Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2aj412SrW3UKG8FYl8ZmVIwL1sM.roa
File: 2aj412SrW3UKG8FYl8ZmVIwL1sM.roa (raw, json)
Hash identifier: ErU0ulxP99SnCY4aOGCQc7HsAwgiqY7tAr6CVoThKYc=
Subject key identifier: D9:A8:F8:D7:64:AB:5B:75:0A:1B:C1:58:97:C6:66:54:8C:0B:D6:C3
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 08903B59
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2aj412SrW3UKG8FYl8ZmVIwL1sM.roa
Signing time: Mon 21 Feb 2022 09:13:10 +0000
ROA not before: Mon 21 Feb 2022 09:13:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.123.156.0/22 maxlen: 23
185.130.40.0/22 maxlen: 23
94.232.244.0/22 maxlen: 23
46.161.216.0/22 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143670105 (0x8903b59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Feb 21 09:13:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9a8f8d764ab5b750a1bc15897c666548c0bd6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d7:3b:e0:60:b2:f7:d8:56:3d:b2:2b:5c:c1:
23:35:07:35:16:65:6b:d1:fe:0c:67:d2:8a:2d:53:
67:4f:10:68:c6:0d:8f:e2:fc:f3:89:6d:73:c3:76:
f8:73:ac:eb:be:aa:79:0b:40:ab:96:f0:31:94:dc:
70:17:ab:48:2a:7a:12:66:87:92:82:0c:ea:dd:a9:
99:e2:29:96:59:21:9c:2f:9d:27:a6:7f:dc:80:bf:
60:ea:83:90:43:0b:bd:38:7b:08:d0:93:56:5c:68:
ba:ff:5c:ba:21:ca:26:3d:15:d5:cd:a6:c3:4c:b8:
14:17:98:fb:09:c7:23:98:bd:96:6f:d3:ed:a9:de:
38:e1:d2:d9:2d:ff:f8:18:4a:8d:10:7b:45:9e:ff:
86:2c:c0:ab:d0:df:03:1a:99:19:a5:84:da:88:e9:
7a:0d:ec:16:df:a1:06:da:fc:d4:bc:35:66:90:c3:
40:45:ea:bd:c4:bd:0d:65:16:ba:2d:01:71:48:e5:
29:a6:42:76:93:fb:9d:d6:56:dd:73:ba:97:0a:fb:
24:4b:7e:93:ab:34:fb:12:73:86:7e:fe:5a:88:70:
2c:ab:a1:84:dd:6a:89:b4:3a:db:b1:6f:c6:c6:ca:
52:83:6d:f2:b3:67:d2:14:75:51:d6:c2:82:b6:3e:
93:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A8:F8:D7:64:AB:5B:75:0A:1B:C1:58:97:C6:66:54:8C:0B:D6:C3
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2aj412SrW3UKG8FYl8ZmVIwL1sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.216.0/22
94.232.244.0/22
185.123.156.0/22
185.130.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:df:f2:35:02:89:ac:23:0b:5b:1e:34:4d:b5:e2:39:62:0d:
f3:48:80:f5:c2:b1:f5:be:1c:68:44:f5:26:de:6b:88:18:12:
9c:50:84:3e:9e:b0:e5:8c:78:69:aa:09:39:f1:c9:ae:f5:70:
48:eb:36:37:f8:64:8c:6e:ef:fd:65:36:22:67:2d:6c:8c:aa:
eb:5f:b1:b1:af:17:7d:42:5c:cc:13:92:00:56:cf:e2:d8:c3:
8f:fa:48:cb:e4:d0:3c:11:4f:f0:1c:3e:d7:17:49:7c:1d:53:
8e:0f:9c:d1:71:17:4b:6c:1a:49:10:e8:49:45:16:1e:eb:ed:
9a:5a:e0:44:ca:9b:e0:ec:9d:ec:1c:b4:3a:7f:32:59:4f:08:
21:f2:f3:ef:9f:f7:95:0f:a7:c5:11:b6:79:08:83:58:56:c1:
4b:bf:49:66:06:23:13:49:a8:e5:36:2c:b6:bc:47:be:d7:39:
d8:23:de:0c:6c:49:69:98:1c:71:51:3f:a3:1a:cc:51:b4:70:
19:7e:5d:39:d3:8d:0e:b9:c2:8b:f6:4b:0f:fe:6b:4d:93:e4:
6d:78:41:ff:03:a7:7a:d0:d1:46:df:59:66:e7:28:1e:17:3e:
5c:f1:05:9a:03:d9:bb:cb:44:ad:63:0b:52:05:bb:1e:12:e2:
06:45:72:05
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECJA7WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDIy
MTA5MTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDlhOGY4ZDc2NGFi
NWI3NTBhMWJjMTU4OTdjNjY2NTQ4YzBiZDZjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLXO+BgsvfYVj2yK1zBIzUHNRZla9H+DGfSii1TZ08QaMYN
j+L884ltc8N2+HOs676qeQtAq5bwMZTccBerSCp6EmaHkoIM6t2pmeIpllkhnC+d
J6Z/3IC/YOqDkEMLvTh7CNCTVlxouv9cuiHKJj0V1c2mw0y4FBeY+wnHI5i9lm/T
7aneOOHS2S3/+BhKjRB7RZ7/hizAq9DfAxqZGaWE2ojpeg3sFt+hBtr81Lw1ZpDD
QEXqvcS9DWUWui0BcUjlKaZCdpP7ndZW3XO6lwr7JEt+k6s0+xJzhn7+WohwLKuh
hN1qibQ627FvxsbKUoNt8rNn0hR1UdbCgrY+k1ECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTZqPjXZKtbdQobwViXxmZUjAvWwzAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
LzJhajQxMlNyVzNVS0c4RllsOFptVkl3TDFzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAi6h2AMEAl7o9AMEArl7nAMEArmC
KDANBgkqhkiG9w0BAQsFAAOCAQEAH9/yNQKJrCMLWx40TbXiOWIN80iA9cKx9b4c
aET1Jt5riBgSnFCEPp6w5Yx4aaoJOfHJrvVwSOs2N/hkjG7v/WU2ImctbIyq61+x
sa8XfUJczBOSAFbP4tjDj/pIy+TQPBFP8Bw+1xdJfB1Tjg+c0XEXS2waSRDoSUUW
HuvtmlrgRMqb4Oyd7By0On8yWU8IIfLz75/3lQ+nxRG2eQiDWFbBS79JZgYjE0mo
5TYstrxHvtc52CPeDGxJaZgccVE/oxrMUbRwGX5dOdONDrnCi/ZLD/5rTZPkbXhB
/wOnetDRRt9ZZucoHhc+XPEFmgPZu8tErWMLUgW7HhLiBkVyBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org