Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7Vld7BfEdqTC6v7ehtOuibleTDY.roa
File: 7Vld7BfEdqTC6v7ehtOuibleTDY.roa (raw, json)
Hash identifier: IHkHRKfH7k5QzKrZ9lHQ0jjOXLHDMMUXehD9pmNb5b0=
Subject key identifier: ED:59:5D:EC:17:C4:76:A4:C2:EA:FE:DE:86:D3:AE:89:B9:5E:4C:36
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E80FE69
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7Vld7BfEdqTC6v7ehtOuibleTDY.roa
Signing time: Wed 18 May 2022 07:08:18 +0000
ROA not before: Wed 18 May 2022 07:08:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 87.121.124.0/23 maxlen: 24
87.121.122.0/23 maxlen: 24
185.207.12.0/24 maxlen: 24
109.206.238.0/24 maxlen: 24
84.21.172.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 511770217 (0x1e80fe69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 18 07:08:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed595dec17c476a4c2eafede86d3ae89b95e4c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c9:d8:41:fe:b9:81:ee:a9:c9:c4:fa:53:f1:
ab:60:2a:34:4d:f0:94:71:8c:a4:d8:4f:8f:21:9f:
e7:19:ed:51:e5:d3:d9:b6:de:44:5a:7c:a9:bb:45:
35:7c:c5:25:8a:b0:75:aa:0d:b2:e3:d0:37:56:91:
bf:1b:fb:ad:45:87:af:a1:87:e0:5b:8f:bc:ed:0a:
2b:38:e9:36:e3:1b:9c:e7:0d:76:68:95:75:43:b8:
9a:20:2c:86:28:d5:c7:c5:84:a3:ec:43:67:67:62:
c3:31:c0:54:c8:d8:7d:e5:f8:7a:95:97:fb:2b:2b:
b6:42:d0:eb:23:5f:76:df:4a:fd:18:de:9b:88:33:
8b:1f:0f:7f:e1:9a:93:ad:bc:36:b3:22:1c:73:54:
d0:0a:2c:7b:d4:aa:7a:a1:aa:45:df:db:e1:77:ec:
f1:72:7a:81:57:9a:e4:10:1f:d4:c7:8a:1b:92:01:
ab:98:31:b0:67:7c:ee:ea:b7:43:40:14:ad:86:b9:
e9:7f:83:09:d0:d6:f6:7f:12:bf:27:c6:ea:cd:ff:
06:fb:b8:cf:e4:c4:1d:91:98:6c:1f:1d:d3:bd:60:
4b:f3:22:fc:d9:8b:63:bc:ae:99:5f:11:66:ef:c1:
97:c7:03:34:f2:07:1f:92:dc:f2:d5:1a:76:bd:4a:
8a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:59:5D:EC:17:C4:76:A4:C2:EA:FE:DE:86:D3:AE:89:B9:5E:4C:36
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7Vld7BfEdqTC6v7ehtOuibleTDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.172.0/23
87.121.122.0-87.121.125.255
109.206.238.0/24
185.207.12.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:df:66:67:df:15:c5:24:69:a7:ea:f3:48:e4:89:0d:a2:bb:
f6:fb:93:0a:08:c1:a4:39:3d:49:2a:ac:5b:26:33:ec:20:df:
3b:f6:90:88:67:eb:ff:db:ef:39:57:b8:27:7a:25:90:a3:21:
4c:35:6c:2d:2d:ff:ea:4a:a2:22:0e:c6:a6:b4:84:96:46:84:
61:0d:2a:dd:70:ef:55:3b:7c:15:91:04:da:8f:4f:9d:b1:30:
ab:61:ca:94:e7:29:30:b3:b1:1a:1c:42:06:9c:30:a7:e5:b6:
33:09:40:0b:10:9c:72:7a:56:6c:15:fb:dc:0f:fa:81:fa:af:
31:0e:e4:96:05:66:b2:b8:4b:41:c5:82:39:fe:2b:90:50:bb:
01:cb:05:48:04:db:89:67:f5:b3:e5:6f:44:e1:74:0c:17:9e:
77:b1:7d:3b:3b:99:7e:11:cb:53:3a:ba:9f:61:c1:4d:d2:1a:
86:58:04:b8:32:fd:4f:93:de:18:6f:59:8c:3f:f4:06:4e:03:
0d:7a:74:48:96:16:87:ab:2e:97:67:87:e0:33:4e:b6:0b:e5:
5f:a9:5a:2d:b4:ba:cb:7b:11:51:88:f3:1a:1f:6c:39:11:e6:
08:36:a5:f4:46:9b:c1:b6:66:63:bc:16:42:0d:71:e4:7f:cf:
50:ea:74:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEHoD+aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUx
ODA3MDgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQ1OTVkZWMxN2M0
NzZhNGMyZWFmZWRlODZkM2FlODliOTVlNGMzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDJ2EH+uYHuqcnE+lPxq2AqNE3wlHGMpNhPjyGf5xntUeXT
2bbeRFp8qbtFNXzFJYqwdaoNsuPQN1aRvxv7rUWHr6GH4FuPvO0KKzjpNuMbnOcN
dmiVdUO4miAshijVx8WEo+xDZ2diwzHAVMjYfeX4epWX+ysrtkLQ6yNfdt9K/Rje
m4gzix8Pf+Gak628NrMiHHNU0Aose9SqeqGqRd/b4Xfs8XJ6gVea5BAf1MeKG5IB
q5gxsGd87uq3Q0AUrYa56X+DCdDW9n8SvyfG6s3/Bvu4z+TEHZGYbB8d071gS/Mi
/NmLY7yumV8RZu/Bl8cDNPIHH5Lc8tUadr1KiqsCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTtWV3sF8R2pMLq/t6G066JuV5MNjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzdWbGQ3QmZFZHFUQzZ2N2VodE91aWJsZVREWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAVQVrDAMAwQBV3l6AwQBV3l8AwQA
bc7uAwQAuc8MMA0GCSqGSIb3DQEBCwUAA4IBAQCK32Zn3xXFJGmn6vNI5IkNorv2
+5MKCMGkOT1JKqxbJjPsIN879pCIZ+v/2+85V7gneiWQoyFMNWwtLf/qSqIiDsam
tISWRoRhDSrdcO9VO3wVkQTaj0+dsTCrYcqU5ykws7EaHEIGnDCn5bYzCUALEJxy
elZsFfvcD/qB+q8xDuSWBWayuEtBxYI5/iuQULsBywVIBNuJZ/Wz5W9E4XQMF553
sX07O5l+EctTOrqfYcFN0hqGWAS4Mv1Pk94Yb1mMP/QGTgMNenRIlhaHqy6XZ4fg
M062C+VfqVottLrLexFRiPMaH2w5EeYINqX0RpvBtmZjvBZCDXHkf89Q6nSx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:25 2024 by rpki-client on console-ams.rpki-client.org