Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/8ppAbLopVU_MCyz3NDoOFsT332Q.roa
File: 8ppAbLopVU_MCyz3NDoOFsT332Q.roa (raw, json)
Hash identifier: 4ubDvxqeCLniqQ+YELZDCAoVWd3MvS09HRGlrvmmceY=
Subject key identifier: F2:9A:40:6C:BA:29:55:4F:CC:0B:2C:F7:34:3A:0E:16:C4:F7:DF:64
Certificate issuer: /CN=48cb94a44349f98d409b7ddb9a053df4aef1addf
Certificate serial: 0183EF67738BF379F966ED0C012663075886
Authority key identifier: 48:CB:94:A4:43:49:F9:8D:40:9B:7D:DB:9A:05:3D:F4:AE:F1:AD:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SMuUpENJ-Y1Am33bmgU99K7xrd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/8ppAbLopVU_MCyz3NDoOFsT332Q.roa
Signing time: Wed 19 Oct 2022 08:41:17 +0000
ROA not before: Wed 19 Oct 2022 08:41:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60068
IP address blocks: 87.249.128.0/21 maxlen: 24
87.249.136.0/23 maxlen: 24
178.249.208.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:67:73:8b:f3:79:f9:66:ed:0c:01:26:63:07:58:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48cb94a44349f98d409b7ddb9a053df4aef1addf
Validity
Not Before: Oct 19 08:41:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f29a406cba29554fcc0b2cf7343a0e16c4f7df64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e4:34:1b:d8:aa:e8:21:67:f6:f9:04:e9:5c:
1f:e4:d0:56:76:13:b8:15:79:ee:16:ab:75:98:6a:
e9:31:61:47:ba:96:b4:d8:bb:6d:f1:50:ff:52:8b:
7b:b3:17:ca:d2:b9:64:4d:a7:ce:26:85:45:0b:5e:
bc:bf:ea:48:eb:14:80:0f:98:2a:fe:60:25:09:b6:
b2:18:0a:f7:82:21:31:27:f3:9f:ef:c3:50:ca:f0:
8a:ec:25:72:4e:c6:85:e4:a8:7c:a4:3e:72:dc:7b:
2b:91:95:97:bf:59:cf:fc:30:82:9a:29:70:5c:87:
c9:75:ce:6d:6b:8e:f3:da:4c:79:e1:42:b5:21:8b:
7e:d7:0e:8b:3f:fb:e6:82:e3:98:0d:d9:a9:12:48:
a3:12:40:46:a6:44:f7:86:53:14:4b:8b:40:e4:4b:
62:ea:9a:17:6b:f3:44:62:37:0f:a6:d0:59:a2:45:
6a:dc:5c:cb:2b:30:20:b5:13:1d:8e:61:6a:fd:b3:
27:5d:16:4b:f1:ba:ec:93:3a:bb:53:d0:c5:16:ee:
72:58:ee:0d:45:75:dd:ac:14:5d:cc:25:f4:76:6c:
a9:e3:cc:cc:3e:28:64:65:d8:0e:87:84:05:a9:7c:
7b:d8:12:37:31:21:79:78:e7:1b:1b:90:4b:61:fc:
10:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9A:40:6C:BA:29:55:4F:CC:0B:2C:F7:34:3A:0E:16:C4:F7:DF:64
X509v3 Authority Key Identifier:
keyid:48:CB:94:A4:43:49:F9:8D:40:9B:7D:DB:9A:05:3D:F4:AE:F1:AD:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SMuUpENJ-Y1Am33bmgU99K7xrd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/8ppAbLopVU_MCyz3NDoOFsT332Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/SMuUpENJ-Y1Am33bmgU99K7xrd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.249.128.0-87.249.137.255
178.249.208.0/21
