvMPTzz72tm5AxSkw8Gkyuh2
NwAqkReFwOlnW/HN0fUAhtNFG09Hv2KSozyzrrOdFY/E/nX7yTLBfBCnyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1vVbKTVTiHXpc5qD8YBObshkrPMB8GA1UdIwQY
MBaAFDun9sC55ApV4pzzYjfHiZj8serqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZmMndMbmtDbFhpblBOaU44ZUptUHl4NnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS81YTI1MTQtZWZlYy00OTlhLWIwMGUt
YjcyNmMxY2FjMTEwLzEvdlc5VnNwTlZPSWRlbHptb1B4Z0U1dXlHU3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS81YTI1MTQtZWZlYy00OTlhLWIwMGUtYjcyNmMxY2FjMTEw
LzEvTzZmMndMbmtDbFhpblBOaU44ZUptUHl4NnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudtWMA0G
CSqGSIb3DQEBCwUAA4IBAQA1UlJYEhPChLN3Dgnv+M1VycmqTf8cfRl/glZNrcMV
V08IQyJZDa6V90C1jc4oSRZthuuxWHg1FXzRnahQWsGaozpzptB/0anaiqfnU1cC
/3C04ykRttA8eKgVzE3ChvtSdWIweopUzDSsgZmPIN5azQ/5ozylNQCx+6PW9Y68
SF5lQqE1wHn2qI9iiijM3ZDC1hm/99Jto33M6Tca2wg98gDwsG001Bv1RofV1TpN
So/iYzHUtq6XSMi3E/5wj7c9UAO3CbL6WfHMBFpvn9iQtL7OD/Ou3yaVEFlfOqAi
qVVQdGcnhWld/nRKkONWzDl1uleef++MRecvqyqyfbgL
-----END CERTIFICATE-----
Generated at Fri Oct 27 15:00:11 2023 by rpki-client on console-ams.rpki-client.org