Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/29e960-eff5-44f2-bc40-ade60728ec37/1/ieA4kRPzmkdo8cYLfGwzNGcqxJg.roa
File: ieA4kRPzmkdo8cYLfGwzNGcqxJg.roa (raw, json)
Hash identifier: A1vLcO3NlOEesWOtZd5ZsOJ8B1FPehqdmdxJ6u+sfoA=
Subject key identifier: 89:E0:38:91:13:F3:9A:47:68:F1:C6:0B:7C:6C:33:34:67:2A:C4:98
Certificate issuer: /CN=6c7228dbb17f64e62de1dc4698815a35bb47202d
Certificate serial: 0942114E
Authority key identifier: 6C:72:28:DB:B1:7F:64:E6:2D:E1:DC:46:98:81:5A:35:BB:47:20:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHIo27F_ZOYt4dxGmIFaNbtHIC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/29e960-eff5-44f2-bc40-ade60728ec37/1/ieA4kRPzmkdo8cYLfGwzNGcqxJg.roa
Signing time: Sat 01 Jan 2022 06:55:00 +0000
ROA not before: Sat 01 Jan 2022 06:55:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204335
IP address blocks: 185.253.62.0/24 maxlen: 24
185.253.61.0/24 maxlen: 24
185.253.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155324750 (0x942114e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c7228dbb17f64e62de1dc4698815a35bb47202d
Validity
Not Before: Jan 1 06:55:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89e0389113f39a4768f1c60b7c6c3334672ac498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1c:b7:34:2b:dc:3f:9e:f2:7d:14:fd:b6:f8:
7f:9e:dd:fe:0f:71:ca:9c:40:80:bb:4c:b3:f8:a8:
4f:8f:0d:eb:37:86:9c:d0:ef:6b:d5:63:c4:24:40:
c0:81:09:f7:c0:66:cb:86:2b:b8:34:5e:c4:c6:24:
db:8c:58:cc:45:6f:1a:92:1f:37:45:2c:7c:58:2f:
bc:1f:f1:1d:26:e5:e9:7e:c2:94:9b:48:2b:d6:4e:
e5:cc:1e:28:51:e2:26:8c:58:b8:56:cb:d7:27:de:
b8:1c:a1:5f:a0:c8:82:6f:7f:f6:3b:86:28:3c:22:
ac:89:d7:32:0f:8a:1d:56:a1:d0:08:67:1e:56:16:
9b:a2:fc:74:60:0f:8a:6c:10:a1:42:36:6d:88:5b:
fa:95:29:e9:e6:72:95:bd:92:d0:40:b7:b0:24:68:
15:60:23:ab:4c:94:e6:ca:c8:e3:c6:49:63:08:dd:
64:d4:e8:cd:b6:c3:15:df:c1:35:28:d5:85:e6:cf:
3a:ec:77:bf:4d:a4:72:5c:6c:0c:68:89:28:58:bd:
5d:7a:d3:42:e5:35:48:f3:7c:38:2f:86:09:e6:95:
37:94:91:3a:f6:61:9e:86:7c:5b:10:ec:ca:4b:c9:
52:eb:b8:2a:be:89:79:a6:10:cb:e7:af:9b:65:d1:
e8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E0:38:91:13:F3:9A:47:68:F1:C6:0B:7C:6C:33:34:67:2A:C4:98
X509v3 Authority Key Identifier:
keyid:6C:72:28:DB:B1:7F:64:E6:2D:E1:DC:46:98:81:5A:35:BB:47:20:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHIo27F_ZOYt4dxGmIFaNbtHIC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/29e960-eff5-44f2-bc40-ade60728ec37/1/ieA4kRPzmkdo8cYLfGwzNGcqxJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/29e960-eff5-44f2-bc40-ade60728ec37/1/bHIo27F_ZOYt4dxGmIFaNbtHIC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.61.0-185.253.63.255