Signature Algorithm: sha256WithRSAEncryption
61:27:8c:aa:e3:fd:b3:7a:67:3f:a3:fe:83:0b:38:6a:d8:92:
f8:42:e7:91:18:52:cb:e5:6e:61:ae:99:f1:9a:81:56:06:62:
69:a0:88:1a:2f:af:07:0a:62:b9:4e:e1:df:11:84:b4:6a:c0:
13:19:0e:0b:7f:d8:8e:83:6d:3d:5c:1e:79:80:52:7a:9d:d7:
cd:2f:ec:8e:15:7a:2f:d0:31:59:16:7a:d8:44:c7:2f:42:fe:
eb:bf:25:7c:0d:8c:d4:b3:3d:f5:a2:8c:9c:3f:1d:9b:1e:96:
61:8b:ec:f6:08:98:34:fc:81:e9:a2:47:d3:d6:8c:de:d7:14:
ad:f4:1c:2f:09:9b:f3:d0:a6:86:9c:17:6c:1e:0b:32:ba:a1:
b6:04:af:c5:e5:a6:44:ca:46:ae:44:58:a2:f7:bf:00:b9:fe:
1b:7d:f5:08:0e:56:bd:0f:78:a7:28:70:26:4c:e7:65:27:b0:
1b:32:76:c2:ae:f7:2b:7d:f0:e2:5d:14:6d:fe:01:87:49:de:
8c:82:2b:bc:84:87:3e:c8:70:4d:a1:3e:79:75:64:d3:66:59:
d7:72:df:d4:dd:f0:d5:7d:7d:1b:3e:81:a4:5d:e4:0f:82:8b:
15:4c:05:a9:fd:ce:fd:72:c7:4a:2d:56:bf:72:fc:6d:b1:5e:
5b:5b:40:db
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYPvZ3OL83n5Zu0MASZjB1iGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Y2I5NGE0NDM0OWY5OGQ0MDliN2RkYjlhMDUzZGY0YWVm
MWFkZGYwHhcNMjIxMDE5MDg0MTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjlhNDA2Y2JhMjk1NTRmY2MwYjJjZjczNDNhMGUxNmM0ZjdkZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Q0G9iq6CFn9vkE6Vwf5NBWdhO4
FXnuFqt1mGrpMWFHupa02Ltt8VD/Uot7sxfK0rlkTafOJoVFC168v+pI6xSAD5gq
/mAlCbayGAr3giExJ/Of78NQyvCK7CVyTsaF5Kh8pD5y3HsrkZWXv1nP/DCCmilw
XIfJdc5ta47z2kx54UK1IYt+1w6LP/vmguOYDdmpEkijEkBGpkT3hlMUS4tA5Eti
6poXa/NEYjcPptBZokVq3FzLKzAgtRMdjmFq/bMnXRZL8brskzq7U9DFFu5yWO4N
RXXdrBRdzCX0dmyp48zMPihkZdgOh4QFqXx72BI3MSF5eOcbG5BLYfwQEQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPKaQGy6KVVPzAss9zQ6DhbE999kMB8GA1UdIwQY
MBaAFEjLlKRDSfmNQJt925oFPfSu8a3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU011VXBFTkotWTFBbTMzYm1nVTk5Szd4cmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hYzBjMDYtODA3Mi00ZTMwLTk1ZDEt
YTNkNTUzM2YxNzU3LzEvOHBwQWJMb3BWVV9NQ3l6M05Eb09Gc1QzMzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hYzBjMDYtODA3Mi00ZTMwLTk1ZDEtYTNkNTUzM2YxNzU3
LzEvU011VXBFTkotWTFBbTMzYm1nVTk5Szd4cmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAdX+YAD
BAFX+YgDBAOy+dAwDQYJKoZIhvcNAQELBQADggEBAGEnjKrj/bN6Zz+j/oMLOGrY
kvhC55EYUsvlbmGumfGagVYGYmmgiBovrwcKYrlO4d8RhLRqwBMZDgt/2I6DbT1c
HnmAUnqd180v7I4Vei/QMVkWethExy9C/uu/JXwNjNSzPfWijJw/HZselmGL7PYI
mDT8gemiR9PWjN7XFK30HC8Jm/PQpoacF2weCzK6obYEr8XlpkTKRq5EWKL3vwC5
/ht99QgOVr0PeKcocCZM52UnsBsydsKu9yt98OJdFG3+AYdJ3oyCK7yEhz7IcE2h
Pnl1ZNNmWddy39Td8NV9fRs+gaRd5A+CixVMBan9zv1yx0otVr9y/G2xXltbQNs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:00 2024 by rpki-client on console-fra.rpki-client.org