Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/BPXpcVO38YPwKYxtZOPeCduZz9A.roa
File: BPXpcVO38YPwKYxtZOPeCduZz9A.roa (raw, json)
Hash identifier: a/zyJq/F6oahLWg3NZOBKFlZTi6krlHBpF+2ZUpFij8=
Subject key identifier: 04:F5:E9:71:53:B7:F1:83:F0:29:8C:6D:64:E3:DE:09:DB:99:CF:D0
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 018C3BCA7C63B8173E10F930B8F877F952F3
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/BPXpcVO38YPwKYxtZOPeCduZz9A.roa
Signing time: Tue 05 Dec 2023 21:02:54 +0000
ROA not before: Tue 05 Dec 2023 21:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/18 maxlen: 22
2a02:cec0::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:ca:7c:63:b8:17:3e:10:f9:30:b8:f8:77:f9:52:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: Dec 5 21:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04f5e97153b7f183f0298c6d64e3de09db99cfd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:87:eb:26:52:2c:41:08:27:86:99:97:1f:
30:c5:3b:f5:3a:d6:00:c7:bf:0f:30:67:07:52:00:
e0:5e:60:88:56:5e:b2:51:6a:42:f7:af:58:43:5a:
ee:18:b6:ab:9d:f1:88:2e:a7:5d:26:5e:df:e4:22:
98:ed:e6:0d:ec:e9:a1:86:0b:cd:08:5b:d8:86:04:
03:ed:b6:39:e7:88:11:c2:ce:dc:56:4e:e5:b0:6f:
36:de:1b:1e:25:78:07:24:08:a2:f9:c9:a6:66:13:
a9:a8:9a:6e:2d:a6:00:46:4a:8f:cf:05:95:1a:ac:
f6:69:cc:c8:5b:25:4b:0f:3d:a4:64:f6:70:88:7d:
ed:31:b6:9d:6f:b9:a2:af:84:4f:7d:8b:5c:31:49:
b5:63:82:d2:04:6b:b7:cd:48:7f:50:1d:2d:fa:d7:
fb:05:1b:cc:64:57:ae:b2:96:c5:00:ab:35:90:be:
1c:e0:f2:64:40:86:a7:93:a9:cc:d2:44:ee:5d:f0:
71:cb:e1:9b:f8:33:e7:00:ba:16:2a:aa:26:09:db:
72:18:8b:21:21:a7:77:ab:3a:46:ac:b8:b3:74:bd:
b7:e9:11:77:d1:97:d6:e1:fa:59:f6:91:0f:ba:5d:
c7:5b:0d:69:f3:ff:31:0a:bb:9d:3f:5c:f2:96:62:
b9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F5:E9:71:53:B7:F1:83:F0:29:8C:6D:64:E3:DE:09:DB:99:CF:D0
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/BPXpcVO38YPwKYxtZOPeCduZz9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0/18
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
4f:0a:6b:ec:97:9a:f2:6e:70:d9:5b:19:b4:28:65:8b:61:50:
97:f2:8a:e9:72:4b:aa:c9:08:4c:cb:39:25:fa:50:9a:8c:34:
31:25:93:d8:83:55:8e:6d:04:0c:c5:5a:19:16:85:03:38:f6:
d5:e4:78:67:8b:e4:54:aa:af:a3:74:7a:ba:01:0e:bf:b3:18:
f7:2c:a4:24:2a:dc:1d:c2:14:fb:ca:fc:57:ad:99:34:88:cd:
80:41:9a:2e:1c:14:ef:f1:68:53:f0:57:ec:4e:99:44:6e:32:
fa:99:a0:a9:56:bf:04:97:30:81:b5:63:5d:cd:78:ea:59:8c:
3b:58:30:37:ce:64:da:83:46:e0:3a:bb:43:32:4a:b6:8a:71:
ae:87:53:1a:f1:3f:34:3f:5b:f8:84:99:40:d7:63:7c:98:37:
dc:63:c0:95:47:7b:80:7a:e5:00:1e:2b:76:7b:92:db:98:4b:
8f:8c:16:3c:dc:97:3a:39:73:f6:11:34:db:ee:ad:e2:47:82:
43:b4:ed:8b:42:d5:86:35:8d:c7:35:71:c6:0f:d0:dd:bf:20:
04:80:d6:dc:74:73:bc:b7:ae:13:c1:5d:80:a0:ac:1f:b7:53:
b6:f2:2d:b3:6a:d4:3a:ec:ef:2e:b8:ac:33:59:df:b6:87:be:
d0:50:05:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw7ynxjuBc+EPkwuPh3+VLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjhmZTI1OGExYjliZjYxNDhhNmNlMGU4YTcxMmYxODg0
MDkwNGMwHhcNMjMxMjA1MjEwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGY1ZTk3MTUzYjdmMTgzZjAyOThjNmQ2NGUzZGUwOWRiOTljZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8iH6yZSLEEIJ4aZlx8wxTv1OtYA
x78PMGcHUgDgXmCIVl6yUWpC969YQ1ruGLarnfGILqddJl7f5CKY7eYN7OmhhgvN
CFvYhgQD7bY554gRws7cVk7lsG823hseJXgHJAii+cmmZhOpqJpuLaYARkqPzwWV
Gqz2aczIWyVLDz2kZPZwiH3tMbadb7mir4RPfYtcMUm1Y4LSBGu3zUh/UB0t+tf7
BRvMZFeuspbFAKs1kL4c4PJkQIank6nM0kTuXfBxy+Gb+DPnALoWKqomCdtyGIsh
Iad3qzpGrLizdL236RF30ZfW4fpZ9pEPul3HWw1p8/8xCrudP1zylmK5XwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAT16XFTt/GD8CmMbWTj3gnbmc/QMB8GA1UdIwQY
MBaAFLMo/iWKG5v2FIps4OinEvGIQJBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODkt
ZWQ4NGEwMDU4YTlmLzEvQlBYcGNWTzM4WVB3S1l4dFpPUGVDZHVaejlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODktZWQ4NGEwMDU4YTlm
LzEvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGU6yAMA0E
AgACMAcDBQIqAs7AMA0GCSqGSIb3DQEBCwUAA4IBAQBPCmvsl5rybnDZWxm0KGWL
YVCX8orpckuqyQhMyzkl+lCajDQxJZPYg1WObQQMxVoZFoUDOPbV5Hhni+RUqq+j
dHq6AQ6/sxj3LKQkKtwdwhT7yvxXrZk0iM2AQZouHBTv8WhT8FfsTplEbjL6maCp
Vr8ElzCBtWNdzXjqWYw7WDA3zmTag0bgOrtDMkq2inGuh1Ma8T80P1v4hJlA12N8
mDfcY8CVR3uAeuUAHit2e5LbmEuPjBY83Jc6OXP2ETTb7q3iR4JDtO2LQtWGNY3H
NXHGD9DdvyAEgNbcdHO8t64TwV2AoKwft1O28i2zatQ67O8uuKwzWd+2h77QUAVG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:51 2024 by rpki-client on console-ams.rpki-client.org