Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-OK-WbNJJJ_LX_F2L9uKu8YYFB8.roa
File: 1-OK-WbNJJJ_LX_F2L9uKu8YYFB8.roa (raw, json)
Hash identifier: lJUHkgKlu75YoZ59niB0sugbivq0VtmPbjg/aVA9aVA=
Subject key identifier: F8:E2:BE:59:B3:49:24:9F:CB:5F:F1:76:2F:DB:8A:BB:C6:18:14:1F
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01849C6CDAB613A1AD3E61230A6F754AE092
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-OK-WbNJJJ_LX_F2L9uKu8YYFB8.roa
Signing time: Mon 21 Nov 2022 23:01:30 +0000
ROA not before: Mon 21 Nov 2022 23:01:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 185.232.86.0/23 maxlen: 23
45.134.178.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9c:6c:da:b6:13:a1:ad:3e:61:23:0a:6f:75:4a:e0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Nov 21 23:01:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8e2be59b349249fcb5ff1762fdb8abbc618141f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0a:ad:75:5a:53:c3:14:17:9c:e0:6c:d8:a9:
cc:67:45:c4:65:66:30:17:0b:9f:33:6c:2a:e2:53:
a9:1a:c6:f9:ff:bd:75:e7:bd:51:28:b9:c7:d8:32:
93:c5:52:9c:45:92:eb:e8:ab:6b:e4:0c:56:32:6d:
d1:2b:7f:93:fb:3c:56:c0:4d:90:81:e5:7e:b7:67:
9f:74:1c:3a:1a:94:70:2a:a5:57:60:9b:1b:e5:ed:
dc:ec:85:a9:4b:08:26:b2:43:95:2c:b7:76:fd:0c:
dc:fa:26:0c:e7:b5:22:9f:57:e7:39:27:74:de:a2:
a7:09:5e:af:c8:0e:7c:5f:fa:fd:9d:46:fc:3f:a1:
6d:08:b1:e8:4f:01:9c:81:07:06:32:dd:81:84:ca:
89:ff:5a:1b:e4:8d:1f:9d:20:65:bf:c0:5d:5d:2f:
9a:23:82:68:5b:34:7a:bd:ef:f3:21:5b:c8:94:d1:
02:64:0c:25:cb:20:a6:50:d9:96:d0:e9:43:53:0e:
e7:97:f2:f0:60:bc:54:52:fd:17:60:8b:03:86:bd:
90:fe:27:4f:bc:bf:1d:4d:a0:05:ac:11:d8:77:0b:
f7:4a:43:4f:8e:38:b0:77:10:fe:62:a3:00:a5:30:
a3:86:c2:8f:00:3f:92:9a:25:24:39:a3:2a:f3:92:
f4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E2:BE:59:B3:49:24:9F:CB:5F:F1:76:2F:DB:8A:BB:C6:18:14:1F
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-OK-WbNJJJ_LX_F2L9uKu8YYFB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.178.0/23
185.232.86.0/23
Signature Algorithm: sha256WithRSAEncryption
65:d1:c5:fa:db:20:06:9e:46:fe:f8:2c:06:9b:fc:69:5f:f6:
0d:be:58:bd:62:35:c2:a1:13:05:66:52:44:e1:d6:af:ed:17:
67:b7:49:e0:03:da:22:0d:33:44:f0:29:6f:6a:c2:4f:a3:2f:
f1:bd:b7:17:a7:fa:30:aa:00:1e:39:84:cc:3f:31:5a:00:88:
20:72:10:d6:b5:35:20:89:46:c5:1a:08:96:08:58:3d:d2:a1:
4b:b4:d9:0c:b0:b7:0f:5b:5b:f5:2e:ec:85:f3:2e:ac:46:af:
de:5a:ff:31:38:ec:44:c0:e6:d3:8d:85:6a:6a:2f:6e:46:07:
57:6e:1a:90:df:64:c2:bb:c6:d1:af:f5:bb:4d:90:a6:e0:01:
3b:29:1c:6b:f3:08:1f:8b:61:21:58:e3:97:4a:74:ea:68:f8:
d4:f6:09:16:c4:52:b4:a8:8e:a8:7e:9f:5e:20:19:c1:75:9c:
d0:58:13:1a:80:6d:6c:fe:64:39:e7:3e:3e:1f:d9:4e:f7:53:
92:c5:8b:48:14:1e:32:21:0a:7b:d6:29:93:a3:3e:33:2b:97:
a3:8d:8a:05:17:ef:b6:9a:8f:b5:31:f3:04:04:f5:d6:b5:1c:
02:b3:3e:91:87:c8:0a:c5:c3:8f:2b:59:4f:f2:c2:d7:dd:6a:
c9:1e:b9:97
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYScbNq2E6GtPmEjCm91SuCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIxMTIxMjMwMTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUyYmU1OWIzNDkyNDlmY2I1ZmYxNzYyZmRiOGFiYmM2MTgxNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQqtdVpTwxQXnOBs2KnMZ0XEZWYw
FwufM2wq4lOpGsb5/711571RKLnH2DKTxVKcRZLr6Ktr5AxWMm3RK3+T+zxWwE2Q
geV+t2efdBw6GpRwKqVXYJsb5e3c7IWpSwgmskOVLLd2/Qzc+iYM57Uin1fnOSd0
3qKnCV6vyA58X/r9nUb8P6FtCLHoTwGcgQcGMt2BhMqJ/1ob5I0fnSBlv8BdXS+a
I4JoWzR6ve/zIVvIlNECZAwlyyCmUNmW0OlDUw7nl/LwYLxUUv0XYIsDhr2Q/idP
vL8dTaAFrBHYdwv3SkNPjjiwdxD+YqMApTCjhsKPAD+SmiUkOaMq85L0uQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPjivlmzSSSfy1/xdi/birvGGBQfMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMS1PSy1XYk5KSkpfTFhfRjJMOXVLdThZWUZCOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRj
My8xL3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS2GsgME
AbnoVjANBgkqhkiG9w0BAQsFAAOCAQEAZdHF+tsgBp5G/vgsBpv8aV/2Db5YvWI1
wqETBWZSROHWr+0XZ7dJ4APaIg0zRPApb2rCT6Mv8b23F6f6MKoAHjmEzD8xWgCI
IHIQ1rU1IIlGxRoIlghYPdKhS7TZDLC3D1tb9S7shfMurEav3lr/MTjsRMDm042F
amovbkYHV24akN9kwrvG0a/1u02QpuABOykca/MIH4thIVjjl0p06mj41PYJFsRS
tKiOqH6fXiAZwXWc0FgTGoBtbP5kOec+Ph/ZTvdTksWLSBQeMiEKe9Ypk6M+MyuX
o42KBRfvtpqPtTHzBAT11rUcArM+kYfICsXDjytZT/LC191qyR65lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org