Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ByGjDgBA0wiDDRdFW22FGF5iAcU.roa
File: ByGjDgBA0wiDDRdFW22FGF5iAcU.roa (raw, json)
Hash identifier: 1QOqCA7C3h6CeOSrXtwBeo0C/w/URN/T0/af2ZRlvj4=
Subject key identifier: 07:21:A3:0E:00:40:D3:08:83:0D:17:45:5B:6D:85:18:5E:62:01:C5
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0D1FEB15
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ByGjDgBA0wiDDRdFW22FGF5iAcU.roa
Signing time: Tue 03 May 2022 11:06:59 +0000
ROA not before: Tue 03 May 2022 11:06:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 212.40.181.0/24 maxlen: 24
194.64.88.0/24 maxlen: 24
195.180.177.0/24 maxlen: 24
194.233.8.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220195605 (0xd1feb15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: May 3 11:06:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0721a30e0040d308830d17455b6d85185e6201c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f4:52:78:a0:54:e2:7f:a5:2d:1e:95:33:d1:
64:33:3b:e5:6d:9f:27:eb:0d:dc:94:12:33:23:03:
f7:11:46:d9:a6:c8:04:27:3c:89:18:09:14:d7:5b:
b1:17:c3:86:f8:c9:eb:80:cd:df:0f:52:15:27:c2:
87:5c:93:a0:7e:e9:f3:1a:27:4a:79:d2:20:09:5c:
17:5c:a0:62:6b:fa:eb:82:a9:79:07:25:53:3e:86:
eb:30:7f:a2:8c:4e:2e:67:4a:08:55:9e:80:f7:d5:
da:8d:ef:3f:d8:74:63:9a:75:25:f0:f9:05:d8:de:
4b:14:93:e2:da:b8:cf:cb:d5:73:c0:50:eb:9a:3e:
41:0f:48:58:e0:62:f7:1b:5d:d3:2b:0b:f5:53:ce:
bc:35:90:cf:c2:5f:66:c6:b8:e7:8c:ab:ad:e4:33:
b2:9c:6c:f0:df:4f:b2:81:fd:ed:07:5a:e8:45:bd:
cf:a1:32:e1:9e:8d:35:bd:52:cc:e5:1c:25:9b:7c:
5b:38:7d:66:74:c3:5c:fa:3c:8d:81:00:f8:71:53:
46:3d:32:51:be:eb:f2:44:9d:23:1b:ea:e3:07:52:
9b:45:3d:71:60:63:b0:aa:27:6e:fe:3c:8f:1d:02:
52:a5:ec:58:07:ac:7d:6a:9b:ae:a6:5f:c4:3c:63:
7e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:21:A3:0E:00:40:D3:08:83:0D:17:45:5B:6D:85:18:5E:62:01:C5
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ByGjDgBA0wiDDRdFW22FGF5iAcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.88.0/24
194.233.8.0/22
195.180.177.0/24
212.40.181.0/24
Signature Algorithm: sha256WithRSAEncryption
22:b6:c7:f0:03:64:52:4f:6a:81:03:ec:91:bc:3e:1b:90:f3:
56:de:8d:02:20:90:b7:a0:e2:42:84:61:85:ea:a1:c4:d7:59:
b9:a3:3f:e4:ad:c4:1c:86:60:4a:62:97:10:1f:9b:65:19:47:
ed:e4:26:26:e8:67:c4:e9:ce:67:2f:f4:53:3e:a8:8e:6c:cc:
3b:5f:70:f6:cf:c6:57:22:75:a1:95:68:65:11:dd:8b:03:03:
5f:23:d7:6a:8f:5f:9f:a0:c2:02:4e:81:0a:57:51:6c:bc:8d:
b9:50:46:64:da:5a:96:1f:40:45:a9:f8:77:7b:77:4f:c9:30:
27:af:e6:e0:e7:39:12:26:a8:96:5c:3c:f7:76:38:91:88:be:
d6:61:52:7f:dc:ec:9d:22:25:62:15:9e:3f:32:56:e9:a3:4b:
91:14:2f:f1:09:aa:b0:07:da:8e:93:44:3f:42:51:15:8f:7e:
16:d6:cc:cb:b7:6c:4a:3a:eb:e2:71:22:91:1a:b2:11:35:e6:
60:d0:38:bb:69:aa:1f:70:0f:b8:c3:e0:e3:c2:7e:85:f1:c9:
16:43:f1:eb:5b:66:42:ce:bf:89:f2:90:f7:51:2d:10:b9:66:
79:c8:28:fa:e0:04:34:d9:e6:f0:8c:5e:14:a7:58:7d:a6:7c:
21:ad:b0:f5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDR/rFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDUw
MzExMDY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDcyMWEzMGUwMDQw
ZDMwODgzMGQxNzQ1NWI2ZDg1MTg1ZTYyMDFjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJT0UnigVOJ/pS0elTPRZDM75W2fJ+sN3JQSMyMD9xFG2abI
BCc8iRgJFNdbsRfDhvjJ64DN3w9SFSfCh1yToH7p8xonSnnSIAlcF1ygYmv664Kp
eQclUz6G6zB/ooxOLmdKCFWegPfV2o3vP9h0Y5p1JfD5BdjeSxST4tq4z8vVc8BQ
65o+QQ9IWOBi9xtd0ysL9VPOvDWQz8JfZsa454yrreQzspxs8N9PsoH97Qda6EW9
z6Ey4Z6NNb1SzOUcJZt8Wzh9ZnTDXPo8jYEA+HFTRj0yUb7r8kSdIxvq4wdSm0U9
cWBjsKonbv48jx0CUqXsWAesfWqbrqZfxDxjfukCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQHIaMOAEDTCIMNF0VbbYUYXmIBxTAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L0J5R2pEZ0JBMHdpRERSZEZXMjJGR0Y1aUFjVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMJAWAMEAsLpCAMEAMO0sQMEANQo
tTANBgkqhkiG9w0BAQsFAAOCAQEAIrbH8ANkUk9qgQPskbw+G5DzVt6NAiCQt6Di
QoRhheqhxNdZuaM/5K3EHIZgSmKXEB+bZRlH7eQmJuhnxOnOZy/0Uz6ojmzMO19w
9s/GVyJ1oZVoZRHdiwMDXyPXao9fn6DCAk6BCldRbLyNuVBGZNpalh9ARan4d3t3
T8kwJ6/m4Oc5Eiaollw893Y4kYi+1mFSf9zsnSIlYhWePzJW6aNLkRQv8QmqsAfa
jpNEP0JRFY9+FtbMy7dsSjrr4nEikRqyETXmYNA4u2mqH3APuMPg48J+hfHJFkPx
61tmQs6/ifKQ91EtELlmecgo+uAENNnm8IxeFKdYfaZ8Ia2w9Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:05 2025 by rpki-client