Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EJkdYgRQgTjDbV4mKI9-EJyWtSc.roa
File: EJkdYgRQgTjDbV4mKI9-EJyWtSc.roa (raw, json)
Hash identifier: OhBo9OJ6VC1vji8hBtoQemkWE0BxA0CcPd5XZdirClE=
Subject key identifier: 10:99:1D:62:04:50:81:38:C3:6D:5E:26:28:8F:7E:10:9C:96:B5:27
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01888A6288D469DED4CA85209EB348CB8C5F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EJkdYgRQgTjDbV4mKI9-EJyWtSc.roa
Signing time: Mon 05 Jun 2023 07:08:13 +0000
ROA not before: Mon 05 Jun 2023 07:08:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 84.21.173.0/24 maxlen: 24
81.161.231.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:62:88:d4:69:de:d4:ca:85:20:9e:b3:48:cb:8c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 5 07:08:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10991d6204508138c36d5e26288f7e109c96b527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:69:54:0c:3b:a5:5a:0a:00:08:89:77:7f:d9:
c0:c6:42:3b:8c:37:2a:96:87:c1:17:95:77:18:27:
f2:b0:40:b8:5c:10:ee:7f:e7:85:8c:82:5b:fb:15:
58:06:6b:e7:1c:94:a0:f0:77:d5:e7:fc:c2:73:15:
4f:86:d9:7e:0b:dd:4a:0f:11:8b:b0:80:ce:db:8f:
7b:1b:72:d2:de:7a:a2:69:ec:1c:01:ab:a3:53:c1:
a9:32:e3:c1:3a:5a:a3:cd:42:a0:da:a9:f3:93:89:
3f:0e:fc:ca:9b:a6:ac:fd:79:59:15:4a:6f:80:be:
e1:b1:74:0d:47:70:86:86:54:1d:e0:6e:55:a8:50:
f6:b7:cd:04:85:25:73:fa:0f:26:27:54:a0:4c:d5:
06:3f:8d:4a:fc:6d:1a:7b:f4:87:f9:65:23:2a:87:
dd:45:de:52:77:e5:82:8f:3b:cf:13:2c:11:31:02:
b6:31:23:fb:56:56:18:76:fc:16:7d:66:7d:cc:6c:
15:d2:cb:fa:ff:75:a5:a9:61:b3:a3:36:ba:d3:c9:
71:df:32:fd:15:4d:50:70:67:1d:d2:73:45:02:0b:
61:dd:a0:63:a1:51:80:ff:7b:95:64:d5:5d:5c:4b:
a7:ec:d6:bb:6b:b4:b4:24:34:28:d9:3e:bc:d4:c3:
05:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:99:1D:62:04:50:81:38:C3:6D:5E:26:28:8F:7E:10:9C:96:B5:27
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EJkdYgRQgTjDbV4mKI9-EJyWtSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.231.0/24
84.21.173.0/24
87.121.59.0/24
93.123.85.0/24
Signature Algorithm: sha256WithRSAEncryption
33:89:87:39:65:c9:a0:2f:d6:dd:aa:cd:fa:00:61:29:f9:2f:
d0:4c:bd:21:f8:5b:e0:5a:07:11:b4:2c:35:e4:35:93:07:ca:
76:c7:bf:78:f3:c7:c2:b5:5b:1e:4a:55:5f:20:c8:a2:cd:10:
83:4f:ad:78:48:13:d8:d4:4a:e2:36:99:8c:67:7e:8c:8a:45:
42:f0:37:be:1c:cf:55:12:a1:ea:5b:65:8b:56:ef:7a:1a:60:
13:d6:62:22:38:01:43:de:ba:99:4e:b1:96:d5:9b:73:86:2a:
e1:aa:5f:d2:e8:8c:67:61:9d:40:87:66:e4:87:29:eb:17:c7:
ca:a2:39:aa:f3:3e:e0:e4:1a:50:bc:05:cd:1b:9a:07:32:5d:
30:3a:cf:1c:45:86:e8:40:ef:e2:06:e8:2a:85:2a:c1:99:f8:
e0:b1:b0:db:90:d7:d9:32:2c:69:a9:71:50:69:31:3c:79:e0:
7d:e3:4c:b0:c0:d5:4d:36:f6:5e:27:05:c9:8a:98:6f:a3:f1:
3a:13:84:ed:c5:7d:19:23:b1:96:b2:a8:af:94:39:0c:15:2f:
c8:7f:c4:d6:fa:92:8c:08:2b:68:0c:67:34:dd:07:4d:e7:fd:
d9:44:8f:8b:f6:d7:58:7f:09:8d:c8:10:b7:4f:e7:78:82:17:
48:52:b9:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiKYojUad7UyoUgnrNIy4xfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjA1MDcwODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDk5MWQ2MjA0NTA4MTM4YzM2ZDVlMjYyODhmN2UxMDljOTZiNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2lUDDulWgoACIl3f9nAxkI7jDcq
lofBF5V3GCfysEC4XBDuf+eFjIJb+xVYBmvnHJSg8HfV5/zCcxVPhtl+C91KDxGL
sIDO2497G3LS3nqiaewcAaujU8GpMuPBOlqjzUKg2qnzk4k/DvzKm6as/XlZFUpv
gL7hsXQNR3CGhlQd4G5VqFD2t80EhSVz+g8mJ1SgTNUGP41K/G0ae/SH+WUjKofd
Rd5Sd+WCjzvPEywRMQK2MSP7VlYYdvwWfWZ9zGwV0sv6/3WlqWGzoza608lx3zL9
FU1QcGcd0nNFAgth3aBjoVGA/3uVZNVdXEun7Na7a7S0JDQo2T681MMFgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBCZHWIEUIE4w21eJiiPfhCclrUnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRUprZFlnUlFnVGpEYlY0bUtJOS1FSnlXdFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUaHnAwQA
VBWtAwQAV3k7AwQAXXtVMA0GCSqGSIb3DQEBCwUAA4IBAQAziYc5ZcmgL9bdqs36
AGEp+S/QTL0h+FvgWgcRtCw15DWTB8p2x79488fCtVseSlVfIMiizRCDT614SBPY
1EriNpmMZ36MikVC8De+HM9VEqHqW2WLVu96GmAT1mIiOAFD3rqZTrGW1Ztzhirh
ql/S6IxnYZ1Ah2bkhynrF8fKojmq8z7g5BpQvAXNG5oHMl0wOs8cRYboQO/iBugq
hSrBmfjgsbDbkNfZMixpqXFQaTE8eeB940ywwNVNNvZeJwXJiphvo/E6E4TtxX0Z
I7GWsqivlDkMFS/If8TW+pKMCCtoDGc03QdN5/3ZRI+L9tdYfwmNyBC3T+d4ghdI
UrnQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:28 2024 by rpki-client on console-ams.rpki-client.org