Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/FHww86KoBnWKcZx8qKgRYPAQXqE.roa
File: FHww86KoBnWKcZx8qKgRYPAQXqE.roa (raw, json)
Hash identifier: QJxUZdtfad97jJYiGv6swA6uA92ZI6Tbg2OJ5v5PMlc=
Subject key identifier: 14:7C:30:F3:A2:A8:06:75:8A:71:9C:7C:A8:A8:11:60:F0:10:5E:A1
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0D4FF854
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/FHww86KoBnWKcZx8qKgRYPAQXqE.roa
Signing time: Thu 19 May 2022 07:09:17 +0000
ROA not before: Thu 19 May 2022 07:09:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 195.180.158.0/24 maxlen: 24
195.252.173.0/24 maxlen: 24
195.180.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 223344724 (0xd4ff854)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: May 19 07:09:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=147c30f3a2a806758a719c7ca8a81160f0105ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2f:86:c1:e1:6e:9e:7e:2b:62:a9:e4:f5:5f:
44:d6:7e:c0:00:bb:21:6a:7e:2d:43:a6:06:8c:d3:
89:e5:2b:66:e5:7c:4d:fc:ac:60:c8:dc:c3:44:4b:
4d:53:0d:80:11:37:55:9a:a0:d6:78:c7:10:d1:cf:
03:e7:e1:d9:4a:f6:6f:88:7c:67:30:43:6b:8f:c5:
7a:1c:9e:ff:58:ef:99:7e:09:11:5c:27:fa:82:cd:
bb:8d:89:b0:78:29:a9:30:ae:cb:1e:49:82:ed:fd:
d5:f1:1c:51:32:5e:5d:3b:18:45:3c:83:4a:34:0a:
ea:c4:3c:b8:a2:f9:e3:4f:cb:ed:36:12:6f:26:12:
52:1a:cd:f5:fc:19:00:e2:38:9e:2d:7a:00:6c:62:
95:35:b9:9a:f9:a6:5a:71:bd:b0:32:04:de:1f:39:
55:e0:bc:bb:44:cc:6d:65:5a:98:f4:22:eb:0f:cc:
fa:5f:9e:85:cd:d0:8f:0a:73:cb:7b:e7:3c:81:36:
fc:10:2c:70:6c:55:75:db:51:b8:28:3e:89:a3:2b:
68:27:0d:7f:0e:a8:58:ca:bb:77:8f:e0:8a:52:84:
de:dc:e7:58:3b:92:98:e9:61:af:ed:7c:6d:9d:41:
f0:c6:3b:cc:0b:1e:b4:41:dc:34:27:4f:e8:a0:3e:
0e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7C:30:F3:A2:A8:06:75:8A:71:9C:7C:A8:A8:11:60:F0:10:5E:A1
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/FHww86KoBnWKcZx8qKgRYPAQXqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.180.158.0/24
195.180.191.0/24
195.252.173.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:18:e4:b7:69:71:29:a8:91:f6:9d:1a:76:d8:ee:16:c8:6d:
b0:91:5d:42:fd:43:df:86:5a:98:90:ed:e4:ab:d0:38:7a:78:
30:6a:82:bf:ff:cd:97:78:00:19:db:39:41:cf:31:16:c1:1b:
90:43:db:41:39:0a:64:e3:0c:62:70:82:7d:2d:6c:3e:ca:38:
86:52:09:0c:6c:db:a6:51:56:e6:59:c7:9e:95:2c:73:dd:67:
a8:4e:5b:17:2e:a1:65:28:86:c8:5f:c7:02:19:a1:ed:a6:ff:
63:f8:13:bd:6e:33:42:1a:bb:75:0f:90:05:01:c8:00:ba:4e:
4a:d9:e2:ee:4e:ca:c9:a3:0b:30:6b:4f:52:36:e3:a0:97:5e:
9c:45:fb:b2:04:6c:ee:59:9f:7b:bb:a7:39:80:b3:fd:63:21:
e1:10:32:ab:84:63:0f:1b:dd:7d:ad:f5:76:41:0d:37:ca:97:
c1:78:d6:a2:5e:33:22:55:f7:a5:66:a5:f1:89:83:5f:c9:45:
9f:2c:2d:16:e3:bb:e5:4b:22:cf:4a:a4:0d:81:1b:72:83:fd:
d4:f7:c5:df:a2:a9:e8:d1:e8:ce:92:05:04:3b:0c:7e:91:8f:
90:11:2b:07:1a:b8:b4:f3:4c:5e:fc:bc:db:2a:60:aa:b5:58:
ca:ac:17:4a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDU/4VDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDUx
OTA3MDkxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQ3YzMwZjNhMmE4
MDY3NThhNzE5YzdjYThhODExNjBmMDEwNWVhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYvhsHhbp5+K2Kp5PVfRNZ+wAC7IWp+LUOmBozTieUrZuV8
TfysYMjcw0RLTVMNgBE3VZqg1njHENHPA+fh2Ur2b4h8ZzBDa4/Fehye/1jvmX4J
EVwn+oLNu42JsHgpqTCuyx5Jgu391fEcUTJeXTsYRTyDSjQK6sQ8uKL540/L7TYS
byYSUhrN9fwZAOI4ni16AGxilTW5mvmmWnG9sDIE3h85VeC8u0TMbWVamPQi6w/M
+l+ehc3Qjwpzy3vnPIE2/BAscGxVddtRuCg+iaMraCcNfw6oWMq7d4/gilKE3tzn
WDuSmOlhr+18bZ1B8MY7zAsetEHcNCdP6KA+Do0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQUfDDzoqgGdYpxnHyoqBFg8BBeoTAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L0ZId3c4NktvQm5XS2NaeDhxS2dSWVBBUVhxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMO0ngMEAMO0vwMEAMP8rTANBgkq
hkiG9w0BAQsFAAOCAQEAShjkt2lxKaiR9p0adtjuFshtsJFdQv1D34ZamJDt5KvQ
OHp4MGqCv//Nl3gAGds5Qc8xFsEbkEPbQTkKZOMMYnCCfS1sPso4hlIJDGzbplFW
5lnHnpUsc91nqE5bFy6hZSiGyF/HAhmh7ab/Y/gTvW4zQhq7dQ+QBQHIALpOStni
7k7KyaMLMGtPUjbjoJdenEX7sgRs7lmfe7unOYCz/WMh4RAyq4RjDxvdfa31dkEN
N8qXwXjWol4zIlX3pWal8YmDX8lFnywtFuO75Usiz0qkDYEbcoP91PfF36Kp6NHo
zpIFBDsMfpGPkBErBxq4tPNMXvy82ypgqrVYyqwXSg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:18 2025 by rpki-client