Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c4213d-0de0-4db4-a508-822d9f855984/1/ALG7bIgwNuguLQbVpAdEqehmHBc.roa
File: ALG7bIgwNuguLQbVpAdEqehmHBc.roa (raw, json)
Hash identifier: 83ZGxxooIEbK2Rv3j9H8x6nHWMtYqh+i8DpprJQXyJ8=
Subject key identifier: 00:B1:BB:6C:88:30:36:E8:2E:2D:06:D5:A4:07:44:A9:E8:66:1C:17
Certificate issuer: /CN=6cedf4158ade98f1457cec858955626f161d2aef
Certificate serial: 10B372E9
Authority key identifier: 6C:ED:F4:15:8A:DE:98:F1:45:7C:EC:85:89:55:62:6F:16:1D:2A:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bO30FYremPFFfOyFiVVibxYdKu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c4213d-0de0-4db4-a508-822d9f855984/1/ALG7bIgwNuguLQbVpAdEqehmHBc.roa
Signing time: Sat 01 Jan 2022 13:03:42 +0000
ROA not before: Sat 01 Jan 2022 13:03:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43317
IP address blocks: 185.22.172.0/22 maxlen: 22
77.73.64.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280195817 (0x10b372e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cedf4158ade98f1457cec858955626f161d2aef
Validity
Not Before: Jan 1 13:03:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00b1bb6c883036e82e2d06d5a40744a9e8661c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cb:b9:16:01:1d:de:75:a9:71:19:51:43:05:
f2:81:af:83:fc:22:a7:73:26:d6:67:b7:4f:74:4a:
d8:ea:60:67:4b:3a:37:50:7c:10:2b:9f:fc:e8:c6:
21:6a:80:a8:df:43:ee:c3:0b:2f:82:e3:1e:8f:5c:
a9:27:8b:e1:d8:69:18:37:f6:35:2b:45:6b:82:34:
cb:47:4c:6d:41:7b:5f:dd:01:5a:16:8d:1c:81:77:
ca:bd:d4:19:76:d4:cf:22:46:d2:10:19:1c:06:66:
65:cb:45:b8:b9:0c:f8:82:f6:50:59:cf:f7:8d:be:
8e:9a:ea:1c:ac:67:04:ef:15:4b:18:18:d9:49:73:
c1:8c:69:e3:a3:0f:eb:13:f5:ad:8f:ee:60:fa:8e:
49:f6:be:a7:01:11:c8:f7:83:bd:14:0f:00:b3:a7:
a8:70:80:54:99:d9:7a:70:94:51:cd:e2:52:2a:2c:
91:f3:ac:bf:a7:0e:7c:d3:74:4f:b1:b7:fb:82:a9:
04:13:16:67:71:2f:d2:5c:10:09:9e:e6:19:98:a5:
72:79:4b:ee:ce:6d:17:99:c8:05:25:d2:68:15:31:
18:6f:5d:d2:6f:e3:d5:ad:44:21:02:f0:3a:0d:91:
06:8e:26:46:4a:39:a8:c3:cd:a8:f5:8a:8b:18:68:
31:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B1:BB:6C:88:30:36:E8:2E:2D:06:D5:A4:07:44:A9:E8:66:1C:17
X509v3 Authority Key Identifier:
keyid:6C:ED:F4:15:8A:DE:98:F1:45:7C:EC:85:89:55:62:6F:16:1D:2A:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bO30FYremPFFfOyFiVVibxYdKu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c4213d-0de0-4db4-a508-822d9f855984/1/ALG7bIgwNuguLQbVpAdEqehmHBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c4213d-0de0-4db4-a508-822d9f855984/1/bO30FYremPFFfOyFiVVibxYdKu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.64.0/21
