Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b46f93-b86f-462c-8d44-8b5ef68b41bd/1/P82d92aALAQOAVoCVspx-JndgDE.roa
File: P82d92aALAQOAVoCVspx-JndgDE.roa (raw, json)
Hash identifier: do21DSTisggqZGAfO2oE4PvLtHz/6t0bBJ4GulkbeRI=
Subject key identifier: 3F:CD:9D:F7:66:80:2C:04:0E:01:5A:02:56:CA:71:F8:99:DD:80:31
Certificate issuer: /CN=8b158127e987fe03711b7a97d4ca9dfa0006528c
Certificate serial: 031453E2
Authority key identifier: 8B:15:81:27:E9:87:FE:03:71:1B:7A:97:D4:CA:9D:FA:00:06:52:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ixWBJ-mH_gNxG3qX1Mqd-gAGUow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b46f93-b86f-462c-8d44-8b5ef68b41bd/1/P82d92aALAQOAVoCVspx-JndgDE.roa
Signing time: Tue 17 May 2022 15:32:02 +0000
ROA not before: Tue 17 May 2022 15:32:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60079
IP address blocks: 151.216.128.0/17 maxlen: 17
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51663842 (0x31453e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b158127e987fe03711b7a97d4ca9dfa0006528c
Validity
Not Before: May 17 15:32:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fcd9df766802c040e015a0256ca71f899dd8031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f3:39:b9:2b:8e:90:c7:b9:4f:40:88:44:00:
de:bf:85:a1:ff:f9:ed:51:3c:5b:59:40:37:ee:85:
bd:8c:f6:fe:71:e2:ea:2c:8b:96:ba:73:77:9e:16:
73:b9:54:45:1a:5b:3f:4f:d5:49:4a:0c:53:cf:f8:
ba:2a:cd:14:24:ef:93:87:e8:a2:c1:75:dd:ee:81:
8a:c4:94:d3:5d:a4:5f:c3:bf:0b:0a:00:34:6d:92:
7a:33:6a:25:42:3c:0a:62:11:4e:c1:4c:4c:df:06:
50:c7:f6:a6:71:30:5c:84:4d:cd:c0:63:64:df:c3:
24:b8:62:7c:c8:7b:cf:59:c0:3d:4d:89:8e:5f:e1:
7b:f0:87:1a:2b:bb:67:2a:0a:01:42:cc:6f:71:2c:
51:04:70:d1:96:f0:f8:f6:fd:9b:e3:0e:4b:6a:2c:
df:1c:f7:60:63:70:fa:e4:05:63:b9:97:af:fc:42:
32:f6:85:75:17:0a:0a:9f:12:5b:fe:48:64:5b:40:
4b:75:ea:38:21:c5:ad:3c:8e:90:9c:1c:11:46:c7:
94:ad:46:7d:0b:ef:53:d7:90:a1:c7:50:fe:a8:51:
40:0c:6d:74:0f:fa:31:e1:29:e2:bd:ba:03:42:b5:
ba:11:a3:ad:8f:d2:6a:37:7d:ec:2b:9d:7d:25:e3:
b7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CD:9D:F7:66:80:2C:04:0E:01:5A:02:56:CA:71:F8:99:DD:80:31
X509v3 Authority Key Identifier:
keyid:8B:15:81:27:E9:87:FE:03:71:1B:7A:97:D4:CA:9D:FA:00:06:52:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ixWBJ-mH_gNxG3qX1Mqd-gAGUow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b46f93-b86f-462c-8d44-8b5ef68b41bd/1/P82d92aALAQOAVoCVspx-JndgDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b46f93-b86f-462c-8d44-8b5ef68b41bd/1/ixWBJ-mH_gNxG3qX1Mqd-gAGUow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.128.0/17
