Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_bH6VOuxkkZWuA4EhlslLB_KODQ.roa
File: _bH6VOuxkkZWuA4EhlslLB_KODQ.roa (raw, json)
Hash identifier: bEa5dvCJfEGzjXON2KJ+b269yYUsILSo/7W5CIDHvlo=
Subject key identifier: FD:B1:FA:54:EB:B1:92:46:56:B8:0E:04:86:5B:25:2C:1F:CA:38:34
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186503717436B3EC4EBF0D2372D53CABB00
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_bH6VOuxkkZWuA4EhlslLB_KODQ.roa
Signing time: Tue 14 Feb 2023 13:57:13 +0000
ROA not before: Tue 14 Feb 2023 13:57:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20454
IP address blocks: 81.161.237.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
93.123.81.0/24 maxlen: 24
87.120.5.0/24 maxlen: 24
94.156.182.0/23 maxlen: 24
94.154.174.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:37:17:43:6b:3e:c4:eb:f0:d2:37:2d:53:ca:bb:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 14 13:57:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdb1fa54ebb1924656b80e04865b252c1fca3834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:74:23:06:c9:a6:16:b5:b8:30:00:b1:da:a5:
30:12:3e:cc:e6:20:bf:f3:f9:0b:96:d7:6f:4e:0f:
18:65:e7:81:69:8b:f0:d3:cc:b4:09:37:81:4d:97:
07:6e:52:6e:ce:44:ca:fd:80:29:78:d5:40:b2:c8:
4b:c2:35:9d:03:25:46:94:66:82:ac:6d:2e:de:49:
c0:c9:51:9d:c4:fa:5b:f8:21:bd:f7:45:dd:69:36:
3f:d4:15:c1:b3:57:c0:28:9d:07:79:d0:b3:03:d5:
90:b0:7c:47:76:06:bc:25:49:9b:4e:62:dc:0f:b3:
b2:e5:29:f2:1b:d9:4c:43:37:67:7d:4d:9a:48:86:
c2:4f:c4:e1:8e:b8:af:4b:c0:94:b5:cb:90:e4:c7:
96:62:1e:84:2d:bc:65:ff:3a:47:1f:e8:d8:33:8c:
b6:7d:f5:cc:0b:74:65:76:d6:c4:30:b1:81:f3:d1:
21:c4:89:56:f6:54:dc:27:14:7a:8c:ba:b6:e9:31:
ee:da:43:ad:a7:88:1e:92:a4:d4:b8:18:e4:e3:48:
18:6b:b9:fe:13:d1:97:70:65:ca:8f:3e:3d:20:47:
e2:b0:cd:05:00:3f:f2:6f:fa:d5:7b:cf:24:56:43:
74:93:41:b1:09:93:e4:0f:49:b2:eb:d6:0d:4e:cd:
d8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B1:FA:54:EB:B1:92:46:56:B8:0E:04:86:5B:25:2C:1F:CA:38:34
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_bH6VOuxkkZWuA4EhlslLB_KODQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
87.120.5.0/24
87.121.58.0/24
93.123.81.0/24
94.154.174.0/23
94.156.182.0/23
Signature Algorithm: sha256WithRSAEncryption
36:a3:7c:96:4b:32:c0:90:3e:b4:f2:d2:79:99:88:2f:2a:de:
4a:47:49:0c:d8:5f:c4:0a:ff:a4:74:48:92:d7:6c:0a:46:67:
65:8b:86:8a:71:71:67:9f:8a:2c:18:f1:91:f4:bc:ff:cf:b3:
fc:b6:d8:c9:0a:ca:ae:52:b5:21:ae:b8:bf:a2:4b:ea:e3:f4:
7c:e3:c8:6e:f2:ed:fe:99:60:67:7b:b4:a6:7c:5c:0e:c5:e9:
bc:96:0f:09:a4:a7:06:34:0a:33:b5:4d:11:54:65:da:46:04:
90:3d:40:7f:88:85:81:79:cf:39:96:ef:68:00:ca:2f:79:57:
bf:ec:bb:48:57:46:05:c8:8f:f1:dc:a1:58:81:f3:b9:c5:3f:
a0:06:8e:30:9c:46:5e:6a:91:c6:70:71:a9:2f:9c:e9:43:46:
c9:38:c7:87:d3:a8:1e:2a:4e:cd:01:78:5d:62:ba:ad:8e:ad:
d2:3d:00:2b:bb:a7:00:40:c3:8b:6a:d4:6b:a6:72:ff:02:b2:
9c:57:02:7a:82:9b:96:fe:d6:30:4e:c3:37:51:19:8e:e4:2b:
38:ca:22:dc:25:88:38:8f:55:07:48:a7:6e:3d:70:6c:19:71:
d9:c2:36:4e:69:23:5c:ad:23:5d:65:55:f5:3e:01:5a:48:8d:
c2:a6:ce:fb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZQNxdDaz7E6/DSNy1TyrsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjE0MTM1NzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIxZmE1NGViYjE5MjQ2NTZiODBlMDQ4NjViMjUyYzFmY2EzODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHQjBsmmFrW4MACx2qUwEj7M5iC/
8/kLltdvTg8YZeeBaYvw08y0CTeBTZcHblJuzkTK/YApeNVAsshLwjWdAyVGlGaC
rG0u3knAyVGdxPpb+CG990XdaTY/1BXBs1fAKJ0HedCzA9WQsHxHdga8JUmbTmLc
D7Oy5SnyG9lMQzdnfU2aSIbCT8ThjrivS8CUtcuQ5MeWYh6ELbxl/zpHH+jYM4y2
ffXMC3RldtbEMLGB89EhxIlW9lTcJxR6jLq26THu2kOtp4gekqTUuBjk40gYa7n+
E9GXcGXKjz49IEfisM0FAD/yb/rVe88kVkN0k0GxCZPkD0my69YNTs3Y+QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP2x+lTrsZJGVrgOBIZbJSwfyjg0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX2JINlZPdXhra1pXdUE0RWhsc2xMQl9LT0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUaHtAwQA
V3gFAwQAV3k6AwQAXXtRAwQBXpquAwQBXpy2MA0GCSqGSIb3DQEBCwUAA4IBAQA2
o3yWSzLAkD608tJ5mYgvKt5KR0kM2F/ECv+kdEiS12wKRmdli4aKcXFnn4osGPGR
9Lz/z7P8ttjJCsquUrUhrri/okvq4/R848hu8u3+mWBne7SmfFwOxem8lg8JpKcG
NAoztU0RVGXaRgSQPUB/iIWBec85lu9oAMoveVe/7LtIV0YFyI/x3KFYgfO5xT+g
Bo4wnEZeapHGcHGpL5zpQ0bJOMeH06geKk7NAXhdYrqtjq3SPQAru6cAQMOLatRr
pnL/ArKcVwJ6gpuW/tYwTsM3URmO5Cs4yiLcJYg4j1UHSKduPXBsGXHZwjZOaSNc
rSNdZVX1PgFaSI3Cps77
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org