Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WQ4INluT6vCPs55PGlLgAQI60wE.roa
File: WQ4INluT6vCPs55PGlLgAQI60wE.roa (raw, json)
Hash identifier: jQutHXWPcMCbG41UrhpC+yeJttyqFJAxjduh4cIG2Cs=
Subject key identifier: 59:0E:08:36:5B:93:EA:F0:8F:B3:9E:4F:1A:52:E0:01:02:3A:D3:01
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD53048175844BCE5E5549AD16112C7
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WQ4INluT6vCPs55PGlLgAQI60wE.roa
Signing time: Mon 02 Jan 2023 00:15:20 +0000
ROA not before: Mon 02 Jan 2023 00:15:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52044
IP address blocks: 93.113.255.0/24 maxlen: 24
46.102.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:30:48:17:58:44:bc:e5:e5:54:9a:d1:61:12:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=590e08365b93eaf08fb39e4f1a52e001023ad301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4c:85:4a:58:e4:36:56:ea:86:a9:4f:8c:a7:
c6:78:4a:ce:d0:43:68:7f:f0:f5:fa:28:63:77:31:
18:cc:de:4b:85:4d:a6:a9:dc:5c:19:0f:6f:6f:58:
ba:b2:af:2c:cd:2d:b5:d9:92:be:c1:99:6f:d2:0f:
1b:6a:76:58:20:e9:65:43:48:a4:0e:f9:36:e8:04:
6a:f2:ae:83:3f:51:06:da:cf:fa:3c:42:08:65:02:
21:de:0c:72:9e:1a:1d:41:13:92:58:92:56:eb:00:
3c:55:e2:4b:da:5e:02:68:64:89:82:80:a2:d1:6a:
43:dd:92:22:73:5b:c9:3d:3c:5b:41:a1:43:22:69:
79:6b:ad:a7:bd:01:48:4d:71:30:68:ea:aa:b3:dd:
6d:cd:bb:49:25:10:8f:31:2f:66:99:62:c7:e0:7c:
03:7d:62:db:a2:74:31:44:3c:94:ea:c0:d7:a4:bf:
a6:47:df:04:1c:22:ef:c1:39:9f:09:34:f0:92:1f:
58:9f:b0:53:99:95:e6:00:d1:cf:d2:f2:19:a6:bf:
b9:68:bb:65:12:80:d3:5f:25:67:6a:5b:e4:64:8e:
af:96:ab:e0:87:e0:b7:b5:ee:08:7c:59:3d:92:b6:
8a:ad:e1:ff:cd:9b:e1:59:23:47:bc:78:75:a6:74:
b3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0E:08:36:5B:93:EA:F0:8F:B3:9E:4F:1A:52:E0:01:02:3A:D3:01
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WQ4INluT6vCPs55PGlLgAQI60wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.175.0/24
93.113.255.0/24
Signature Algorithm: sha256WithRSAEncryption
90:fe:44:df:b4:8a:7e:a0:32:99:89:b2:6c:43:91:7b:4e:01:
9c:96:a5:09:08:86:ea:c8:8c:66:97:94:5e:f3:92:61:11:e8:
a1:dd:94:4e:4b:41:0a:a0:e6:40:ce:55:9b:15:e5:b2:44:61:
0d:44:90:bf:a0:23:0b:79:b3:b1:13:8e:a4:78:f1:67:73:42:
82:35:e8:29:d1:c0:74:06:ee:09:d9:48:5a:5f:4b:d0:90:da:
04:33:1b:bc:d7:c1:96:e2:ac:d3:e4:96:09:bc:c8:11:b7:33:
c1:41:85:6c:ae:7d:eb:4f:9f:51:c9:8c:b8:6d:36:cc:be:ff:
29:93:52:23:67:3d:23:a8:0f:3d:92:a6:0f:99:fa:c9:ad:27:
ef:ab:66:13:b9:04:19:a3:ef:8b:ca:28:94:b6:1c:59:bc:3d:
d3:c0:46:cc:55:6e:5b:f5:0d:d6:2a:09:07:a4:53:32:4f:c7:
ab:b6:e6:f8:08:d2:3d:d6:bf:c0:de:a5:7e:d0:3b:93:63:8d:
45:01:4a:03:8f:82:be:06:a3:b8:72:11:e7:28:3c:03:c4:cb:
9e:3d:98:ce:94:ed:ca:ec:25:f0:1a:30:e5:e6:cf:b6:e1:6f:
bf:79:63:df:b6:d9:09:eb:40:85:57:a2:62:d5:2d:91:ec:fb:
5f:59:88:10
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVv1TBIF1hEvOXlVJrRYRLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTBlMDgzNjViOTNlYWYwOGZiMzllNGYxYTUyZTAwMTAyM2FkMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUyFSljkNlbqhqlPjKfGeErO0ENo
f/D1+ihjdzEYzN5LhU2mqdxcGQ9vb1i6sq8szS212ZK+wZlv0g8banZYIOllQ0ik
Dvk26ARq8q6DP1EG2s/6PEIIZQIh3gxynhodQROSWJJW6wA8VeJL2l4CaGSJgoCi
0WpD3ZIic1vJPTxbQaFDIml5a62nvQFITXEwaOqqs91tzbtJJRCPMS9mmWLH4HwD
fWLbonQxRDyU6sDXpL+mR98EHCLvwTmfCTTwkh9Yn7BTmZXmANHP0vIZpr+5aLtl
EoDTXyVnalvkZI6vlqvgh+C3te4IfFk9kraKreH/zZvhWSNHvHh1pnSzyQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFkOCDZbk+rwj7OeTxpS4AECOtMBMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1dRNElObHVUNnZDUHM1NVBHbExnQVFJNjB3RS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAuZq8D
BABdcf8wDQYJKoZIhvcNAQELBQADggEBAJD+RN+0in6gMpmJsmxDkXtOAZyWpQkI
hurIjGaXlF7zkmER6KHdlE5LQQqg5kDOVZsV5bJEYQ1EkL+gIwt5s7ETjqR48Wdz
QoI16CnRwHQG7gnZSFpfS9CQ2gQzG7zXwZbirNPklgm8yBG3M8FBhWyufetPn1HJ
jLhtNsy+/ymTUiNnPSOoDz2Spg+Z+smtJ++rZhO5BBmj74vKKJS2HFm8PdPARsxV
blv1DdYqCQekUzJPx6u25vgI0j3Wv8DepX7QO5NjjUUBSgOPgr4Go7hyEecoPAPE
y549mM6U7crsJfAaMOXmz7bhb795Y9+22QnrQIVXomLVLZHs+19ZiBA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org