Signature Algorithm: sha256WithRSAEncryption
55:94:3f:7f:30:7a:74:04:ad:51:b5:3f:78:78:ce:2b:1d:39:
3e:d8:0e:1b:a1:97:8a:b2:12:56:9e:44:9d:fb:f3:51:bb:99:
9d:84:64:fa:ed:d9:22:47:6b:b8:50:d7:3f:09:0e:b5:70:9e:
78:c9:12:56:ae:1c:d0:64:30:36:61:56:65:3a:62:dd:87:c2:
b6:e8:7d:e8:0f:be:6e:1e:4d:94:ac:bd:3e:53:07:fe:28:48:
df:7d:55:87:ff:68:36:94:8f:fb:c7:bd:0e:ba:dd:59:f0:a9:
95:2f:5e:12:5d:8d:3a:af:53:24:b4:49:5d:42:eb:15:7d:b4:
0f:49:59:13:d5:63:36:8a:a4:b8:64:61:cc:d7:82:10:85:18:
48:95:5f:42:2b:9f:50:12:5d:0c:62:71:ef:c2:fd:53:44:3f:
c9:16:8e:b4:d3:f9:2c:ea:22:d3:4e:60:1c:b8:64:b8:f9:0d:
9f:f8:1e:f7:84:27:39:15:19:ee:eb:0e:95:fc:20:31:a1:ae:
ff:5f:fc:ea:9d:2e:0b:d3:9e:d2:15:99:f3:da:ba:df:aa:7a:
68:ad:45:f4:c3:64:2f:9a:e7:4e:7d:78:8a:1a:a3:96:e8:3f:
3f:1a:59:9e:8d:8c:69:ef:93:bb:7e:49:64:be:74:da:ec:69:
7f:f2:f9:3f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAxRT4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YjE1ODEyN2U5ODdmZTAzNzExYjdhOTdkNGNhOWRmYTAwMDY1MjhjMB4XDTIyMDUx
NzE1MzIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZjZDlkZjc2Njgw
MmMwNDBlMDE1YTAyNTZjYTcxZjg5OWRkODAzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOvzObkrjpDHuU9AiEQA3r+Fof/57VE8W1lAN+6FvYz2/nHi
6iyLlrpzd54Wc7lURRpbP0/VSUoMU8/4uirNFCTvk4foosF13e6BisSU012kX8O/
CwoANG2SejNqJUI8CmIRTsFMTN8GUMf2pnEwXIRNzcBjZN/DJLhifMh7z1nAPU2J
jl/he/CHGiu7ZyoKAULMb3EsUQRw0Zbw+Pb9m+MOS2os3xz3YGNw+uQFY7mXr/xC
MvaFdRcKCp8SW/5IZFtAS3XqOCHFrTyOkJwcEUbHlK1GfQvvU9eQocdQ/qhRQAxt
dA/6MeEp4r26A0K1uhGjrY/Sajd97CudfSXjt8cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/zZ33ZoAsBA4BWgJWynH4md2AMTAfBgNVHSMEGDAWgBSLFYEn6Yf+A3Eb
epfUyp36AAZSjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2l4V0JKLW1IX2dOeEczcVgxTXFkLWdBR1Vvdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvYjQ2ZjkzLWI4NmYtNDYyYy04ZDQ0LThiNWVmNjhiNDFiZC8x
L1A4MmQ5MmFBTEFRT0FWb0NWc3B4LUpuZGdERS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
YjQ2ZjkzLWI4NmYtNDYyYy04ZDQ0LThiNWVmNjhiNDFiZC8xL2l4V0JKLW1IX2dO
eEczcVgxTXFkLWdBR1Vvdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB5fYgDANBgkqhkiG9w0BAQsFAAOC
AQEAVZQ/fzB6dAStUbU/eHjOKx05PtgOG6GXirISVp5EnfvzUbuZnYRk+u3ZIkdr
uFDXPwkOtXCeeMkSVq4c0GQwNmFWZTpi3YfCtuh96A++bh5NlKy9PlMH/ihI331V
h/9oNpSP+8e9DrrdWfCplS9eEl2NOq9TJLRJXULrFX20D0lZE9VjNoqkuGRhzNeC
EIUYSJVfQiufUBJdDGJx78L9U0Q/yRaOtNP5LOoi005gHLhkuPkNn/ge94QnORUZ
7usOlfwgMaGu/1/86p0uC9Oe0hWZ89q636p6aK1F9MNkL5rnTn14ihqjlug/PxpZ
no2Mae+Tu35JZL502uxpf/L5Pw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:24 2025 by rpki-client