Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/hfNIzpZjuzD7rB8jW7j4lStdq8g.roa
File: hfNIzpZjuzD7rB8jW7j4lStdq8g.roa (raw, json)
Hash identifier: qXsdpB8nIbOLzrerv25lW5mLrhLU1lkX1867IHFFL2g=
Subject key identifier: 85:F3:48:CE:96:63:BB:30:FB:AC:1F:23:5B:B8:F8:95:2B:5D:AB:C8
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 13252806
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/hfNIzpZjuzD7rB8jW7j4lStdq8g.roa
Signing time: Sat 01 Jan 2022 04:02:55 +0000
ROA not before: Sat 01 Jan 2022 04:02:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 185.151.236.0/22 maxlen: 24
159.255.32.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321202182 (0x13252806)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 1 04:02:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85f348ce9663bb30fbac1f235bb8f8952b5dabc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:58:b9:44:b6:d0:12:3f:12:a4:e3:67:85:7d:
46:ed:9e:d4:5f:43:60:89:ed:e4:6b:07:18:e2:4e:
80:42:db:d7:9e:dd:0c:c6:9d:15:7b:5c:20:b1:2f:
42:5c:a4:49:84:70:c2:74:21:ce:ed:7d:13:7a:f9:
8e:40:0f:76:f7:6b:b2:23:78:6c:95:fa:a1:80:8e:
6c:13:d8:61:4a:23:02:3e:2b:c0:7e:9c:2a:de:db:
0f:91:73:a9:7e:e4:2c:ca:a9:31:d4:1a:30:09:58:
24:24:fd:f9:d1:78:65:c1:be:b3:b2:0b:ec:68:cd:
cf:bd:76:84:4d:f8:22:7a:be:7b:14:09:51:ab:4a:
31:d8:f0:4e:7a:57:a8:7e:84:d5:a0:71:65:5b:5b:
b4:1e:2b:59:2d:19:ea:02:a5:9c:33:22:5a:a3:56:
be:41:38:22:52:ed:de:78:9c:e6:24:f0:38:c8:88:
9d:70:75:3c:e7:78:5e:0c:37:a2:bc:31:dc:92:ea:
38:a1:ce:45:c1:36:a2:10:eb:24:d1:f1:f7:bb:eb:
94:64:76:22:37:3c:25:4b:50:df:68:a4:f8:2d:4c:
4e:8e:cc:6c:a3:b6:82:bb:3a:6c:da:8e:9a:0a:8e:
f4:3c:c0:32:e1:bc:71:87:da:5c:9d:59:37:7f:36:
81:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F3:48:CE:96:63:BB:30:FB:AC:1F:23:5B:B8:F8:95:2B:5D:AB:C8
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/hfNIzpZjuzD7rB8jW7j4lStdq8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.32.0/21
185.151.236.0/22
Signature Algorithm: sha256WithRSAEncryption
23:bc:94:85:71:45:b2:0c:95:13:64:5a:bc:2d:1a:49:a3:15:
49:60:1f:c8:ff:13:2c:62:25:19:f7:eb:5b:f6:a8:74:9f:59:
88:db:eb:80:3b:a3:81:67:35:8c:c5:ea:0c:61:b2:30:63:ae:
1a:7f:18:9c:98:0e:c6:a3:9a:8a:e3:c3:9c:81:4b:86:dc:4e:
46:c7:22:69:07:d3:08:c6:f6:66:4a:9f:4e:ed:fc:b1:cc:ef:
de:0a:41:05:48:2d:8d:8f:bc:67:6c:a9:dc:ba:d2:7a:36:3a:
43:f9:9b:f7:48:c8:c1:0b:88:83:f1:6a:8b:94:d0:df:90:51:
a2:a2:56:bb:4f:5c:a1:2e:28:ca:9b:33:11:25:0f:db:c0:6d:
26:2b:c6:ae:34:6c:7b:66:6e:03:21:d7:28:ed:99:b1:09:d1:
99:76:b6:67:8d:9f:29:78:ba:7c:00:c5:11:b1:37:e9:d7:93:
89:80:87:e5:f5:2b:74:ab:d6:d2:48:72:3b:65:ee:64:7d:0f:
26:25:17:5d:a6:87:19:0a:0a:b2:54:e7:4d:61:2d:d4:24:48:
48:19:b2:f3:8b:01:82:fc:cc:f1:ef:fd:d6:d2:36:14:14:55:
1f:90:c7:4d:d2:af:2f:1d:af:cb:f1:de:fe:29:ed:9c:5b:5c:
88:ad:b4:1b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEyUoBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDEw
MTA0MDI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVmMzQ4Y2U5NjYz
YmIzMGZiYWMxZjIzNWJiOGY4OTUyYjVkYWJjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9YuUS20BI/EqTjZ4V9Ru2e1F9DYInt5GsHGOJOgELb157d
DMadFXtcILEvQlykSYRwwnQhzu19E3r5jkAPdvdrsiN4bJX6oYCObBPYYUojAj4r
wH6cKt7bD5FzqX7kLMqpMdQaMAlYJCT9+dF4ZcG+s7IL7GjNz712hE34Inq+exQJ
UatKMdjwTnpXqH6E1aBxZVtbtB4rWS0Z6gKlnDMiWqNWvkE4IlLt3nic5iTwOMiI
nXB1POd4Xgw3orwx3JLqOKHORcE2ohDrJNHx97vrlGR2Ijc8JUtQ32ik+C1MTo7M
bKO2grs6bNqOmgqO9DzAMuG8cYfaXJ1ZN382gUcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSF80jOlmO7MPusHyNbuPiVK12ryDAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L2hmTkl6cFpqdXpEN3JCOGpXN2o0bFN0ZHE4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA5//IAMEArmX7DANBgkqhkiG9w0B
AQsFAAOCAQEAI7yUhXFFsgyVE2RavC0aSaMVSWAfyP8TLGIlGffrW/aodJ9ZiNvr
gDujgWc1jMXqDGGyMGOuGn8YnJgOxqOaiuPDnIFLhtxORsciaQfTCMb2ZkqfTu38
sczv3gpBBUgtjY+8Z2yp3LrSejY6Q/mb90jIwQuIg/Fqi5TQ35BRoqJWu09coS4o
ypszESUP28BtJivGrjRse2ZuAyHXKO2ZsQnRmXa2Z42fKXi6fADFEbE36deTiYCH
5fUrdKvW0khyO2XuZH0PJiUXXaaHGQoKslTnTWEt1CRISBmy84sBgvzM8e/91tI2
FBRVH5DHTdKvLx2vy/He/intnFtciK20Gw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org