Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/fr30OPL-AafDCBjmipi7KvdVDI8.roa
File: fr30OPL-AafDCBjmipi7KvdVDI8.roa (raw, json)
Hash identifier: 2Nqr4Ok4kM+bkvmYhcN17i/TJ4fKyiEZw70ZkGS+XGw=
Subject key identifier: 7E:BD:F4:38:F2:FE:01:A7:C3:08:18:E6:8A:98:BB:2A:F7:55:0C:8F
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0899AA4C
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/fr30OPL-AafDCBjmipi7KvdVDI8.roa
Signing time: Tue 22 Feb 2022 09:38:01 +0000
ROA not before: Tue 22 Feb 2022 09:38:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212001
IP address blocks: 94.232.244.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144288332 (0x899aa4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Feb 22 09:38:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ebdf438f2fe01a7c30818e68a98bb2af7550c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:30:0b:85:c7:e9:aa:4b:1a:41:dc:c6:f1:b1:
70:aa:6e:8d:65:73:e8:25:84:ea:32:e7:9b:11:15:
2d:ec:7c:c7:58:c2:21:c5:71:81:0d:7c:6a:da:c9:
b2:75:4b:a1:a7:5a:12:3a:80:c6:dc:72:64:aa:fa:
a2:00:87:6a:2d:d7:5b:eb:dc:7e:67:f4:f8:ba:05:
26:ca:eb:bb:e2:b0:c9:30:28:46:49:f8:92:43:9a:
52:3b:fb:9f:e7:79:73:44:05:e5:7f:19:ab:cf:22:
26:6d:cf:a5:e9:92:6f:a2:f0:33:a6:5a:e2:7e:ef:
70:64:1d:0b:90:20:86:56:fb:b0:6f:fb:c7:ac:b9:
22:fa:00:f7:d8:e6:6a:21:02:63:7f:af:18:98:91:
9e:cb:92:3b:0c:2a:80:80:bb:a8:78:d0:8d:92:56:
46:61:29:1d:1e:88:3c:bb:e5:d3:81:d5:6c:6b:ab:
1c:b5:64:f8:3f:5d:08:93:7f:82:9f:7d:e3:60:57:
86:50:f3:07:4d:b4:de:2e:2f:70:13:d9:de:eb:22:
03:2a:c7:30:4e:ea:bc:26:07:41:e6:e9:85:2f:af:
aa:50:2c:ca:b1:0d:d0:1c:57:86:37:d8:4e:98:4d:
e0:d8:1b:45:3b:c1:93:d4:80:9e:10:6f:65:58:0e:
9d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:BD:F4:38:F2:FE:01:A7:C3:08:18:E6:8A:98:BB:2A:F7:55:0C:8F
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/fr30OPL-AafDCBjmipi7KvdVDI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.244.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:ea:ac:7e:1f:06:63:7c:12:0b:4e:ce:a4:c6:77:75:5e:d6:
1e:71:1b:4b:9a:a6:27:a0:fd:f0:8b:cc:47:51:32:2e:8a:07:
54:f3:0b:84:4c:22:25:bd:58:f2:a1:25:70:52:39:04:5e:a8:
5e:a3:3d:01:1e:ed:42:4f:7f:a2:01:a8:4e:30:49:1d:3a:2b:
e4:36:ba:a1:49:02:b8:58:aa:76:fc:68:29:58:0f:60:5d:d5:
35:4f:bb:4c:0e:41:d4:6b:ec:6f:00:6c:c8:b8:40:7b:f1:4f:
fd:ef:2a:26:19:0f:f2:e9:7d:ff:9b:a8:5e:77:e9:6d:0c:07:
be:ab:85:0b:3c:d2:9d:ff:9c:4a:b3:81:01:93:95:39:e6:fb:
10:8d:84:65:55:31:71:02:18:19:0e:a8:97:54:80:28:2a:6d:
0b:1b:e6:c2:dd:ff:59:7b:4b:fc:50:8b:4a:d5:b1:4e:56:8e:
2d:ec:ae:de:0a:de:9e:18:ab:6e:94:ae:68:3a:f9:3b:4f:a8:
88:2f:85:8b:78:a4:dc:6f:b3:2c:18:65:8c:d0:6e:f1:1d:e9:
d5:59:7f:d2:f8:93:87:c6:4b:c2:b9:eb:12:c6:03:e9:87:50:
f9:43:3c:cf:db:3e:20:7b:33:16:e6:a1:bf:ed:24:80:18:b0:
25:e2:70:21
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECJmqTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDIy
MjA5MzgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ViZGY0MzhmMmZl
MDFhN2MzMDgxOGU2OGE5OGJiMmFmNzU1MGM4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkwC4XH6apLGkHcxvGxcKpujWVz6CWE6jLnmxEVLex8x1jC
IcVxgQ18atrJsnVLoadaEjqAxtxyZKr6ogCHai3XW+vcfmf0+LoFJsrru+KwyTAo
Rkn4kkOaUjv7n+d5c0QF5X8Zq88iJm3PpemSb6LwM6Za4n7vcGQdC5Aghlb7sG/7
x6y5IvoA99jmaiECY3+vGJiRnsuSOwwqgIC7qHjQjZJWRmEpHR6IPLvl04HVbGur
HLVk+D9dCJN/gp9942BXhlDzB0203i4vcBPZ3usiAyrHME7qvCYHQebphS+vqlAs
yrEN0BxXhjfYTphN4NgbRTvBk9SAnhBvZVgOnSUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR+vfQ48v4Bp8MIGOaKmLsq91UMjzAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L2ZyMzBPUEwtQWFmRENCam1pcGk3S3ZkVkRJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl7o9DANBgkqhkiG9w0BAQsFAAOC
AQEAm+qsfh8GY3wSC07OpMZ3dV7WHnEbS5qmJ6D98IvMR1EyLooHVPMLhEwiJb1Y
8qElcFI5BF6oXqM9AR7tQk9/ogGoTjBJHTor5Da6oUkCuFiqdvxoKVgPYF3VNU+7
TA5B1GvsbwBsyLhAe/FP/e8qJhkP8ul9/5uoXnfpbQwHvquFCzzSnf+cSrOBAZOV
Oeb7EI2EZVUxcQIYGQ6ol1SAKCptCxvmwt3/WXtL/FCLStWxTlaOLeyu3grenhir
bpSuaDr5O0+oiC+Fi3ik3G+zLBhljNBu8R3p1Vl/0viTh8ZLwrnrEsYD6YdQ+UM8
z9s+IHszFuahv+0kgBiwJeJwIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org