Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Fip00BGXe2Y1tt4aXcMp1a7Holg.roa
File: Fip00BGXe2Y1tt4aXcMp1a7Holg.roa (raw, json)
Hash identifier: yLOpbscAAj1pLs2d52kKT0Abn3WFEBZ3Y4ujN9/b9yo=
Subject key identifier: 16:2A:74:D0:11:97:7B:66:35:B6:DE:1A:5D:C3:29:D5:AE:C7:A2:58
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188251648D733E969AA4F7C24458DF0C746
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Fip00BGXe2Y1tt4aXcMp1a7Holg.roa
Signing time: Tue 16 May 2023 15:03:17 +0000
ROA not before: Tue 16 May 2023 15:03:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 84.21.173.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:25:16:48:d7:33:e9:69:aa:4f:7c:24:45:8d:f0:c7:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 16 15:03:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=162a74d011977b6635b6de1a5dc329d5aec7a258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ca:e1:ad:35:ff:05:e1:5b:3c:d3:81:ce:f9:
25:bb:5c:66:b1:4e:7f:f3:38:7a:78:86:d5:fc:79:
e7:74:58:67:36:73:f3:02:a9:64:93:31:ce:4c:75:
67:8f:d8:d1:5f:e5:8d:aa:47:f0:eb:a8:e8:41:6b:
ea:e3:35:e3:b1:81:04:bd:d2:a5:e0:69:66:d0:91:
ab:33:7b:4a:d3:b6:29:f3:b2:c2:ff:6d:d0:e8:2d:
c7:f6:61:d3:6f:0a:c7:e7:6e:53:a3:93:cd:a4:d9:
1d:49:18:99:4a:8c:79:60:7b:cd:51:e8:12:b4:1c:
24:2d:ea:d1:5f:a8:a2:3e:05:76:3a:4a:25:c3:6e:
9a:ce:a5:2a:0c:6c:6e:ea:5e:20:ce:56:94:6f:e7:
a9:5e:b0:ba:e7:f7:5e:52:06:20:1e:33:de:51:88:
7f:ad:4e:bc:dc:be:73:fc:55:81:2d:48:5f:46:8d:
2a:76:98:03:2a:2f:1a:bb:c8:73:b0:ea:47:99:3b:
37:80:a4:bf:2e:63:aa:87:fe:e8:e3:39:11:de:95:
15:ef:6d:8a:17:2b:49:87:43:6c:f4:d0:ce:f3:8a:
b3:8d:48:4b:cf:48:18:03:0d:34:78:27:c2:08:af:
63:f7:3e:0c:da:01:10:89:c3:7e:e3:12:88:6c:90:
77:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2A:74:D0:11:97:7B:66:35:B6:DE:1A:5D:C3:29:D5:AE:C7:A2:58
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Fip00BGXe2Y1tt4aXcMp1a7Holg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
87.121.59.0/24
Signature Algorithm: sha256WithRSAEncryption
59:f9:8b:74:37:a2:98:93:fb:ca:34:16:61:21:18:6b:b2:c7:
4a:97:ce:17:7c:45:e5:81:5f:d4:f3:4e:a5:c1:19:59:41:13:
d9:ed:63:6d:d8:8e:6e:8a:e3:35:3d:fc:2a:de:b1:b7:64:7a:
3c:41:45:76:11:f3:5b:97:99:d3:1c:0b:c0:b1:8b:bd:a3:b7:
02:85:3d:ff:57:92:02:1f:49:0e:db:ec:1c:94:13:d8:5d:42:
bc:9c:dd:2a:88:6c:1d:cc:99:d5:62:86:29:f0:8c:14:1f:40:
ef:d4:b8:a6:72:eb:3d:13:76:0b:33:2b:20:7a:68:fe:d5:12:
5b:f9:bf:c0:40:1a:c3:5d:16:89:82:01:bd:f2:1c:51:f6:40:
2b:ac:9a:3b:68:ca:41:76:cd:b9:70:f9:41:9f:df:76:96:47:
c9:c1:12:e7:68:df:ea:7f:f9:81:f8:34:86:5c:fe:14:84:06:
c5:10:08:a5:f8:b8:ef:62:14:47:71:4e:b5:03:1b:32:74:bc:
2e:cd:00:9b:de:2a:14:9a:39:7c:65:e8:ec:7b:51:3e:2e:43:
82:66:ff:f9:df:7c:e9:db:78:28:d5:4f:26:4d:da:ab:0c:e0:
41:66:b5:70:e9:4d:da:1f:aa:6a:0a:93:e4:ef:85:c8:82:48:
76:0b:2d:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYglFkjXM+lpqk98JEWN8MdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE2MTUwMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjJhNzRkMDExOTc3YjY2MzViNmRlMWE1ZGMzMjlkNWFlYzdhMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8rhrTX/BeFbPNOBzvklu1xmsU5/
8zh6eIbV/HnndFhnNnPzAqlkkzHOTHVnj9jRX+WNqkfw66joQWvq4zXjsYEEvdKl
4Glm0JGrM3tK07Yp87LC/23Q6C3H9mHTbwrH525To5PNpNkdSRiZSox5YHvNUegS
tBwkLerRX6iiPgV2Okolw26azqUqDGxu6l4gzlaUb+epXrC65/deUgYgHjPeUYh/
rU683L5z/FWBLUhfRo0qdpgDKi8au8hzsOpHmTs3gKS/LmOqh/7o4zkR3pUV722K
FytJh0Ns9NDO84qzjUhLz0gYAw00eCfCCK9j9z4M2gEQicN+4xKIbJB3ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBYqdNARl3tmNbbeGl3DKdWux6JYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRmlwMDBCR1hlMlkxdHQ0YVhjTXAxYTdIb2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVBWtAwQA
V3k7MA0GCSqGSIb3DQEBCwUAA4IBAQBZ+Yt0N6KYk/vKNBZhIRhrssdKl84XfEXl
gV/U806lwRlZQRPZ7WNt2I5uiuM1Pfwq3rG3ZHo8QUV2EfNbl5nTHAvAsYu9o7cC
hT3/V5ICH0kO2+wclBPYXUK8nN0qiGwdzJnVYoYp8IwUH0Dv1Limcus9E3YLMysg
emj+1RJb+b/AQBrDXRaJggG98hxR9kArrJo7aMpBds25cPlBn992lkfJwRLnaN/q
f/mB+DSGXP4UhAbFEAil+LjvYhRHcU61AxsydLwuzQCb3ioUmjl8Zejse1E+LkOC
Zv/533zp23go1U8mTdqrDOBBZrVw6U3aH6pqCpPk74XIgkh2Cy1A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:03 2024 by rpki-client on console-fra.rpki-client.org