Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/b73bd2-ab94-4ac3-93c4-6cbcb7e3d8d2/1/EXHd94SLVRYTqSz15gkf3hVdgBI.roa
File: EXHd94SLVRYTqSz15gkf3hVdgBI.roa (raw, json)
Hash identifier: 9qdX0Z8mnQBsUb/Nu5G08kErOMc+zOywRz+naQIjGkU=
Subject key identifier: 11:71:DD:F7:84:8B:55:16:13:A9:2C:F5:E6:09:1F:DE:15:5D:80:12
Certificate issuer: /CN=2ace126fa5830911083e45f583cadb08a63ec6f9
Certificate serial: 0FE0ACAF
Authority key identifier: 2A:CE:12:6F:A5:83:09:11:08:3E:45:F5:83:CA:DB:08:A6:3E:C6:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4Sb6WDCREIPkX1g8rbCKY-xvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/b73bd2-ab94-4ac3-93c4-6cbcb7e3d8d2/1/EXHd94SLVRYTqSz15gkf3hVdgBI.roa
Signing time: Sat 01 Jan 2022 06:58:18 +0000
ROA not before: Sat 01 Jan 2022 06:58:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206984
IP address blocks: 185.169.244.0/22 maxlen: 22
212.237.212.0/22 maxlen: 22
2a0a:7700::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 266382511 (0xfe0acaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace126fa5830911083e45f583cadb08a63ec6f9
Validity
Not Before: Jan 1 06:58:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1171ddf7848b551613a92cf5e6091fde155d8012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9e:1c:ac:08:34:14:a2:bc:6e:31:3f:67:41:
0b:00:73:d8:eb:4b:e8:af:c2:f2:4d:e3:e0:1f:49:
37:c4:88:4f:0f:c1:70:af:da:20:5b:aa:2b:ff:10:
d0:6d:8f:60:2a:63:de:91:2e:5c:bd:68:52:8f:ba:
38:20:5a:89:cc:10:11:38:35:ff:de:aa:0a:a6:d4:
7a:83:b1:90:8d:8f:08:7b:8a:f2:9d:ca:42:b0:05:
67:35:a4:bb:66:54:4f:ba:6a:97:0f:d1:55:05:ec:
3f:7c:7d:07:73:46:42:c9:b9:19:b3:1d:2f:15:7c:
25:26:3d:36:c0:56:ad:e4:27:3e:57:e1:77:97:db:
b5:ad:8c:2e:44:73:2e:e8:06:b5:9e:ce:5c:80:fd:
55:45:0f:b6:ba:da:ea:d5:b4:b5:08:43:64:6b:9e:
07:fe:40:f8:a6:91:b0:c4:c2:f1:65:5e:aa:d3:ce:
4f:30:f7:6f:47:07:7c:ed:3e:d5:24:2c:16:72:b2:
6a:e6:84:a4:49:0c:c6:84:71:ea:26:04:f0:59:29:
1d:98:71:8a:2f:94:53:d3:13:bf:c2:6f:a0:7f:c8:
a2:b5:a4:f2:9f:b2:1c:d5:03:27:41:78:e5:aa:40:
89:ce:21:a8:f7:6f:8c:48:c4:80:ec:c5:bb:7e:74:
68:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:71:DD:F7:84:8B:55:16:13:A9:2C:F5:E6:09:1F:DE:15:5D:80:12
X509v3 Authority Key Identifier:
keyid:2A:CE:12:6F:A5:83:09:11:08:3E:45:F5:83:CA:DB:08:A6:3E:C6:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4Sb6WDCREIPkX1g8rbCKY-xvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b73bd2-ab94-4ac3-93c4-6cbcb7e3d8d2/1/EXHd94SLVRYTqSz15gkf3hVdgBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b73bd2-ab94-4ac3-93c4-6cbcb7e3d8d2/1/Ks4Sb6WDCREIPkX1g8rbCKY-xvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.244.0/22
