Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xOLV869hS5-t0ajMezu10vgwwLc.roa
File: xOLV869hS5-t0ajMezu10vgwwLc.roa (raw, json)
Hash identifier: Cq/Gqtbf3fk6e6Jez+SvGHp7vXin0jz6B46bgUyIBLA=
Subject key identifier: C4:E2:D5:F3:AF:61:4B:9F:AD:D1:A8:CC:7B:3B:B5:D2:F8:30:C0:B7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C8B520BB126A7729F593652F60670D5F5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xOLV869hS5-t0ajMezu10vgwwLc.roa
Signing time: Thu 21 Dec 2023 07:40:59 +0000
ROA not before: Thu 21 Dec 2023 07:40:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199605
IP address blocks: 171.22.31.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:52:0b:b1:26:a7:72:9f:59:36:52:f6:06:70:d5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 21 07:40:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4e2d5f3af614b9fadd1a8cc7b3bb5d2f830c0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:58:db:30:9c:51:00:aa:a9:41:2c:5b:92:23:
02:77:a3:66:5e:84:cc:e2:56:b4:d2:26:7c:7f:39:
0d:03:f6:b4:db:15:7f:f0:f0:4f:36:85:1c:42:b9:
67:a9:ea:d0:3b:c3:78:79:43:43:90:ec:d3:88:8c:
c2:41:93:3b:82:6c:1f:fb:2b:57:27:78:72:96:9b:
65:63:aa:db:ce:7c:7b:ec:21:c6:3e:ff:15:a9:17:
4f:b9:4f:22:3a:0a:fb:a8:a7:e8:c8:f4:78:2c:3e:
4c:f2:2d:e7:80:7a:61:10:07:b5:54:fa:dc:9e:2b:
5f:58:24:20:8c:8d:de:87:ff:db:15:36:21:d9:d9:
da:f8:7e:96:9f:f4:91:29:b5:3b:5c:ee:00:20:58:
81:52:54:41:c1:40:a8:bb:1d:25:f5:01:9c:d8:42:
b3:e5:a0:b7:51:da:59:7f:b7:a0:6a:28:12:4b:9c:
57:5b:15:8f:32:a1:02:27:3f:7a:e1:e4:0d:32:0a:
11:e4:c7:06:c7:76:13:28:e5:b7:84:f5:95:60:7c:
bf:e0:a6:d4:c7:b1:c4:04:3b:94:2e:2b:85:fc:a7:
83:8f:15:cb:4e:a3:1f:f6:23:c2:96:a1:4b:7a:05:
4f:57:a2:3d:04:3e:e2:e7:c1:11:68:f4:0f:be:f1:
4b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E2:D5:F3:AF:61:4B:9F:AD:D1:A8:CC:7B:3B:B5:D2:F8:30:C0:B7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xOLV869hS5-t0ajMezu10vgwwLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
171.22.31.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:da:96:85:83:ad:85:93:ca:e0:13:5b:53:38:2b:43:0e:f0:
e2:e4:48:44:44:5a:3d:7c:1d:e4:73:30:37:32:bf:2b:28:60:
57:7f:bd:09:53:22:1c:65:a1:29:fd:3e:47:f8:94:7f:1f:24:
16:32:01:56:b2:0a:58:c2:5c:a3:a8:7c:59:1f:58:65:83:ad:
6a:eb:75:86:75:d7:e1:1e:88:73:db:c7:8e:92:58:68:cb:75:
f3:34:b6:3a:48:3f:ed:07:08:23:d6:f0:66:0f:bb:1c:1e:7f:
08:b4:c6:08:41:24:1b:bd:5f:70:50:1f:09:a6:d8:d2:39:a0:
42:a2:6f:c5:5c:7a:81:af:69:b3:ff:2e:61:81:7c:a2:41:ad:
29:ac:7e:9c:89:eb:d2:fa:a9:91:2c:cf:e5:1c:d7:fa:03:5b:
a8:f7:c9:1c:93:71:43:26:90:1e:dd:3c:d1:f4:6a:13:41:9e:
a0:90:f1:9c:95:62:a3:2a:9f:e6:20:2d:fe:f5:64:ee:27:16:
e0:33:66:77:6f:58:a8:40:05:3a:4f:c3:a8:e9:e3:a2:af:5e:
9a:46:78:33:83:bb:1f:83:1e:cf:dd:ff:a0:34:b7:b8:1d:8a:
5e:c8:21:5b:ba:3c:24:29:c0:5f:c4:be:45:86:1f:e3:18:67:
09:a5:59:14
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyLUguxJqdyn1k2UvYGcNX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIxMDc0MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGUyZDVmM2FmNjE0YjlmYWRkMWE4Y2M3YjNiYjVkMmY4MzBjMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFjbMJxRAKqpQSxbkiMCd6NmXoTM
4la00iZ8fzkNA/a02xV/8PBPNoUcQrlnqerQO8N4eUNDkOzTiIzCQZM7gmwf+ytX
J3hylptlY6rbznx77CHGPv8VqRdPuU8iOgr7qKfoyPR4LD5M8i3ngHphEAe1VPrc
nitfWCQgjI3eh//bFTYh2dna+H6Wn/SRKbU7XO4AIFiBUlRBwUCoux0l9QGc2EKz
5aC3UdpZf7egaigSS5xXWxWPMqECJz964eQNMgoR5McGx3YTKOW3hPWVYHy/4KbU
x7HEBDuULiuF/KeDjxXLTqMf9iPClqFLegVPV6I9BD7i58ERaPQPvvFLeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMTi1fOvYUufrdGozHs7tdL4MMC3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveE9MVjg2OWhTNS10MGFqTWV6dTEwdmd3d0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJYuCAwQA
LYFUAwQAqxYfAwQAwSMTMA0GCSqGSIb3DQEBCwUAA4IBAQCM2paFg62Fk8rgE1tT
OCtDDvDi5EhERFo9fB3kczA3Mr8rKGBXf70JUyIcZaEp/T5H+JR/HyQWMgFWsgpY
wlyjqHxZH1hlg61q63WGddfhHohz28eOklhoy3XzNLY6SD/tBwgj1vBmD7scHn8I
tMYIQSQbvV9wUB8JptjSOaBCom/FXHqBr2mz/y5hgXyiQa0prH6cievS+qmRLM/l
HNf6A1uo98kck3FDJpAe3TzR9GoTQZ6gkPGclWKjKp/mIC3+9WTuJxbgM2Z3b1io
QAU6T8Oo6eOir16aRngzg7sfgx7P3f+gNLe4HYpeyCFbujwkKcBfxL5Fhh/jGGcJ
pVkU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:46 2024 by rpki-client on console-ams.rpki-client.org