Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TkkZdcQMwktsbRt2nacgBCPG3f0.roa
File: TkkZdcQMwktsbRt2nacgBCPG3f0.roa (raw, json)
Hash identifier: tBEAja0Lwvqp4d68o9CbDWa8wYRd8p3sgzBsr24+sng=
Subject key identifier: 4E:49:19:75:C4:0C:C2:4B:6C:6D:1B:76:9D:A7:20:04:23:C6:DD:FD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01881E49BEDF3BBFF2B1458DC83A0677894F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TkkZdcQMwktsbRt2nacgBCPG3f0.roa
Signing time: Mon 15 May 2023 07:22:09 +0000
ROA not before: Mon 15 May 2023 07:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 84.21.173.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:49:be:df:3b:bf:f2:b1:45:8d:c8:3a:06:77:89:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 15 07:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e491975c40cc24b6c6d1b769da7200423c6ddfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a4:22:cb:a2:52:46:e9:e7:93:ba:65:01:c6:
89:be:f6:72:69:51:92:a0:48:90:3d:9b:f7:c8:da:
96:b5:90:85:e9:66:b0:2d:fe:24:1f:21:f9:b7:85:
76:1f:a2:62:9a:6d:62:26:0c:6e:15:6f:6b:1f:3d:
37:b3:2d:c1:81:7e:80:f8:47:83:c3:c4:df:0f:32:
e4:0a:ca:55:46:1c:99:86:23:09:ef:38:1f:36:39:
44:15:7e:21:8d:40:31:55:e2:ad:aa:b2:44:90:a6:
31:05:94:15:4f:9f:55:4a:51:c4:bb:96:04:00:1d:
e4:11:30:35:9b:7d:03:93:66:b1:8c:7e:7e:e3:98:
c3:7a:ef:b5:e3:e4:40:3f:5f:2e:30:a7:bc:0f:c2:
a1:d0:af:60:c4:ce:dd:58:f2:76:0e:7c:13:10:3b:
03:20:52:2c:3e:db:01:34:e7:88:68:da:e6:04:4c:
7b:c9:36:bd:57:2d:95:35:e7:0c:c0:92:c7:68:c2:
ec:db:68:79:1d:86:ff:16:75:98:bd:8f:8a:98:0d:
b6:fc:4d:18:86:1a:34:16:75:9f:61:75:97:a0:28:
8b:8d:13:d7:bc:d5:da:b4:78:0c:85:a7:f2:3f:1f:
66:23:51:34:16:01:e5:d6:13:39:51:f7:4b:af:dc:
15:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:49:19:75:C4:0C:C2:4B:6C:6D:1B:76:9D:A7:20:04:23:C6:DD:FD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TkkZdcQMwktsbRt2nacgBCPG3f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
87.121.59.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:03:72:be:c5:30:fa:fd:eb:49:ab:73:00:ef:bc:a3:55:87:
c1:e0:59:05:f3:5d:a6:63:c0:47:51:45:92:46:41:dc:d3:ed:
35:94:5a:fb:3e:71:fb:fd:21:c1:59:95:72:8f:89:a7:85:36:
8f:d0:6a:33:bd:7d:88:a8:b4:35:be:19:ce:cb:1a:80:83:83:
c6:fe:98:da:56:60:93:2e:fb:8f:b5:fc:fc:eb:e6:12:5d:5c:
57:60:18:a5:8b:4f:42:df:5a:69:44:10:76:a1:e7:3d:5c:61:
88:b0:ec:18:2a:24:c8:e9:9e:84:33:b8:23:fc:f1:9a:98:70:
c4:5d:b3:b8:79:bb:db:20:5c:66:72:3b:f5:ec:4d:a6:2c:f3:
71:e8:c4:49:7b:ab:f8:ec:cb:75:32:86:d3:12:4d:a8:45:55:
4a:53:d3:54:4b:2a:3b:17:b4:ef:ab:9d:52:f4:63:1a:ef:7d:
a2:7e:d6:c3:5e:f2:62:02:59:a9:14:6c:fd:65:3d:bd:28:79:
90:00:47:3c:f8:21:46:23:d5:40:d1:22:f0:ef:a9:e8:05:b4:
dd:3d:56:d9:49:58:b0:ea:39:78:2a:ca:ee:0c:30:29:22:00:
56:40:da:d4:35:1f:df:09:fc:b5:5a:57:c7:d6:40:ad:e5:4c:
09:cf:42:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgeSb7fO7/ysUWNyDoGd4lPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE1MDcyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQ5MTk3NWM0MGNjMjRiNmM2ZDFiNzY5ZGE3MjAwNDIzYzZkZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Qiy6JSRunnk7plAcaJvvZyaVGS
oEiQPZv3yNqWtZCF6WawLf4kHyH5t4V2H6Jimm1iJgxuFW9rHz03sy3BgX6A+EeD
w8TfDzLkCspVRhyZhiMJ7zgfNjlEFX4hjUAxVeKtqrJEkKYxBZQVT59VSlHEu5YE
AB3kETA1m30Dk2axjH5+45jDeu+14+RAP18uMKe8D8Kh0K9gxM7dWPJ2DnwTEDsD
IFIsPtsBNOeIaNrmBEx7yTa9Vy2VNecMwJLHaMLs22h5HYb/FnWYvY+KmA22/E0Y
hho0FnWfYXWXoCiLjRPXvNXatHgMhafyPx9mI1E0FgHl1hM5UfdLr9wV4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE5JGXXEDMJLbG0bdp2nIAQjxt39MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVGtrWmRjUU13a3RzYlJ0Mm5hY2dCQ1BHM2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVBWtAwQA
V3k7MA0GCSqGSIb3DQEBCwUAA4IBAQBOA3K+xTD6/etJq3MA77yjVYfB4FkF812m
Y8BHUUWSRkHc0+01lFr7PnH7/SHBWZVyj4mnhTaP0GozvX2IqLQ1vhnOyxqAg4PG
/pjaVmCTLvuPtfz86+YSXVxXYBili09C31ppRBB2oec9XGGIsOwYKiTI6Z6EM7gj
/PGamHDEXbO4ebvbIFxmcjv17E2mLPNx6MRJe6v47Mt1MobTEk2oRVVKU9NUSyo7
F7Tvq51S9GMa732iftbDXvJiAlmpFGz9ZT29KHmQAEc8+CFGI9VA0SLw76noBbTd
PVbZSViw6jl4KsruDDApIgBWQNrUNR/fCfy1WlfH1kCt5UwJz0Kl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org