212.237.212.0/22
IPv6:
2a0a:7700::/29
Signature Algorithm: sha256WithRSAEncryption
a9:da:db:be:1d:f7:a3:87:4d:e7:8d:ca:5d:9b:6c:3b:a9:ba:
71:93:f0:ea:ec:f9:a4:59:8e:5c:a4:f5:54:e5:54:f4:92:5b:
02:bd:07:c4:b3:0e:5d:4e:40:a3:82:71:88:d4:0c:56:b5:3a:
62:e8:0b:82:a3:54:df:98:79:66:ff:ca:94:91:bb:06:6b:6c:
b3:ee:17:32:b5:0a:85:ba:dc:97:e2:d3:76:30:03:26:f9:32:
18:dd:79:b4:3d:94:c2:0d:4d:ce:63:03:1c:1e:06:ef:cc:4f:
a3:f8:f1:76:90:3c:5b:18:b4:35:ae:73:bc:2a:a3:a6:a6:50:
b0:e8:9a:2e:05:02:3f:bd:7b:ae:0a:6e:be:25:fc:8a:05:79:
7c:fd:f9:79:97:68:f3:f0:6d:c7:83:f9:36:95:b2:fe:cc:58:
08:f8:d3:93:39:9c:96:21:02:29:f5:0a:55:fa:e5:aa:2d:bd:
15:d1:04:87:bc:40:8c:4d:f6:ae:28:37:7d:e3:f6:f5:19:ab:
fc:e6:24:b5:2a:f6:d7:84:c0:04:31:cf:7e:7a:d7:c6:fb:3a:
9d:32:d4:1f:f6:4c:f2:b8:d6:7d:27:57:ce:fb:d0:0e:df:1e:
8a:ef:6d:fc:c4:2f:88:d2:56:2c:52:8e:15:67:42:3a:86:89:
59:20:e4:e4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIED+CsrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWNlMTI2ZmE1ODMwOTExMDgzZTQ1ZjU4M2NhZGIwOGE2M2VjNmY5MB4XDTIyMDEw
MTA2NTgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTE3MWRkZjc4NDhi
NTUxNjEzYTkyY2Y1ZTYwOTFmZGUxNTVkODAxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALaeHKwINBSivG4xP2dBCwBz2OtL6K/C8k3j4B9JN8SITw/B
cK/aIFuqK/8Q0G2PYCpj3pEuXL1oUo+6OCBaicwQETg1/96qCqbUeoOxkI2PCHuK
8p3KQrAFZzWku2ZUT7pqlw/RVQXsP3x9B3NGQsm5GbMdLxV8JSY9NsBWreQnPlfh
d5fbta2MLkRzLugGtZ7OXID9VUUPtrra6tW0tQhDZGueB/5A+KaRsMTC8WVeqtPO
TzD3b0cHfO0+1SQsFnKyauaEpEkMxoRx6iYE8FkpHZhxii+UU9MTv8JvoH/IorWk
8p+yHNUDJ0F45apAic4hqPdvjEjEgOzFu350aBkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQRcd33hItVFhOpLPXmCR/eFV2AEjAfBgNVHSMEGDAWgBQqzhJvpYMJEQg+
RfWDytsIpj7G+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzNFNiNldEQ1JFSVBrWDFnOHJiQ0tZLXh2ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvYjczYmQyLWFiOTQtNGFjMy05M2M0LTZjYmNiN2UzZDhkMi8x
L0VYSGQ5NFNMVlJZVHFTejE1Z2tmM2hWZGdCSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
YjczYmQyLWFiOTQtNGFjMy05M2M0LTZjYmNiN2UzZDhkMi8xL0tzNFNiNldEQ1JF
SVBrWDFnOHJiQ0tZLXh2ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmp9AMEAtTt1DANBAIAAjAHAwUD
Kgp3ADANBgkqhkiG9w0BAQsFAAOCAQEAqdrbvh33o4dN543KXZtsO6m6cZPw6uz5
pFmOXKT1VOVU9JJbAr0HxLMOXU5Ao4JxiNQMVrU6YugLgqNU35h5Zv/KlJG7Bmts
s+4XMrUKhbrcl+LTdjADJvkyGN15tD2Uwg1NzmMDHB4G78xPo/jxdpA8Wxi0Na5z
vCqjpqZQsOiaLgUCP717rgpuviX8igV5fP35eZdo8/Btx4P5NpWy/sxYCPjTkzmc
liECKfUKVfrlqi29FdEEh7xAjE32rig3feP29Rmr/OYktSr214TABDHPfnrXxvs6
nTLUH/ZM8rjWfSdXzvvQDt8eiu9t/MQviNJWLFKOFWdCOoaJWSDk5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:43 2024 by rpki-client on console-fra.rpki-client.org