Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-JKdcVBZgi3_O0K3TUiMxBeQOWU.roa
File: 1-JKdcVBZgi3_O0K3TUiMxBeQOWU.roa (raw, json)
Hash identifier: 9wDV/XmE6qkfGKta7oOwGDOPFJTLCnyneUInr0bk6SA=
Subject key identifier: F8:92:9D:71:50:59:82:2D:FF:3B:42:B7:4D:48:8C:C4:17:90:39:65
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 429E33A6
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-JKdcVBZgi3_O0K3TUiMxBeQOWU.roa
Signing time: Sat 23 Apr 2022 16:33:13 +0000
ROA not before: Sat 23 Apr 2022 16:33:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62343
IP address blocks: 37.156.5.0/24 maxlen: 24
94.177.150.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1117664166 (0x429e33a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 23 16:33:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8929d715059822dff3b42b74d488cc417903965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e7:01:28:e9:5f:0c:83:bd:57:d9:ab:fa:c8:
fc:b5:f6:3b:db:6d:b3:cd:17:56:bf:41:a6:32:4e:
d9:88:b6:c6:6a:d1:38:01:e8:93:28:28:7e:eb:80:
2f:a4:47:ef:09:6a:dd:19:e1:b5:3e:82:8f:f5:c6:
29:f1:80:b9:1a:c4:be:4f:b8:63:39:72:21:95:04:
97:03:51:66:f2:89:f7:a7:1c:9b:8e:52:4e:4f:71:
df:aa:e2:a2:32:a4:4b:2d:e8:27:8b:d5:9b:7f:57:
41:a8:1a:4c:6c:97:e0:80:6d:eb:90:7c:a1:54:b2:
05:25:54:4b:57:a1:25:05:bc:00:bc:7a:bf:24:2a:
b3:81:f5:41:52:b6:57:0e:a4:4f:bb:c4:c4:19:0f:
27:35:e0:30:2c:10:61:fb:64:42:1f:c4:0b:39:74:
47:e6:12:f8:c4:f1:bc:6e:9b:cd:3e:62:43:48:38:
6d:d6:30:85:d7:fd:0b:3f:72:29:a3:26:c3:10:a7:
ec:2f:42:a7:83:10:bd:bc:ea:d4:cf:a4:a4:a5:8b:
3b:48:cf:28:70:0a:0e:ff:26:cc:96:d8:4d:52:5b:
53:19:f3:94:77:12:82:34:90:1d:e1:34:6d:d2:51:
36:cd:60:28:9b:46:65:00:a1:2e:b5:f0:58:7a:7a:
17:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:92:9D:71:50:59:82:2D:FF:3B:42:B7:4D:48:8C:C4:17:90:39:65
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-JKdcVBZgi3_O0K3TUiMxBeQOWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.5.0/24
77.81.182.0/24
94.177.51.0/24
94.177.150.0/24
Signature Algorithm: sha256WithRSAEncryption
84:5f:62:49:6e:63:df:0c:d5:72:f5:ad:e6:f0:8d:bd:84:d2:
ac:26:2e:67:d1:2c:f2:ce:82:1d:5b:42:ad:52:b0:29:5f:46:
2c:61:f1:e5:67:9b:48:ee:a6:8b:ba:44:e4:98:4d:49:b9:34:
8c:dc:3c:01:6d:0e:b5:b4:22:7e:4d:40:15:cf:3d:8b:aa:92:
1a:31:12:5a:56:89:46:88:1e:d4:9a:5c:96:5b:48:18:66:aa:
d7:f7:40:0c:1c:0c:e2:80:ee:31:2c:16:7a:11:2b:94:63:f5:
f0:f3:e3:af:47:25:83:69:17:03:d9:2c:02:0c:da:f9:ed:46:
7e:a4:8c:b1:ea:c5:8c:f9:ac:20:04:1f:62:87:a7:c4:e4:63:
0e:09:48:c6:42:76:e0:35:3b:a5:74:44:9a:fd:9b:fb:cc:be:
91:94:72:25:d8:59:8c:96:18:3f:ac:48:c2:cd:e6:b8:91:55:
e9:4a:e1:7e:f1:bc:54:c6:1a:8e:12:d1:e6:2d:0a:63:b5:64:
eb:06:3f:4d:87:ef:cc:fa:a3:95:69:ae:6c:c1:96:6d:46:b6:
1b:1e:69:a8:98:f7:1a:1b:d3:21:f8:24:a6:3d:a5:df:9b:3e:
90:52:c2:76:63:30:5d:8a:3e:d7:42:19:38:65:75:af:29:42:
8f:9b:2a:ee
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEQp4zpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDQy
MzE2MzMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg5MjlkNzE1MDU5
ODIyZGZmM2I0MmI3NGQ0ODhjYzQxNzkwMzk2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjnASjpXwyDvVfZq/rI/LX2O9tts80XVr9BpjJO2Yi2xmrR
OAHokygofuuAL6RH7wlq3RnhtT6Cj/XGKfGAuRrEvk+4YzlyIZUElwNRZvKJ96cc
m45STk9x36riojKkSy3oJ4vVm39XQagaTGyX4IBt65B8oVSyBSVUS1ehJQW8ALx6
vyQqs4H1QVK2Vw6kT7vExBkPJzXgMCwQYftkQh/ECzl0R+YS+MTxvG6bzT5iQ0g4
bdYwhdf9Cz9yKaMmwxCn7C9Cp4MQvbzq1M+kpKWLO0jPKHAKDv8mzJbYTVJbUxnz
lHcSgjSQHeE0bdJRNs1gKJtGZQChLrXwWHp6F38CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBT4kp1xUFmCLf87QrdNSIzEF5A5ZTAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGOBggrBgEFBQcBCwSB
gTB/MH0GCCsGAQUFBzALhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS8xLUpLZGNWQlpnaTNfTzBLM1RVaU14QmVRT1dVLnJvYTCBggYDVR0fBHsweTB3
oHWgc4ZxcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83
OC9kYTMzOTgtNjY5OC00NWYyLWJhYWUtOTJlMjVmZTE2MzMxLzEvMS1PWW1OT0c5
VVRPcDNrVVNycGpLMGJJaG0xay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEACWcBQMEAE1RtgMEAF6xMwME
AF6xljANBgkqhkiG9w0BAQsFAAOCAQEAhF9iSW5j3wzVcvWt5vCNvYTSrCYuZ9Es
8s6CHVtCrVKwKV9GLGHx5WebSO6mi7pE5JhNSbk0jNw8AW0OtbQifk1AFc89i6qS
GjESWlaJRoge1JpclltIGGaq1/dADBwM4oDuMSwWehErlGP18PPjr0clg2kXA9ks
Agza+e1GfqSMserFjPmsIAQfYoenxORjDglIxkJ24DU7pXREmv2b+8y+kZRyJdhZ
jJYYP6xIws3muJFV6UrhfvG8VMYajhLR5i0KY7Vk6wY/TYfvzPqjlWmubMGWbUa2
Gx5pqJj3GhvTIfgkpj2l35s+kFLCdmMwXYo+10IZOGV1rylCj5sq7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org