Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/6DdOBr6c9LG87CC4Yu7d4NJjOag.roa
File: 6DdOBr6c9LG87CC4Yu7d4NJjOag.roa (raw, json)
Hash identifier: +DA1lID0Omp2HAcBJRPPfc71J/3P0tz0GrMWccRvvrg=
Subject key identifier: E8:37:4E:06:BE:9C:F4:B1:BC:EC:20:B8:62:EE:DD:E0:D2:63:39:A8
Certificate issuer: /CN=61b195d13050ff3c468a149778710b53582251d9
Certificate serial: 0183F0BAB7A2034E66D03915A18D9BCFC0D2
Authority key identifier: 61:B1:95:D1:30:50:FF:3C:46:8A:14:97:78:71:0B:53:58:22:51:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbGV0TBQ_zxGihSXeHELU1giUdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/6DdOBr6c9LG87CC4Yu7d4NJjOag.roa
Signing time: Wed 19 Oct 2022 14:51:52 +0000
ROA not before: Wed 19 Oct 2022 14:51:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15925
IP address blocks: 46.21.0.0/20 maxlen: 20
87.253.240.0/20 maxlen: 20
213.135.192.0/19 maxlen: 19
2a01:7f8::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:ba:b7:a2:03:4e:66:d0:39:15:a1:8d:9b:cf:c0:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b195d13050ff3c468a149778710b53582251d9
Validity
Not Before: Oct 19 14:51:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8374e06be9cf4b1bcec20b862eedde0d26339a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1b:db:35:d0:44:d9:6d:fd:e2:45:b1:ad:df:
6b:6a:3c:47:e5:f6:5a:a5:b8:6e:fd:e3:75:3c:9b:
ae:93:1e:3c:3e:99:e8:93:ab:0e:60:c1:a3:a6:78:
db:5c:a1:d8:b1:fe:dc:f3:70:43:e1:39:64:af:35:
4e:19:44:d7:11:b0:13:e6:46:13:aa:0e:96:c8:d3:
23:c9:7b:76:b3:2f:31:6e:99:1e:d9:72:2c:39:e8:
c9:94:5b:80:b8:92:58:57:df:79:0f:eb:d0:a7:58:
05:f5:3c:50:0a:8f:25:67:fc:2e:63:27:a8:bc:a3:
d4:ff:b9:f0:6d:97:0f:33:b9:4b:e8:6b:13:73:a4:
47:00:69:63:b9:e6:ad:f2:71:6f:a5:ef:81:92:48:
15:de:18:5b:9a:05:22:71:3d:28:a3:8a:f6:e8:a6:
17:25:0d:0e:26:50:7c:e7:f3:bc:e3:62:c7:a1:90:
10:67:f8:d3:1b:68:6e:6d:5e:a9:5a:4f:82:5b:bb:
41:bc:ea:f9:ae:00:29:40:f1:42:f7:1e:4c:68:8b:
ac:7a:be:1e:75:57:f0:a1:82:09:9a:5e:4a:b2:c0:
36:0d:54:48:11:e9:c4:05:ec:28:70:87:0f:cf:d7:
eb:6b:70:5a:03:02:c6:35:b7:33:87:d8:e0:de:87:
72:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:37:4E:06:BE:9C:F4:B1:BC:EC:20:B8:62:EE:DD:E0:D2:63:39:A8
X509v3 Authority Key Identifier:
keyid:61:B1:95:D1:30:50:FF:3C:46:8A:14:97:78:71:0B:53:58:22:51:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbGV0TBQ_zxGihSXeHELU1giUdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/6DdOBr6c9LG87CC4Yu7d4NJjOag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/YbGV0TBQ_zxGihSXeHELU1giUdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.0.0/20
87.253.240.0/20
213.135.192.0/19
IPv6:
