Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/FDH2u3bQ3Rocky17p-3oHLYMY7Y.roa
File: FDH2u3bQ3Rocky17p-3oHLYMY7Y.roa (raw, json)
Hash identifier: U4swpUiJHxzLF+OQ4/FBaRxzcFsBNQZBmc/Q00vMFis=
Subject key identifier: 14:31:F6:BB:76:D0:DD:1A:1C:93:2D:7B:A7:ED:E8:1C:B6:0C:63:B6
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 085ED161
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/FDH2u3bQ3Rocky17p-3oHLYMY7Y.roa
Signing time: Sat 01 Jan 2022 06:05:46 +0000
ROA not before: Sat 01 Jan 2022 06:05:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34393
IP address blocks: 45.85.184.0/22 maxlen: 22
95.215.24.0/21 maxlen: 21
95.215.20.0/22 maxlen: 22
195.177.64.0/22 maxlen: 22
195.177.84.0/22 maxlen: 22
2001:67c:2f64::/48 maxlen: 48
2a0e:c980::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140431713 (0x85ed161)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 1 06:05:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1431f6bb76d0dd1a1c932d7ba7ede81cb60c63b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7c:f3:b8:5a:bf:96:59:0d:3a:55:ea:2c:0d:
68:07:aa:f9:c9:c4:d4:21:b4:8e:2e:8a:7c:1b:a4:
de:a3:a1:bf:7c:75:a2:37:2e:8f:6b:84:68:a9:bf:
b4:70:b4:d7:09:2e:e1:71:c2:3f:b8:af:88:47:c2:
43:cf:81:b3:9d:da:23:f4:93:c2:87:6a:ec:d4:68:
fe:01:f6:78:bc:d3:71:51:2a:1b:62:03:4c:ef:27:
14:39:90:d7:31:c5:ab:cc:89:f3:fc:dc:f6:9d:b4:
5e:f8:81:33:18:2a:2f:bf:fc:69:71:6b:b2:d1:28:
b7:d5:df:4c:aa:c6:f2:5b:b6:ce:33:ab:5e:8a:9f:
da:40:ef:6b:cc:4f:a6:65:4f:aa:c4:c5:d9:08:35:
59:a4:fb:4e:87:cb:1e:1f:c8:ce:aa:00:d2:d4:9a:
ff:8d:69:ba:ab:c9:5c:ac:e7:60:c0:36:cb:b6:4e:
df:4d:1f:b0:cc:f1:72:20:54:8a:94:79:00:9a:c6:
a1:ae:5d:fa:6e:00:15:9b:fa:39:06:f4:97:aa:6c:
83:2f:ce:05:eb:e6:85:28:a2:86:53:80:97:38:03:
e9:2f:9a:21:5a:ae:25:8b:4d:73:70:f7:e9:95:75:
df:4a:c1:a7:7b:9d:f8:30:7d:d9:de:d0:c8:92:7e:
ac:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:31:F6:BB:76:D0:DD:1A:1C:93:2D:7B:A7:ED:E8:1C:B6:0C:63:B6
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/FDH2u3bQ3Rocky17p-3oHLYMY7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.184.0/22
95.215.20.0-95.215.31.255
195.177.64.0/22
195.177.84.0/22
IPv6:
2001:67c:2f64::/48
2a0e:c980::/29
Signature Algorithm: sha256WithRSAEncryption
47:c2:0d:88:97:c0:47:4e:d2:c5:a2:3d:88:98:0c:ef:be:c4:
19:52:fa:9e:47:ab:ce:3b:6d:2b:96:94:bb:34:9c:0f:f7:b4:
