Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4EjPE4ZdM26VglRH6-Kg4--tTyw.roa
File: 4EjPE4ZdM26VglRH6-Kg4--tTyw.roa (raw, json)
Hash identifier: l74uzrTeWd+4lRojNHxOaBOOu12Xr3Oj5moZty2Yk3U=
Subject key identifier: E0:48:CF:13:86:5D:33:6E:95:82:54:47:EB:E2:A0:E3:EF:AD:4F:2C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1C4F7D44
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4EjPE4ZdM26VglRH6-Kg4--tTyw.roa
Signing time: Sat 01 Jan 2022 01:02:18 +0000
ROA not before: Sat 01 Jan 2022 01:02:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 87.121.122.0/23 maxlen: 24
87.121.124.0/23 maxlen: 24
91.92.115.0/24 maxlen: 24
87.120.84.0/22 maxlen: 24
185.207.12.0/24 maxlen: 24
109.206.238.0/24 maxlen: 24
84.21.172.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 474971460 (0x1c4f7d44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 01:02:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e048cf13865d336e95825447ebe2a0e3efad4f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:85:32:2d:ab:76:72:4c:31:c5:20:79:01:26:
dd:74:af:fb:c4:a3:a8:d7:1e:00:62:ab:76:03:2d:
9f:97:a0:22:30:a7:8a:89:bb:b9:53:3a:5e:c1:7f:
ca:29:d0:28:fa:47:05:11:40:68:38:03:d3:89:33:
67:d0:b0:84:a5:e1:85:36:43:9c:a0:62:c5:1a:94:
63:81:1b:ee:64:59:bf:f2:7a:24:6c:19:84:52:3d:
65:ff:7c:69:30:df:76:b2:c1:d3:b0:7d:8c:25:bb:
b0:05:bc:2b:83:94:d0:46:66:20:9c:3b:89:e9:6e:
7e:2a:56:8c:6a:96:ed:c1:57:57:84:82:47:69:be:
55:f6:85:ef:8c:bd:48:42:f8:f9:e9:52:31:e2:be:
ca:59:c7:b5:1a:d8:07:7d:1b:f0:60:29:e6:fd:20:
95:22:6b:2d:12:d9:50:71:a0:e2:99:7e:83:d2:21:
dc:ae:70:c4:28:7f:fe:69:6d:fb:2e:df:35:87:92:
23:f8:47:83:1f:ce:8f:6e:68:ec:c0:56:d6:f1:b3:
87:09:ef:90:9a:e3:7e:f8:78:2d:51:fb:99:4d:f0:
08:23:e1:5e:f8:24:d7:11:41:6a:98:0b:c2:55:29:
63:47:e8:85:30:d0:c0:a3:b7:76:6e:cd:c2:85:e7:
de:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:48:CF:13:86:5D:33:6E:95:82:54:47:EB:E2:A0:E3:EF:AD:4F:2C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4EjPE4ZdM26VglRH6-Kg4--tTyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.172.0/23
87.120.84.0/22
87.121.122.0-87.121.125.255
91.92.115.0/24
109.206.238.0/24
185.207.12.0/24
Signature Algorithm: sha256WithRSAEncryption
44:28:58:08:aa:2a:2f:2b:26:58:52:8b:aa:9d:ec:ff:48:79:
36:8a:a3:3f:a1:d5:58:be:f8:b2:d7:df:99:9d:42:14:61:1a:
37:3c:b4:e3:a9:8b:c3:29:6b:53:17:a5:c2:d6:f7:28:4b:53:
f9:81:fd:2f:d0:dd:43:13:b1:3c:c9:a6:50:0e:14:7f:a3:fc:
6f:fd:d9:6d:e6:46:88:2a:9b:de:ec:41:a0:12:4c:af:a6:5b:
e3:c1:01:b4:d4:5a:da:1d:2c:bd:c0:97:39:ab:cd:cc:67:ec:
c6:fa:09:94:6e:36:89:6a:99:7d:85:92:1f:28:ee:b2:40:06:
35:eb:2f:78:c8:94:2f:fc:c1:8e:f3:3c:e6:19:59:81:b4:57:
dc:99:c0:9f:06:1d:90:ba:b5:a6:65:18:27:ff:af:ad:89:49:
a8:55:58:4b:c2:35:aa:70:55:c2:ef:ff:07:00:13:90:04:11:
56:d1:4f:f7:83:62:0d:c1:95:0d:e1:16:f9:e3:3a:42:f7:07:
c8:71:a6:6f:f8:77:05:24:df:fa:24:3f:1e:c2:28:98:1c:ad:
b7:10:17:7f:5d:2e:5f:69:3e:04:ff:bc:47:7c:54:c5:9b:42:
c9:2a:ad:40:5c:a5:8a:45:23:5a:1c:d2:b5:52:a5:84:a5:f6:
ac:28:6a:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEHE99RDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA0OGNmMTM4NjVk
MzM2ZTk1ODI1NDQ3ZWJlMmEwZTNlZmFkNGYyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+FMi2rdnJMMcUgeQEm3XSv+8SjqNceAGKrdgMtn5egIjCn
iom7uVM6XsF/yinQKPpHBRFAaDgD04kzZ9CwhKXhhTZDnKBixRqUY4Eb7mRZv/J6
JGwZhFI9Zf98aTDfdrLB07B9jCW7sAW8K4OU0EZmIJw7ielufipWjGqW7cFXV4SC
R2m+VfaF74y9SEL4+elSMeK+ylnHtRrYB30b8GAp5v0glSJrLRLZUHGg4pl+g9Ih
3K5wxCh//mlt+y7fNYeSI/hHgx/Oj25o7MBW1vGzhwnvkJrjfvh4LVH7mU3wCCPh
Xvgk1xFBapgLwlUpY0fohTDQwKO3dm7NwoXn3mcCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBTgSM8Thl0zbpWCVEfr4qDj761PLDAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzRFalBFNFpkTTI2VmdsUkg2LUtnNC0tdFR5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAVQVrAMEAld4VDAMAwQBV3l6AwQB
V3l8AwQAW1xzAwQAbc7uAwQAuc8MMA0GCSqGSIb3DQEBCwUAA4IBAQBEKFgIqiov
KyZYUouqnez/SHk2iqM/odVYvviy19+ZnUIUYRo3PLTjqYvDKWtTF6XC1vcoS1P5
gf0v0N1DE7E8yaZQDhR/o/xv/dlt5kaIKpve7EGgEkyvplvjwQG01FraHSy9wJc5
q83MZ+zG+gmUbjaJapl9hZIfKO6yQAY16y94yJQv/MGO8zzmGVmBtFfcmcCfBh2Q
urWmZRgn/6+tiUmoVVhLwjWqcFXC7/8HABOQBBFW0U/3g2INwZUN4Rb54zpC9wfI
caZv+HcFJN/6JD8ewiiYHK23EBd/XS5faT4E/7xHfFTFm0LJKq1AXKWKRSNaHNK1
UqWEpfasKGpb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-ams.rpki-client.org