Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qBT7ZAYJRV5JZwrOfjlh-UBCFWQ.roa
File: qBT7ZAYJRV5JZwrOfjlh-UBCFWQ.roa (raw, json)
Hash identifier: EPSWIG+9sSEuIeZkL6aBKbb8DG80IH3oimuhv9AiTcM=
Subject key identifier: A8:14:FB:64:06:09:45:5E:49:67:0A:CE:7E:39:61:F9:40:42:15:64
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1EE8DBDA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qBT7ZAYJRV5JZwrOfjlh-UBCFWQ.roa
Signing time: Tue 07 Jun 2022 08:01:20 +0000
ROA not before: Tue 07 Jun 2022 08:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 87.121.124.0/23 maxlen: 24
87.121.122.0/23 maxlen: 24
81.161.238.0/23 maxlen: 24
185.207.12.0/24 maxlen: 24
193.168.196.0/22 maxlen: 24
193.37.46.0/24 maxlen: 24
94.154.174.0/23 maxlen: 24
109.206.237.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 518577114 (0x1ee8dbda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 7 08:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a814fb640609455e49670ace7e3961f940421564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:16:2f:19:24:8d:6b:7f:23:52:0c:af:e3:
fc:09:f0:1d:9f:ec:a0:48:df:3d:38:34:e7:bf:02:
82:d0:d5:e4:5e:f8:6e:20:ca:8c:2d:44:53:75:96:
17:bd:93:7b:89:41:e6:69:ff:a6:8b:57:96:fa:9c:
32:db:ec:9f:e0:86:95:bd:cb:c3:51:2b:27:29:14:
d2:33:d9:73:a3:a7:fa:3e:05:b4:18:40:01:7e:7d:
a3:d3:2e:99:cf:47:cb:6d:de:99:f5:8e:96:c7:69:
9e:73:b1:92:9a:4e:03:87:8d:42:00:6e:bf:de:f9:
3f:47:23:fc:e3:ea:0f:4e:27:03:bd:0d:19:68:7c:
a6:c8:35:85:6d:72:fc:88:69:2e:ae:13:dd:a8:86:
df:44:0c:1d:95:de:8e:8c:17:54:bb:2c:2f:1f:3f:
1e:9c:14:1c:a2:01:9f:78:37:f5:be:c0:9e:ae:92:
21:18:05:b3:79:a3:ef:e4:29:ee:3a:c2:37:4d:7b:
56:ec:ee:34:c8:d6:78:e5:8d:37:d1:3a:25:9f:3a:
38:f7:61:05:88:cc:a9:c8:c8:23:05:70:ac:13:c2:
2d:d8:cb:dc:86:01:ff:3c:06:a9:6a:6a:21:45:12:
c2:1c:d1:2b:2c:5c:8e:0c:39:97:9a:47:d1:ad:11:
67:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:14:FB:64:06:09:45:5E:49:67:0A:CE:7E:39:61:F9:40:42:15:64
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qBT7ZAYJRV5JZwrOfjlh-UBCFWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/23
87.121.122.0-87.121.125.255
88.218.76.0/22
94.154.174.0/23
109.206.237.0/24
185.207.12.0/24
193.37.46.0/24
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
05:9a:51:d8:87:94:98:ec:8c:81:fc:0b:90:e5:73:1b:75:28:
d0:56:55:95:4f:de:6e:66:18:ae:d9:fa:00:f7:99:49:52:b0:
8e:af:14:0e:dd:87:46:45:f3:43:a8:33:eb:f6:dd:ad:20:cc:
e0:81:27:48:05:48:39:32:9b:c8:6d:c5:a9:c8:aa:b9:b8:8c:
bb:99:26:09:28:73:bf:bd:dd:00:b1:f0:30:ea:c9:d7:82:f9:
3d:43:e5:b1:1a:04:39:62:a5:35:c6:ad:e7:3e:4e:2e:51:5d:
de:ad:ae:97:a0:1b:ad:98:c1:51:8a:b9:5e:61:f6:75:34:3e:
02:b1:35:4c:d7:18:9f:d4:0b:3d:df:ed:13:55:93:ee:a1:33:
b7:df:e3:81:c7:01:29:74:ad:15:34:20:f5:f2:00:24:35:ce:
75:5e:f2:89:da:54:5b:53:c9:6c:d6:03:f6:90:a0:31:12:83:
bd:41:17:48:e4:98:d7:35:c8:a1:f4:cd:93:8c:54:8e:c7:72:
42:45:bd:be:6c:17:13:41:93:d8:66:c6:3d:60:7b:93:a9:da:
9b:0a:0d:74:29:89:89:51:f3:30:36:8f:0c:be:c2:78:dd:71:
36:78:09:26:d3:dd:96:5e:48:9e:95:2d:a2:1f:f0:59:3c:2e:
99:24:19:28
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEHujb2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYw
NzA4MDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTgxNGZiNjQwNjA5
NDU1ZTQ5NjcwYWNlN2UzOTYxZjk0MDQyMTU2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtDFi8ZJI1rfyNSDK/j/AnwHZ/soEjfPTg0578CgtDV5F74
biDKjC1EU3WWF72Te4lB5mn/potXlvqcMtvsn+CGlb3Lw1ErJykU0jPZc6On+j4F
tBhAAX59o9Mumc9Hy23emfWOlsdpnnOxkppOA4eNQgBuv975P0cj/OPqD04nA70N
GWh8psg1hW1y/IhpLq4T3aiG30QMHZXejowXVLssLx8/HpwUHKIBn3g39b7Anq6S
IRgFs3mj7+Qp7jrCN017VuzuNMjWeOWNN9E6JZ86OPdhBYjMqcjIIwVwrBPCLdjL
3IYB/zwGqWpqIUUSwhzRKyxcjgw5l5pH0a0RZ0cCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBSoFPtkBglFXklnCs5+OWH5QEIVZDAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L3FCVDdaQVlKUlY1Slp3ck9mamxoLVVCQ0ZXUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAVGh7jAMAwQBV3l6AwQBV3l8AwQC
WNpMAwQBXpquAwQAbc7tAwQAuc8MAwQAwSUuAwQCwajEMA0GCSqGSIb3DQEBCwUA
A4IBAQAFmlHYh5SY7IyB/AuQ5XMbdSjQVlWVT95uZhiu2foA95lJUrCOrxQO3YdG
RfNDqDPr9t2tIMzggSdIBUg5MpvIbcWpyKq5uIy7mSYJKHO/vd0AsfAw6snXgvk9
Q+WxGgQ5YqU1xq3nPk4uUV3era6XoButmMFRirleYfZ1ND4CsTVM1xif1As93+0T
VZPuoTO33+OBxwEpdK0VNCD18gAkNc51XvKJ2lRbU8ls1gP2kKAxEoO9QRdI5JjX
Ncih9M2TjFSOx3JCRb2+bBcTQZPYZsY9YHuTqdqbCg10KYmJUfMwNo8MvsJ43XE2
eAkm092WXkielS2iH/BZPC6ZJBko
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org