185.22.172.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:80:50:f9:f0:bb:9f:cf:11:31:97:f6:34:96:06:4f:50:fb:
e8:78:2b:de:13:6b:a4:58:98:e3:4f:f8:10:1d:02:ff:59:7d:
a7:88:7a:ee:de:34:38:89:42:c0:c8:ee:66:83:a5:66:35:9b:
6a:74:ff:bd:3c:71:fa:b4:91:a9:21:d9:5d:f5:b7:d4:e2:37:
de:8a:a2:5a:fa:9c:66:e5:67:81:61:d6:c1:1d:fa:d0:e6:8d:
99:75:52:5c:a0:40:ba:b7:0c:41:ef:d1:c9:de:4e:76:1e:75:
4b:6b:63:a0:ae:0e:d1:cb:2d:d5:3b:94:30:f6:10:6e:7b:dd:
3a:aa:13:35:49:bd:e4:fa:6f:a1:16:8b:a1:61:16:08:82:6b:
ff:9e:e4:c5:87:f6:60:5c:ea:c1:34:74:f6:f4:82:67:6a:73:
10:a9:44:7d:36:2a:53:91:cf:c7:16:2c:af:b4:b2:d1:e7:b2:
87:c6:60:bb:60:79:a8:55:8d:4c:73:4b:79:e6:2a:03:e2:8f:
74:2c:15:8e:fa:c8:1a:b7:8d:74:29:cf:47:b2:18:d8:52:9a:
72:82:45:25:2a:67:c3:30:f2:8e:21:09:e8:d4:21:af:aa:82:
2f:e2:21:32:ad:28:3a:37:53:a2:0d:a5:f4:a2:c2:c8:74:dd:
d9:5d:79:d1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEELNy6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2VkZjQxNThhZGU5OGYxNDU3Y2VjODU4OTU1NjI2ZjE2MWQyYWVmMB4XDTIyMDEw
MTEzMDM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBiMWJiNmM4ODMw
MzZlODJlMmQwNmQ1YTQwNzQ0YTllODY2MWMxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfLuRYBHd51qXEZUUMF8oGvg/wip3Mm1me3T3RK2OpgZ0s6
N1B8ECuf/OjGIWqAqN9D7sMLL4LjHo9cqSeL4dhpGDf2NStFa4I0y0dMbUF7X90B
WhaNHIF3yr3UGXbUzyJG0hAZHAZmZctFuLkM+IL2UFnP942+jprqHKxnBO8VSxgY
2UlzwYxp46MP6xP1rY/uYPqOSfa+pwERyPeDvRQPALOnqHCAVJnZenCUUc3iUios
kfOsv6cOfNN0T7G3+4KpBBMWZ3Ev0lwQCZ7mGZilcnlL7s5tF5nIBSXSaBUxGG9d
0m/j1a1EIQLwOg2RBo4mRko5qMPNqPWKixhoMXsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQAsbtsiDA26C4tBtWkB0Sp6GYcFzAfBgNVHSMEGDAWgBRs7fQVit6Y8UV8
7IWJVWJvFh0q7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JPMzBGWXJlbVBGRmZPeUZpVlZpYnhZZEt1OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzQyMTNkLTBkZTAtNGRiNC1hNTA4LTgyMmQ5Zjg1NTk4NC8x
L0FMRzdiSWd3TnVndUxRYlZwQWRFcWVobUhCYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzQyMTNkLTBkZTAtNGRiNC1hNTA4LTgyMmQ5Zjg1NTk4NC8xL2JPMzBGWXJlbVBG
RmZPeUZpVlZpYnhZZEt1OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA01JQAMEArkWrDANBgkqhkiG9w0B
AQsFAAOCAQEAnYBQ+fC7n88RMZf2NJYGT1D76Hgr3hNrpFiY40/4EB0C/1l9p4h6
7t40OIlCwMjuZoOlZjWbanT/vTxx+rSRqSHZXfW31OI33oqiWvqcZuVngWHWwR36
0OaNmXVSXKBAurcMQe/Ryd5Odh51S2tjoK4O0cst1TuUMPYQbnvdOqoTNUm95Ppv
oRaLoWEWCIJr/57kxYf2YFzqwTR09vSCZ2pzEKlEfTYqU5HPxxYsr7Sy0eeyh8Zg
u2B5qFWNTHNLeeYqA+KPdCwVjvrIGreNdCnPR7IY2FKacoJFJSpnwzDyjiEJ6NQh
r6qCL+IhMq0oOjdTog2l9KLCyHTd2V150Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:20 2024 by rpki-client on console-fra.rpki-client.org