Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0Y4NzV3qb_CbVI7uaQc8AY-7KJo.roa
File: 0Y4NzV3qb_CbVI7uaQc8AY-7KJo.roa (raw, json)
Hash identifier: oHoHFdOj2aEGhlVQKF8n2LIME/m/KuNSGVVU96fyP7A=
Subject key identifier: D1:8E:0D:CD:5D:EA:6F:F0:9B:54:8E:EE:69:07:3C:01:8F:BB:28:9A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1C726162
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0Y4NzV3qb_CbVI7uaQc8AY-7KJo.roa
Signing time: Sat 01 Jan 2022 01:02:38 +0000
ROA not before: Sat 01 Jan 2022 01:02:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51189
IP address blocks: 87.120.85.0/24 maxlen: 24
87.120.84.0/23 maxlen: 23
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.86.0/23 maxlen: 23
87.120.86.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 477258082 (0x1c726162)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 01:02:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d18e0dcd5dea6ff09b548eee69073c018fbb289a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5d:83:4b:34:04:98:24:c1:c9:70:86:84:e1:
b2:bb:4b:7d:d6:56:57:5c:be:93:3b:69:92:bb:8f:
2d:51:09:77:73:3c:1d:8a:66:aa:c6:d0:9b:5f:17:
33:68:56:3d:94:0f:fd:75:ad:91:76:95:b6:98:61:
af:e9:62:17:60:43:d2:ac:fd:ad:da:e0:10:7d:62:
66:ed:2e:b7:e5:09:a6:a5:3c:c8:c9:35:23:3b:48:
f6:8c:3d:22:17:de:bd:db:d9:54:ba:0c:6a:b8:a6:
5c:60:a6:31:7c:b8:4a:63:88:a2:1d:c2:f9:4f:02:
4b:5d:84:08:bd:b0:9c:d3:aa:7e:06:c2:38:3b:07:
81:d9:5c:70:46:a9:29:ff:06:2f:a1:1e:7b:24:25:
eb:ea:34:73:71:52:5e:5d:47:b4:cc:f5:4f:07:ee:
2c:27:f1:60:82:a0:b3:8d:25:a0:66:e5:0e:63:84:
32:d8:23:a5:f7:8b:6a:c0:dc:1f:3b:58:57:f2:53:
f3:9a:3e:26:5e:53:3c:2b:24:42:d9:3f:d8:e0:c7:
62:5a:2d:96:bc:5e:c9:e0:43:e5:4e:56:2f:50:ac:
2b:3c:ba:a7:02:5e:e3:b1:6f:32:56:12:7d:b3:87:
c2:03:91:2c:28:c8:9d:79:d1:48:0a:e8:d9:4c:e8:
20:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8E:0D:CD:5D:EA:6F:F0:9B:54:8E:EE:69:07:3C:01:8F:BB:28:9A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0Y4NzV3qb_CbVI7uaQc8AY-7KJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.84.0/22
Signature Algorithm: sha256WithRSAEncryption
51:bf:84:f1:9d:a2:27:dd:81:a6:3c:5f:2b:76:fa:97:e2:f8:
12:d1:90:80:f9:69:a0:24:2c:6c:11:2e:e2:32:7e:21:92:52:
3c:c2:1b:5a:48:61:d4:d0:b4:5b:d8:fc:d5:57:2b:cf:2c:a0:
d3:89:76:a3:e0:0f:53:10:6d:7f:6b:cf:48:2d:96:98:88:ea:
1e:7b:b5:6b:7a:d4:69:d8:13:d4:c6:60:ce:b4:b6:13:ce:19:
db:a7:35:88:90:4c:1b:28:53:1b:8e:37:5b:73:c0:7b:dd:c9:
82:0d:a3:6f:f7:a2:a3:67:00:22:ee:b2:c8:b6:b4:a0:58:fd:
f1:aa:55:2d:14:c0:e3:41:54:a6:04:21:62:5c:fc:73:be:36:
f5:3c:14:2d:47:ae:2b:1c:cd:25:29:6f:f7:f0:87:6d:a6:db:
2e:06:bc:84:da:50:07:80:6e:b4:4e:f7:59:df:98:13:19:90:
4e:40:43:c6:c8:77:51:06:36:6a:a3:40:31:79:d3:e4:df:22:
85:6e:d3:18:f9:be:ee:be:2a:1a:e6:d5:56:13:1b:8d:81:07:
42:01:7c:de:a5:9c:c5:d4:24:df:aa:fd:c4:c8:52:b2:b3:a7:
8d:17:7e:36:85:43:e9:11:bb:75:3b:3d:6e:ff:6d:e5:04:28:
1a:25:c3:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHHJhYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE4ZTBkY2Q1ZGVh
NmZmMDliNTQ4ZWVlNjkwNzNjMDE4ZmJiMjg5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVdg0s0BJgkwclwhoThsrtLfdZWV1y+kztpkruPLVEJd3M8
HYpmqsbQm18XM2hWPZQP/XWtkXaVtphhr+liF2BD0qz9rdrgEH1iZu0ut+UJpqU8
yMk1IztI9ow9IhfevdvZVLoMarimXGCmMXy4SmOIoh3C+U8CS12ECL2wnNOqfgbC
ODsHgdlccEapKf8GL6EeeyQl6+o0c3FSXl1HtMz1TwfuLCfxYIKgs40loGblDmOE
MtgjpfeLasDcHztYV/JT85o+Jl5TPCskQtk/2ODHYlotlrxeyeBD5U5WL1CsKzy6
pwJe47FvMlYSfbOHwgORLCjInXnRSAro2UzoINcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRjg3NXepv8JtUju5pBzwBj7somjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzBZNE56VjNxYl9DYlZJN3VhUWM4QVktN0tKby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAld4VDANBgkqhkiG9w0BAQsFAAOC
AQEAUb+E8Z2iJ92BpjxfK3b6l+L4EtGQgPlpoCQsbBEu4jJ+IZJSPMIbWkhh1NC0
W9j81Vcrzyyg04l2o+APUxBtf2vPSC2WmIjqHnu1a3rUadgT1MZgzrS2E84Z26c1
iJBMGyhTG443W3PAe93Jgg2jb/eio2cAIu6yyLa0oFj98apVLRTA40FUpgQhYlz8
c7429TwULUeuKxzNJSlv9/CHbabbLga8hNpQB4ButE73Wd+YExmQTkBDxsh3UQY2
aqNAMXnT5N8ihW7TGPm+7r4qGubVVhMbjYEHQgF83qWcxdQk36r9xMhSsrOnjRd+
NoVD6RG7dTs9bv9t5QQoGiXDaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:21 2024 by rpki-client on console-ams.rpki-client.org