Signature Algorithm: sha256WithRSAEncryption
73:3f:b3:7e:45:ee:1a:50:0a:b0:76:62:53:e8:66:1f:94:c5:
23:ba:af:1a:dc:51:d1:6d:8d:50:55:25:c7:92:19:a0:e4:66:
1c:7b:2e:bd:e1:89:2b:ea:66:68:f2:4e:72:b8:d4:81:89:d9:
b3:d3:28:b7:b8:96:02:73:90:88:13:4e:aa:fa:0a:ff:bb:47:
4b:d6:94:d3:a8:1d:12:f4:3c:5a:68:fd:40:30:44:e4:67:b6:
25:58:87:5d:e9:a5:9a:05:0c:cd:f1:3c:0a:f3:70:21:ae:dd:
1e:09:f5:40:51:bc:ef:49:b7:85:20:e7:ee:e8:49:9a:96:32:
16:fa:f9:b0:98:8f:21:36:8c:19:2d:7a:c6:ca:56:4a:27:08:
e8:8e:1a:0d:50:3e:00:53:04:a0:05:0b:c2:ce:67:90:15:0f:
9f:9e:ac:3b:d3:f9:84:e4:79:41:35:04:1d:ed:9f:50:91:64:
97:7c:62:36:df:53:a8:2d:1c:36:62:ad:33:05:b3:c7:c2:ab:
8c:ec:00:42:57:c5:1d:c1:94:3e:93:c9:73:1e:aa:9d:8d:e3:
b8:db:de:91:c9:f2:b9:71:b5:fa:b0:42:cd:91:5e:60:2e:30:
27:0e:18:50:09:d9:5f:08:82:73:fa:ff:98:56:4d:4e:a0:6e:
eb:85:97:15
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECUIRTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzcyMjhkYmIxN2Y2NGU2MmRlMWRjNDY5ODgxNWEzNWJiNDcyMDJkMB4XDTIyMDEw
MTA2NTUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODllMDM4OTExM2Yz
OWE0NzY4ZjFjNjBiN2M2YzMzMzQ2NzJhYzQ5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4ctzQr3D+e8n0U/bb4f57d/g9xypxAgLtMs/ioT48N6zeG
nNDva9VjxCRAwIEJ98Bmy4YruDRexMYk24xYzEVvGpIfN0UsfFgvvB/xHSbl6X7C
lJtIK9ZO5cweKFHiJoxYuFbL1yfeuByhX6DIgm9/9juGKDwirInXMg+KHVah0Ahn
HlYWm6L8dGAPimwQoUI2bYhb+pUp6eZylb2S0EC3sCRoFWAjq0yU5srI48ZJYwjd
ZNTozbbDFd/BNSjVhebPOux3v02kclxsDGiJKFi9XXrTQuU1SPN8OC+GCeaVN5SR
OvZhnoZ8WxDsykvJUuu4Kr6JeaYQy+evm2XR6McCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSJ4DiRE/OaR2jxxgt8bDM0ZyrEmDAfBgNVHSMEGDAWgBRscijbsX9k5i3h
3EaYgVo1u0cgLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JISW8yN0ZfWk9ZdDRkeEdtSUZhTmJ0SElDMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzYvMjllOTYwLWVmZjUtNDRmMi1iYzQwLWFkZTYwNzI4ZWMzNy8x
L2llQTRrUlB6bWtkbzhjWUxmR3d6TkdjcXhKZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYv
MjllOTYwLWVmZjUtNDRmMi1iYzQwLWFkZTYwNzI4ZWMzNy8xL2JISW8yN0ZfWk9Z
dDRkeEdtSUZhTmJ0SElDMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAuf09AwQGuf0AMA0GCSqGSIb3
DQEBCwUAA4IBAQBzP7N+Re4aUAqwdmJT6GYflMUjuq8a3FHRbY1QVSXHkhmg5GYc
ey694Ykr6mZo8k5yuNSBidmz0yi3uJYCc5CIE06q+gr/u0dL1pTTqB0S9DxaaP1A
METkZ7YlWIdd6aWaBQzN8TwK83Ahrt0eCfVAUbzvSbeFIOfu6EmaljIW+vmwmI8h
NowZLXrGylZKJwjojhoNUD4AUwSgBQvCzmeQFQ+fnqw70/mE5HlBNQQd7Z9QkWSX
fGI231OoLRw2Yq0zBbPHwquM7ABCV8UdwZQ+k8lzHqqdjeO4296RyfK5cbX6sELN
kV5gLjAnDhhQCdlfCIJz+v+YVk1OoG7rhZcV
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:18 2023 by rpki-client on console.sobornost.net