Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x_KIEGSVQYdeL6AGtC1-2D-ekhI.roa
File: x_KIEGSVQYdeL6AGtC1-2D-ekhI.roa (raw, json)
Hash identifier: WlLfQtgqjUQMYXUgkVImtC2ca8N3JLl4ps9DdAmIDf4=
Subject key identifier: C7:F2:88:10:64:95:41:87:5E:2F:A0:06:B4:2D:7E:D8:3F:9E:92:12
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D88CB6D4C9B0FE787BC1E7B86AEBBB59C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x_KIEGSVQYdeL6AGtC1-2D-ekhI.roa
Signing time: Thu 08 Feb 2024 12:57:29 +0000
ROA not before: Thu 08 Feb 2024 12:57:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47757
IP address blocks: 45.129.86.0/23 maxlen: 24
94.156.72.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:cb:6d:4c:9b:0f:e7:87:bc:1e:7b:86:ae:bb:b5:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 8 12:57:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7f28810649541875e2fa006b42d7ed83f9e9212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c2:27:72:b7:a0:f7:fb:bb:61:43:cf:c4:1b:
8b:9d:b7:83:e1:8a:3d:1d:37:dc:4d:e2:66:28:78:
31:a6:9a:34:cf:58:a7:3f:84:83:0c:39:1e:4a:47:
1d:a1:6e:33:fa:67:fa:95:47:1b:af:12:88:b3:a9:
64:15:79:ec:6d:89:38:c9:54:e7:f1:18:6d:00:58:
80:9a:89:9a:1f:1c:b1:a5:29:55:56:ef:d8:92:14:
12:d3:87:ac:21:96:3c:c1:fa:53:e6:00:30:9c:c2:
fd:a3:c8:bc:7a:24:ad:b6:23:fe:ca:86:8f:a9:99:
e8:e3:b9:98:ec:e6:e0:ac:9b:83:ff:8f:81:c9:34:
00:a9:82:dd:36:25:a2:1d:35:2e:3a:c2:ca:e7:8b:
a4:77:9d:2d:a0:54:d5:93:72:78:16:5a:6b:1b:65:
fb:e0:2f:39:e7:6c:2e:22:e5:40:eb:d8:55:4e:57:
06:6d:1c:ad:b1:63:43:bf:6e:b2:5e:fb:69:b7:02:
48:87:9a:d5:90:db:bf:e2:c8:db:9a:b5:ae:00:bd:
4c:d7:12:73:f6:59:13:e5:6c:4e:5e:65:34:94:dc:
4e:71:44:17:50:c6:17:3e:da:ec:36:f3:89:b2:1f:
8d:6a:3d:28:12:39:4b:c6:ec:0b:ce:8c:7f:f9:bb:
de:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F2:88:10:64:95:41:87:5E:2F:A0:06:B4:2D:7E:D8:3F:9E:92:12
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x_KIEGSVQYdeL6AGtC1-2D-ekhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.86.0/23
94.156.72.0/23
Signature Algorithm: sha256WithRSAEncryption
37:02:9c:51:03:32:10:6f:0f:78:4f:d2:35:df:5b:db:5a:95:
1d:db:73:4f:4b:4c:b3:66:ac:5c:6f:ab:d1:fc:1c:f7:d9:6d:
6c:4f:d1:cb:99:38:a7:ea:d3:63:0b:b1:2c:ea:00:54:a1:27:
b7:c2:10:b3:d3:3e:f2:92:dc:bb:19:92:de:68:dd:14:8a:a9:
38:40:92:5e:3b:22:30:b7:54:af:45:eb:7b:1b:a3:7c:bf:6e:
29:7d:75:bf:ef:6d:1c:7a:79:b9:5e:40:1e:13:ea:f0:ae:d9:
5c:10:43:01:ef:df:26:bd:f3:40:f6:71:e4:12:10:34:ef:9c:
73:85:ed:6d:31:ee:db:08:35:ff:3f:c6:79:cb:a3:88:68:37:
92:bd:4b:4b:cb:38:33:ec:19:49:58:bf:59:f6:bc:01:1a:15:
7b:4c:b7:0d:a0:10:5a:97:8e:27:56:b8:b5:37:da:6e:dd:fc:
34:57:40:1d:53:72:f8:16:53:78:21:96:1b:1e:d2:88:7d:f3:
2e:05:ed:8e:4d:f7:8d:de:a2:9f:cc:c1:33:6c:29:f2:99:65:
cc:aa:5b:09:af:50:4e:d2:35:c1:d7:a5:0a:85:8a:46:bb:a3:
c2:ad:1a:08:7e:86:65:82:5b:55:be:88:f5:a0:fc:dc:ea:2e:
77:c1:18:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2Iy21Mmw/nh7wee4auu7WcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjA4MTI1NzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2YyODgxMDY0OTU0MTg3NWUyZmEwMDZiNDJkN2VkODNmOWU5MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcIncreg9/u7YUPPxBuLnbeD4Yo9
HTfcTeJmKHgxppo0z1inP4SDDDkeSkcdoW4z+mf6lUcbrxKIs6lkFXnsbYk4yVTn
8RhtAFiAmomaHxyxpSlVVu/YkhQS04esIZY8wfpT5gAwnML9o8i8eiSttiP+yoaP
qZno47mY7ObgrJuD/4+ByTQAqYLdNiWiHTUuOsLK54ukd50toFTVk3J4FlprG2X7
4C8552wuIuVA69hVTlcGbRytsWNDv26yXvtptwJIh5rVkNu/4sjbmrWuAL1M1xJz
9lkT5WxOXmU0lNxOcUQXUMYXPtrsNvOJsh+Naj0oEjlLxuwLzox/+bve+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMfyiBBklUGHXi+gBrQtftg/npISMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveF9LSUVHU1ZRWWRlTDZBR3RDMS0yRC1la2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYFWAwQB
XpxIMA0GCSqGSIb3DQEBCwUAA4IBAQA3ApxRAzIQbw94T9I131vbWpUd23NPS0yz
Zqxcb6vR/Bz32W1sT9HLmTin6tNjC7Es6gBUoSe3whCz0z7ykty7GZLeaN0Uiqk4
QJJeOyIwt1SvRet7G6N8v24pfXW/720cenm5XkAeE+rwrtlcEEMB798mvfNA9nHk
EhA075xzhe1tMe7bCDX/P8Z5y6OIaDeSvUtLyzgz7BlJWL9Z9rwBGhV7TLcNoBBa
l44nVri1N9pu3fw0V0AdU3L4FlN4IZYbHtKIffMuBe2OTfeN3qKfzMEzbCnymWXM
qlsJr1BO0jXB16UKhYpGu6PCrRoIfoZlgltVvoj1oPzc6i53wRiH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:46 2024 by rpki-client on console-ams.rpki-client.org