b4:d7:f3:d6:83:d9:1d:7f:3c:37:0e:3e:d2:0c:a2:e7:af:dc:
15:05:49:7f:70:51:7e:5f:57:15:fd:05:a3:45:80:d2:ef:2d:
18:73:cc:8f:9e:69:de:fe:95:2f:a3:c2:7a:6b:44:07:65:c0:
fb:7e:ae:d2:7b:38:a4:b6:e3:a6:01:b6:aa:07:28:f6:46:e6:
03:35:84:39:bc:e7:2b:50:da:68:6d:ef:bc:83:01:c9:0f:07:
3c:c9:4e:08:1e:b0:7a:ac:16:f9:19:fa:4e:5e:34:2f:f1:2d:
72:bf:6e:b9:90:2d:b3:02:45:4a:d8:25:32:52:8f:01:07:34:
b5:ad:e1:7d:03:48:3c:89:61:33:5f:59:24:fe:0a:50:85:c5:
ff:e0:e5:c2:69:b6:3a:0d:c8:1d:f1:53:1f:0d:ab:e9:cf:00:
90:3b:18:11:26:1f:fc:f4:e5:a4:39:21:d0:8f:05:4c:73:d8:
05:30:6f:c2:b1:db:ce:4f:b7:82:1d:84:75:b9:98:0c:22:79:
cd:b8:ad:32:1a:99:e8:dd:28:4a:af:d5:8b:2e:8c:ef:20:1c:
01:c5:bd:ef
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECF7RYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODExYTJjOWZjOGRlOTY3OWJiMTU4NTgxYjEwY2VhZWU5MWZmNzkxMB4XDTIyMDEw
MTA2MDU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQzMWY2YmI3NmQw
ZGQxYTFjOTMyZDdiYTdlZGU4MWNiNjBjNjNiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKB887hav5ZZDTpV6iwNaAeq+cnE1CG0ji6KfBuk3qOhv3x1
ojcuj2uEaKm/tHC01wku4XHCP7iviEfCQ8+Bs53aI/STwodq7NRo/gH2eLzTcVEq
G2IDTO8nFDmQ1zHFq8yJ8/zc9p20XviBMxgqL7/8aXFrstEot9XfTKrG8lu2zjOr
Xoqf2kDva8xPpmVPqsTF2Qg1WaT7TofLHh/IzqoA0tSa/41puqvJXKznYMA2y7ZO
300fsMzxciBUipR5AJrGoa5d+m4AFZv6OQb0l6psgy/OBevmhSiihlOAlzgD6S+a
IVquJYtNc3D36ZV130rBp3ud+DB92d7QyJJ+rB0CAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBQUMfa7dtDdGhyTLXun7egctgxjtjAfBgNVHSMEGDAWgBSoEaLJ/I3pZ5ux
WFgbEM6u6R/3kTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FCR2l5ZnlONldlYnNWaFlHeERPcnVrZjk1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8x
L0ZESDJ1M2JRM1JvY2t5MTdwLTNvSExZTVk3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8xL3FCR2l5ZnlONldl
YnNWaFlHeERPcnVrZjk1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwJgQCAAEwIAMEAi1VuDAMAwQCX9cUAwQFX9cAAwQC
w7FAAwQCw7FUMBYEAgACMBADBwAgAQZ8L2QDBQMqDsmAMA0GCSqGSIb3DQEBCwUA
A4IBAQBHwg2Il8BHTtLFoj2ImAzvvsQZUvqeR6vOO20rlpS7NJwP97S01/PWg9kd
fzw3Dj7SDKLnr9wVBUl/cFF+X1cV/QWjRYDS7y0Yc8yPnmne/pUvo8J6a0QHZcD7
fq7SeziktuOmAbaqByj2RuYDNYQ5vOcrUNpobe+8gwHJDwc8yU4IHrB6rBb5GfpO
XjQv8S1yv265kC2zAkVK2CUyUo8BBzS1reF9A0g8iWEzX1kk/gpQhcX/4OXCabY6
Dcgd8VMfDavpzwCQOxgRJh/89OWkOSHQjwVMc9gFMG/CsdvOT7eCHYR1uZgMInnN
uK0yGpno3ShKr9WLLozvIBwBxb3v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-fra.rpki-client.org