Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D6W9a_5eb4qMZd4v5Cnl3V8m8QU.roa
File: D6W9a_5eb4qMZd4v5Cnl3V8m8QU.roa (raw, json)
Hash identifier: erMPk0rHt8+2GM4Bzs9WBZThi70eT6w8PM0fXfJsh/k=
Subject key identifier: 0F:A5:BD:6B:FE:5E:6F:8A:8C:65:DE:2F:E4:29:E5:DD:5F:26:F1:05
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1D3516A9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D6W9a_5eb4qMZd4v5Cnl3V8m8QU.roa
Signing time: Mon 21 Feb 2022 10:04:14 +0000
ROA not before: Mon 21 Feb 2022 10:04:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 94.156.14.0/24 maxlen: 24
92.249.51.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 490018473 (0x1d3516a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 10:04:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fa5bd6bfe5e6f8a8c65de2fe429e5dd5f26f105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:95:57:1e:68:07:bf:d1:5f:f2:3b:27:f9:1a:
41:ce:db:54:6b:68:ed:f3:9b:fe:ce:d2:c3:5f:1d:
0c:39:0a:d7:d3:71:7c:53:0c:9f:f1:b0:3a:f9:d5:
c5:23:4d:12:db:79:8c:f2:f9:78:91:58:09:73:68:
40:84:98:59:58:cf:8d:0e:1a:8c:b2:4a:19:62:d5:
e5:12:9e:ae:f5:1f:68:64:8b:57:f7:89:49:2f:26:
40:ef:a0:10:ea:72:1c:80:65:2f:d6:a5:16:a7:93:
3e:b7:2d:a7:5a:b2:18:34:a2:f3:16:40:c2:4b:5c:
51:5a:30:7f:23:17:86:33:51:4e:37:2e:25:37:66:
73:5d:ff:90:fd:32:37:ed:ee:a4:f4:40:42:cd:28:
18:cd:7f:ec:08:7f:1d:b2:33:52:8f:e0:79:a0:b4:
dc:6b:d3:65:c6:96:6e:83:27:6e:47:38:ea:ce:2a:
ec:cb:b8:bb:f0:5c:08:b2:8b:1f:68:25:72:a9:05:
9b:64:ce:f5:78:d8:b2:19:85:04:8a:09:df:05:51:
8f:5b:eb:73:30:92:fd:92:31:4a:42:cc:97:6a:4b:
dd:87:a0:39:f7:77:61:6e:8f:80:01:e2:32:08:41:
ad:4c:19:bd:50:de:8e:be:cd:67:31:0f:b0:23:f7:
be:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A5:BD:6B:FE:5E:6F:8A:8C:65:DE:2F:E4:29:E5:DD:5F:26:F1:05
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D6W9a_5eb4qMZd4v5Cnl3V8m8QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.51.0/24
94.156.14.0/24
185.221.64.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c3:f7:74:3b:1f:d1:b1:65:e5:82:0c:84:66:66:f0:b7:c7:
2a:3c:bc:74:40:14:2f:ed:6d:f5:9c:5a:31:78:d2:e1:f9:c9:
dc:1c:9d:d4:f4:25:13:1a:4a:ba:14:ab:c8:bd:c6:98:9e:8f:
82:71:7c:52:d6:dc:65:51:f0:5f:c8:cd:69:3f:94:1b:16:31:
35:8e:38:78:ca:97:1a:bb:9f:7e:52:f1:e7:92:71:54:0d:12:
90:7e:03:0a:df:ac:ab:98:ab:e1:d3:90:d9:a5:36:c7:b7:2d:
36:13:4e:1a:8c:3b:55:30:c0:6b:86:a5:ff:df:03:1d:38:38:
c2:f0:de:92:da:5c:64:73:b7:de:29:40:70:60:1f:9f:ac:6f:
45:dd:12:d2:4c:9d:c1:bf:0e:ff:42:d0:20:f8:bf:5e:15:29:
2d:92:4a:00:09:79:41:70:d8:8a:dd:20:8c:14:83:5a:3f:47:
c6:82:e7:35:c3:ac:f0:83:48:7e:b6:6f:3d:3e:14:36:b1:0a:
ea:56:35:60:52:c4:81:3c:57:00:aa:ba:65:c1:4c:58:9b:92:
1e:a9:69:11:31:fb:c4:db:45:3c:b2:f0:e5:06:34:ab:04:6d:
8e:c5:b3:4b:93:a9:a0:b0:ad:9f:61:a0:17:7f:bb:8d:54:8f:
98:fa:df:a0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEHTUWqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDIy
MTEwMDQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZhNWJkNmJmZTVl
NmY4YThjNjVkZTJmZTQyOWU1ZGQ1ZjI2ZjEwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKVVx5oB7/RX/I7J/kaQc7bVGto7fOb/s7Sw18dDDkK19Nx
fFMMn/GwOvnVxSNNEtt5jPL5eJFYCXNoQISYWVjPjQ4ajLJKGWLV5RKervUfaGSL
V/eJSS8mQO+gEOpyHIBlL9alFqeTPrctp1qyGDSi8xZAwktcUVowfyMXhjNRTjcu
JTdmc13/kP0yN+3upPRAQs0oGM1/7Ah/HbIzUo/geaC03GvTZcaWboMnbkc46s4q
7Mu4u/BcCLKLH2glcqkFm2TO9XjYshmFBIoJ3wVRj1vrczCS/ZIxSkLMl2pL3Yeg
Ofd3YW6PgAHiMghBrUwZvVDejr7NZzEPsCP3vnsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQPpb1r/l5vioxl3i/kKeXdXybxBTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L0Q2VzlhXzVlYjRxTVpkNHY1Q25sM1Y4bThRVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFz5MwMEAF6cDgMEALndQAMEAMK0
MjANBgkqhkiG9w0BAQsFAAOCAQEAGMP3dDsf0bFl5YIMhGZm8LfHKjy8dEAUL+1t
9ZxaMXjS4fnJ3Byd1PQlExpKuhSryL3GmJ6PgnF8UtbcZVHwX8jNaT+UGxYxNY44
eMqXGrufflLx55JxVA0SkH4DCt+sq5ir4dOQ2aU2x7ctNhNOGow7VTDAa4al/98D
HTg4wvDektpcZHO33ilAcGAfn6xvRd0S0kydwb8O/0LQIPi/XhUpLZJKAAl5QXDY
it0gjBSDWj9HxoLnNcOs8INIfrZvPT4UNrEK6lY1YFLEgTxXAKq6ZcFMWJuSHqlp
ETH7xNtFPLLw5QY0qwRtjsWzS5OpoLCtn2GgF3+7jVSPmPrfoA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:33 2023 by rpki-client on console-ams.rpki-client.org