Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/NPJgxFbo3pOxfEYLsI9WjMconFU.roa
File: NPJgxFbo3pOxfEYLsI9WjMconFU.roa (raw, json)
Hash identifier: 3wHmydOE6Qch3yt0qq56tdZAGy43jcvStj9q+iTQGzQ=
Subject key identifier: 34:F2:60:C4:56:E8:DE:93:B1:7C:46:0B:B0:8F:56:8C:C7:28:9C:55
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 065802D2
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/NPJgxFbo3pOxfEYLsI9WjMconFU.roa
Signing time: Sat 01 Jan 2022 05:00:28 +0000
ROA not before: Sat 01 Jan 2022 05:00:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/18 maxlen: 18
2a02:cec0::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106431186 (0x65802d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: Jan 1 05:00:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34f260c456e8de93b17c460bb08f568cc7289c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a5:36:7a:8e:1c:55:46:f2:93:79:9d:1d:ab:
98:a8:ff:39:04:38:f0:ba:79:01:6d:ad:df:c6:12:
09:64:c8:ee:d0:ed:75:3d:59:8c:c6:c0:47:b1:dc:
20:cc:e9:c2:55:aa:ca:97:3b:8a:91:84:bd:e1:c3:
30:57:93:12:4b:5e:54:02:40:0c:60:59:c8:da:2b:
66:2a:f0:14:a0:4a:ab:72:82:23:78:ca:5b:f8:34:
8a:f8:d6:42:90:60:b4:5b:68:5e:5c:d1:a5:26:bc:
3a:33:3f:45:6b:87:ab:81:78:8e:24:6d:fd:48:26:
72:c4:46:a7:0b:9a:70:61:3d:a1:4a:34:75:46:88:
71:a6:80:0c:00:56:ea:e5:f5:17:58:8f:22:da:21:
cb:e4:13:c8:aa:7c:a4:17:7a:5d:e8:b4:d3:81:69:
ed:21:b5:02:24:34:bb:07:ad:ec:56:55:ab:a0:77:
68:36:f8:e1:3a:5b:8b:2e:a8:c0:eb:cb:63:6c:6f:
23:63:f0:eb:55:d6:0f:29:50:b8:c8:63:70:0c:0e:
92:bb:c3:7c:2b:6f:07:e8:ed:c8:d5:b1:dd:e6:d1:
6c:a5:39:5b:c3:2f:f6:2e:cd:f5:cc:1d:a3:9f:d4:
ab:54:7c:a3:d2:31:d8:1b:79:43:15:da:ea:1e:2c:
57:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F2:60:C4:56:E8:DE:93:B1:7C:46:0B:B0:8F:56:8C:C7:28:9C:55
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/NPJgxFbo3pOxfEYLsI9WjMconFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0/18
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
a0:97:bd:fe:96:63:c1:a4:1a:26:66:9a:71:08:1f:8e:68:25:
51:b5:30:9c:c3:69:9a:b2:a4:52:16:b7:c9:7a:f4:af:0c:c9:
ba:f8:a7:27:03:68:1e:ff:ef:00:8a:93:b0:ea:c9:7c:03:63:
87:fa:97:7c:34:49:57:36:03:43:bc:59:7a:c9:21:ff:b4:7c:
a3:75:ba:ea:1e:17:d8:7a:c8:1a:50:78:7c:99:d4:fc:24:b6:
54:3b:de:61:98:8c:cd:52:f2:6b:31:bd:73:ed:eb:b3:92:29:
0f:8c:87:8e:7b:f0:7d:38:21:49:d3:1b:4b:d4:14:43:10:49:
83:e3:cd:3b:e5:39:14:19:fd:d0:a6:e6:a4:a1:77:78:cb:dc:
ea:18:40:36:e8:e6:8d:10:06:a1:ad:29:14:b6:c1:3d:50:77:
ce:5a:83:a5:3e:b1:04:26:14:93:7d:88:83:7d:7e:66:dc:8e:
b7:d4:ff:03:44:ce:5e:96:d0:2f:30:a6:6d:1b:5e:9e:4f:6e:
17:73:a7:2d:cd:66:93:6b:7a:be:cc:6f:9b:ab:7b:5f:a9:01:
11:93:33:3a:dd:1f:f0:dc:ca:3e:8b:02:89:be:69:79:84:2a:
6c:30:3d:ff:5a:a6:9b:60:c0:e8:24:c7:c6:a0:c1:29:56:d8:
e5:06:56:e3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBlgC0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MzI4ZmUyNThhMWI5YmY2MTQ4YTZjZTBlOGE3MTJmMTg4NDA5MDRjMB4XDTIyMDEw
MTA1MDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRmMjYwYzQ1NmU4
ZGU5M2IxN2M0NjBiYjA4ZjU2OGNjNzI4OWM1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2lNnqOHFVG8pN5nR2rmKj/OQQ48Lp5AW2t38YSCWTI7tDt
dT1ZjMbAR7HcIMzpwlWqypc7ipGEveHDMFeTEkteVAJADGBZyNorZirwFKBKq3KC
I3jKW/g0ivjWQpBgtFtoXlzRpSa8OjM/RWuHq4F4jiRt/UgmcsRGpwuacGE9oUo0
dUaIcaaADABW6uX1F1iPItohy+QTyKp8pBd6Xei004Fp7SG1AiQ0uwet7FZVq6B3
aDb44Tpbiy6owOvLY2xvI2Pw61XWDylQuMhjcAwOkrvDfCtvB+jtyNWx3ebRbKU5
W8Mv9i7N9cwdo5/Uq1R8o9Ix2Bt5QxXa6h4sV9cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ08mDEVujek7F8Rguwj1aMxyicVTAfBgNVHSMEGDAWgBSzKP4lihub9hSK
bODopxLxiECQTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N5ai1KWW9ibV9ZVWltemc2S2NTOFloQWtFdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvYTE4OGJjLWRlZWUtNDJlYy04Mjg5LWVkODRhMDA1OGE5Zi8x
L05QSmd4RmJvM3BPeGZFWUxzSTlXak1jb25GVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
YTE4OGJjLWRlZWUtNDJlYy04Mjg5LWVkODRhMDA1OGE5Zi8xL3N5ai1KWW9ibV9Z
VWltemc2S2NTOFloQWtFdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBlOsgDANBAIAAjAHAwUCKgLOwDAN
BgkqhkiG9w0BAQsFAAOCAQEAoJe9/pZjwaQaJmaacQgfjmglUbUwnMNpmrKkUha3
yXr0rwzJuvinJwNoHv/vAIqTsOrJfANjh/qXfDRJVzYDQ7xZeskh/7R8o3W66h4X
2HrIGlB4fJnU/CS2VDveYZiMzVLyazG9c+3rs5IpD4yHjnvwfTghSdMbS9QUQxBJ
g+PNO+U5FBn90KbmpKF3eMvc6hhANujmjRAGoa0pFLbBPVB3zlqDpT6xBCYUk32I
g31+ZtyOt9T/A0TOXpbQLzCmbRtenk9uF3OnLc1mk2t6vsxvm6t7X6kBEZMzOt0f
8NzKPosCib5peYQqbDA9/1qmm2DA6CTHxqDBKVbY5QZW4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:23 2024 by rpki-client on console-fra.rpki-client.org