2a01:7f8::/29
Signature Algorithm: sha256WithRSAEncryption
58:38:59:c4:0b:c2:2c:22:e3:fe:9c:9a:42:bd:04:8f:28:8e:
f0:4c:fa:5d:5b:15:80:04:ac:10:c6:c0:db:51:78:21:7f:f2:
51:3e:c9:d6:f9:af:c0:83:02:f1:70:fc:af:66:ca:1b:a4:70:
24:9a:0b:f2:9f:66:f6:60:57:ad:a3:c6:42:9d:2b:fb:d2:a0:
ce:28:80:f6:91:06:3b:7e:b4:d9:94:3c:20:20:b6:16:03:86:
e1:5c:a3:be:77:18:f1:78:59:b5:b7:42:d3:a4:c8:d2:b8:49:
08:65:ee:27:65:b4:0c:95:6f:4f:b4:dd:b7:64:2d:dd:ea:d9:
bd:09:18:d2:bb:71:65:66:6f:16:fd:09:84:6e:ae:34:3b:c9:
88:25:c3:5b:b7:15:ab:4c:3c:d7:9a:00:43:b5:0f:fe:5a:de:
ad:9e:ce:dd:e0:05:b8:ad:78:b7:28:29:04:6a:41:4e:2f:4f:
a5:22:3d:5d:b5:63:9a:a7:96:17:ae:70:58:6f:d4:c3:a1:c2:
eb:98:39:c5:ca:f5:56:9c:ac:fd:04:5f:b9:c7:e4:08:d7:2c:
b3:f4:94:89:bc:1d:a9:0f:14:86:5f:51:18:d6:f6:88:0d:d6:
e2:3c:e0:69:51:38:bb:5e:ce:b4:d1:d0:28:6f:8a:52:da:5c:
c4:16:7a:49
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYPwureiA05m0DkVoY2bz8DSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjE5NWQxMzA1MGZmM2M0NjhhMTQ5Nzc4NzEwYjUzNTgy
MjUxZDkwHhcNMjIxMDE5MTQ1MTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODM3NGUwNmJlOWNmNGIxYmNlYzIwYjg2MmVlZGRlMGQyNjMzOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhvbNdBE2W394kWxrd9rajxH5fZa
pbhu/eN1PJuukx48Ppnok6sOYMGjpnjbXKHYsf7c83BD4TlkrzVOGUTXEbAT5kYT
qg6WyNMjyXt2sy8xbpke2XIsOejJlFuAuJJYV995D+vQp1gF9TxQCo8lZ/wuYyeo
vKPU/7nwbZcPM7lL6GsTc6RHAGljueat8nFvpe+BkkgV3hhbmgUicT0oo4r26KYX
JQ0OJlB85/O842LHoZAQZ/jTG2hubV6pWk+CW7tBvOr5rgApQPFC9x5MaIuser4e
dVfwoYIJml5KssA2DVRIEenEBewocIcPz9fra3BaAwLGNbczh9jg3odyKQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOg3Tga+nPSxvOwguGLu3eDSYzmoMB8GA1UdIwQY
MBaAFGGxldEwUP88RooUl3hxC1NYIlHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJHVjBUQlFfenhHaWhTWGVIRUxVMWdpVWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8yZjNjMTktNTZkNS00OTI0LThiY2It
YmFjNDcyYWI3YjZhLzEvNkRkT0JyNmM5TEc4N0NDNFl1N2Q0TkpqT2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8yZjNjMTktNTZkNS00OTI0LThiY2ItYmFjNDcyYWI3YjZh
LzEvWWJHVjBUQlFfenhHaWhTWGVIRUxVMWdpVWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELhUAAwQE
V/3wAwQF1YfAMA0EAgACMAcDBQMqAQf4MA0GCSqGSIb3DQEBCwUAA4IBAQBYOFnE
C8IsIuP+nJpCvQSPKI7wTPpdWxWABKwQxsDbUXghf/JRPsnW+a/AgwLxcPyvZsob
pHAkmgvyn2b2YFeto8ZCnSv70qDOKID2kQY7frTZlDwgILYWA4bhXKO+dxjxeFm1
t0LTpMjSuEkIZe4nZbQMlW9PtN23ZC3d6tm9CRjSu3FlZm8W/QmEbq40O8mIJcNb
txWrTDzXmgBDtQ/+Wt6tns7d4AW4rXi3KCkEakFOL0+lIj1dtWOap5YXrnBYb9TD
ocLrmDnFyvVWnKz9BF+5x+QI1yyz9JSJvB2pDxSGX1EY1vaIDdbiPOBpUTi7Xs60
0dAob4pS2lzEFnpJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:22 2024 by rpki-client on console-fra.rpki-client.org