Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/B-RrmKZttHnwLoaE_KTpwYSgACA.roa
File: B-RrmKZttHnwLoaE_KTpwYSgACA.roa (raw, json)
Hash identifier: 0UEssQ4bIGEB5ZFNd1d/MhDk10nSa3CDLAZxYpO38FI=
Subject key identifier: 07:E4:6B:98:A6:6D:B4:79:F0:2E:86:84:FC:A4:E9:C1:84:A0:00:20
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187C1C1E1E6F35BE7D3336E11996B2CADFE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/B-RrmKZttHnwLoaE_KTpwYSgACA.roa
Signing time: Thu 27 Apr 2023 08:08:41 +0000
ROA not before: Thu 27 Apr 2023 08:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 171.22.31.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:c1:e1:e6:f3:5b:e7:d3:33:6e:11:99:6b:2c:ad:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 27 08:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07e46b98a66db479f02e8684fca4e9c184a00020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5a:85:d4:69:72:ab:1b:ba:03:10:91:c3:30:
da:c8:5a:87:03:92:38:fd:30:99:8e:e9:ae:0e:79:
55:f7:78:06:65:04:c3:69:92:e6:da:87:ae:5e:82:
b5:0f:25:5a:a7:00:b6:79:bb:8c:32:39:d5:ba:35:
7a:d1:56:1d:4f:22:23:e4:33:42:ed:59:27:ce:ed:
a3:a1:34:0f:c7:3f:1f:52:1e:7c:f4:69:06:19:7a:
16:9e:2a:2b:5e:a2:70:e9:f9:20:0a:4b:3e:37:80:
dc:c3:75:8e:49:9b:c3:d1:23:5b:8d:e4:e8:b7:59:
34:4a:36:4e:29:f3:95:e4:fe:b2:cd:a2:fd:71:d0:
fc:a9:1b:1a:63:5c:5b:ec:1d:a8:97:77:8b:7c:9f:
11:ef:99:5e:19:b4:59:d0:24:58:0c:03:e7:c0:6c:
0f:31:6f:c6:14:60:60:3f:e0:a9:66:3a:b6:fb:64:
a5:d1:14:9c:e4:28:22:60:98:0a:f5:dd:a1:dc:1f:
ea:67:00:39:c9:55:ee:f8:73:f7:76:96:e0:ed:ac:
4e:b4:7c:fb:59:e3:57:92:18:b2:2e:65:d9:f4:74:
7c:c8:97:29:cb:dc:e9:68:b7:2a:73:d9:17:2a:90:
1f:87:4c:3e:c4:a8:ba:a3:9a:b2:62:94:00:33:fa:
96:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E4:6B:98:A6:6D:B4:79:F0:2E:86:84:FC:A4:E9:C1:84:A0:00:20
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/B-RrmKZttHnwLoaE_KTpwYSgACA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
85.209.132.0/24
87.121.59.0/24
171.22.31.0/24
176.125.255.0/24
Signature Algorithm: sha256WithRSAEncryption
10:c6:5f:81:34:8c:0b:34:e5:d0:49:da:e0:9c:26:fd:75:e3:
67:69:44:df:30:5f:f9:2c:29:8f:5d:8d:57:15:d2:8b:b6:c7:
eb:b3:90:61:66:2f:b3:a6:ee:4d:af:c2:19:9c:bf:0c:b9:ae:
b3:f1:fe:7b:ec:bc:dd:41:86:2f:f8:9d:93:09:64:7c:7d:b0:
93:ec:e2:97:d8:3d:4e:f5:28:a5:c6:4f:76:a3:13:15:c8:3f:
2b:37:f5:12:16:09:ce:75:e1:ac:35:15:63:da:54:93:b2:54:
c1:1d:f0:c2:a3:43:88:55:7e:5c:a3:a7:0a:45:91:06:5b:13:
52:b4:49:17:73:d0:08:1e:40:48:c8:79:20:63:8c:04:69:61:
d1:40:7a:9c:d6:79:5a:5c:1a:5b:23:14:ec:d3:11:1d:56:26:
96:03:83:67:d3:69:85:4e:4e:f0:84:12:c3:94:14:d3:0d:be:
88:c2:cd:4e:25:7a:79:bf:ec:36:4a:65:86:7d:a4:72:51:af:
91:a1:62:9e:8a:71:43:64:ca:49:2b:12:79:3c:7a:19:4f:20:
0e:27:7c:52:0c:a1:c6:3a:28:13:61:fb:dc:bb:84:14:3f:bd:
6b:e9:bb:3d:a3:52:6f:b2:ef:5b:04:0a:d2:3f:36:da:dc:6d:
24:e4:db:dd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYfBweHm81vn0zNuEZlrLK3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDI3MDgwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2U0NmI5OGE2NmRiNDc5ZjAyZTg2ODRmY2E0ZTljMTg0YTAwMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VqF1Glyqxu6AxCRwzDayFqHA5I4
/TCZjumuDnlV93gGZQTDaZLm2oeuXoK1DyVapwC2ebuMMjnVujV60VYdTyIj5DNC
7Vknzu2joTQPxz8fUh589GkGGXoWniorXqJw6fkgCks+N4Dcw3WOSZvD0SNbjeTo
t1k0SjZOKfOV5P6yzaL9cdD8qRsaY1xb7B2ol3eLfJ8R75leGbRZ0CRYDAPnwGwP
MW/GFGBgP+CpZjq2+2Sl0RSc5CgiYJgK9d2h3B/qZwA5yVXu+HP3dpbg7axOtHz7
WeNXkhiyLmXZ9HR8yJcpy9zpaLcqc9kXKpAfh0w+xKi6o5qyYpQAM/qWIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAfka5imbbR58C6GhPyk6cGEoAAgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQi1Scm1LWnR0SG53TG9hRV9LVHB3WVNnQUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVBWtAwQA
VdGEAwQAV3k7AwQAqxYfAwQAsH3/MA0GCSqGSIb3DQEBCwUAA4IBAQAQxl+BNIwL
NOXQSdrgnCb9deNnaUTfMF/5LCmPXY1XFdKLtsfrs5BhZi+zpu5Nr8IZnL8Mua6z
8f577LzdQYYv+J2TCWR8fbCT7OKX2D1O9Silxk92oxMVyD8rN/USFgnOdeGsNRVj
2lSTslTBHfDCo0OIVX5co6cKRZEGWxNStEkXc9AIHkBIyHkgY4wEaWHRQHqc1nla
XBpbIxTs0xEdViaWA4Nn02mFTk7whBLDlBTTDb6Iws1OJXp5v+w2SmWGfaRyUa+R
oWKeinFDZMpJKxJ5PHoZTyAOJ3xSDKHGOigTYfvcu4QUP71r6bs9o1Jvsu9bBArS
Pzba3G0k5Nvd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:00 2024 by rpki-client on console-fra.rpki-client.org