Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pkQiIMFnnnUcSyqIXcMkeTX89pE.roa
File: pkQiIMFnnnUcSyqIXcMkeTX89pE.roa (raw, json)
Hash identifier: vEHd1dbPVb9A5GjYFEwY0P5WO//2dTW0usuoCGlLNeI=
Subject key identifier: A6:44:22:20:C1:67:9E:75:1C:4B:2A:88:5D:C3:24:79:35:FC:F6:91
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 08ADC1F4
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pkQiIMFnnnUcSyqIXcMkeTX89pE.roa
Signing time: Wed 02 Mar 2022 12:02:40 +0000
ROA not before: Wed 02 Mar 2022 12:02:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 80.64.218.0/23 maxlen: 23
37.221.126.0/23 maxlen: 23
213.185.90.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145605108 (0x8adc1f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 2 12:02:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6442220c1679e751c4b2a885dc3247935fcf691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:be:78:c9:4a:cb:64:30:0c:2f:59:83:ef:c9:
23:f3:53:6a:cd:a9:5e:9f:2b:f3:8a:6e:96:26:c3:
72:f1:d6:97:5b:f3:1f:fa:d9:ec:98:48:27:26:dd:
ab:06:8f:7d:29:0f:50:7e:57:55:9e:e6:25:c4:39:
30:24:8b:a5:12:4d:35:5f:0e:80:58:f8:97:b6:07:
41:f8:70:6d:be:fa:85:09:83:00:97:70:15:6e:c6:
31:64:da:03:96:aa:97:8d:56:f4:b9:98:ea:57:87:
29:7e:67:67:e3:ce:d1:1d:c4:6f:ef:70:e9:64:42:
23:01:95:06:58:b7:da:97:df:25:31:2a:fe:98:6d:
69:e5:28:b8:c1:26:da:93:65:e6:4d:4a:e8:9a:21:
27:0b:91:49:1f:ec:61:86:af:d7:44:b6:8b:1c:05:
b9:1a:45:9c:2e:17:4f:f1:d9:ce:55:f8:43:f9:f3:
15:f5:7c:16:38:65:a1:1e:df:d1:4b:89:cd:4a:1c:
76:d4:bd:ec:5e:fc:af:71:56:4e:01:10:c5:83:ae:
5e:35:e7:85:5e:a4:c3:6a:0e:1c:45:de:ee:15:73:
d2:8e:f9:82:dd:ce:f7:3d:03:fc:1b:54:c8:3b:9b:
88:9c:01:47:0f:2e:f2:dc:72:51:94:fa:23:91:42:
0d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:44:22:20:C1:67:9E:75:1C:4B:2A:88:5D:C3:24:79:35:FC:F6:91
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pkQiIMFnnnUcSyqIXcMkeTX89pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.126.0/23
80.64.218.0/23
213.185.90.0/23
Signature Algorithm: sha256WithRSAEncryption
13:4c:b4:a0:e5:74:76:19:8e:e1:87:f2:92:d6:f1:41:2f:17:
ef:2c:3e:ce:85:d6:c5:73:c3:b8:17:d4:89:b6:e3:17:2d:f8:
f4:36:26:e4:2e:eb:49:1f:d5:41:5d:5b:f7:41:8d:33:71:bb:
f3:8e:6f:41:c7:a5:6f:be:a5:4d:87:3c:c9:4a:54:b8:59:65:
88:95:d1:09:5c:f5:be:35:92:5b:fb:81:9f:d6:fa:a1:05:57:
21:f3:c3:18:33:dd:a6:84:e7:15:95:cc:30:f5:d3:9f:6c:00:
cb:17:a1:9c:a0:ce:96:ad:dd:ae:e9:37:0e:53:c5:94:e6:9a:
5f:8d:92:42:3a:35:df:dc:80:79:5a:45:56:a1:67:1d:f0:90:
a4:6e:53:79:fe:98:3e:50:7f:a7:9c:bd:c7:84:ad:4c:54:35:
cc:ca:7f:45:34:2a:84:12:f4:85:a7:28:e8:1a:4a:50:70:0e:
28:fa:bd:f5:32:29:ac:e5:d0:c7:a8:f0:3d:b3:dd:45:97:ec:
49:38:3f:04:fd:f7:9f:52:77:a8:79:e7:6b:17:0c:9f:3e:28:
fb:8a:ce:a6:02:a0:c1:44:25:62:18:87:30:f3:83:3f:fc:4c:
43:0f:08:4a:d8:cb:dd:9f:19:f6:b4:01:32:72:21:0d:86:0a:
52:27:78:19
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECK3B9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDMw
MjEyMDI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY0NDIyMjBjMTY3
OWU3NTFjNGIyYTg4NWRjMzI0NzkzNWZjZjY5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALS+eMlKy2QwDC9Zg+/JI/NTas2pXp8r84pulibDcvHWl1vz
H/rZ7JhIJybdqwaPfSkPUH5XVZ7mJcQ5MCSLpRJNNV8OgFj4l7YHQfhwbb76hQmD
AJdwFW7GMWTaA5aql41W9LmY6leHKX5nZ+PO0R3Eb+9w6WRCIwGVBli32pffJTEq
/phtaeUouMEm2pNl5k1K6JohJwuRSR/sYYav10S2ixwFuRpFnC4XT/HZzlX4Q/nz
FfV8FjhloR7f0UuJzUocdtS97F78r3FWTgEQxYOuXjXnhV6kw2oOHEXe7hVz0o75
gt3O9z0D/BtUyDubiJwBRw8u8txyUZT6I5FCDbkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSmRCIgwWeedRxLKohdwyR5Nfz2kTAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L3BrUWlJTUZubm5VY1N5cUlYY01rZVRYODlwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEASXdfgMEAVBA2gMEAdW5WjANBgkq
hkiG9w0BAQsFAAOCAQEAE0y0oOV0dhmO4YfyktbxQS8X7yw+zoXWxXPDuBfUibbj
Fy349DYm5C7rSR/VQV1b90GNM3G7845vQcelb76lTYc8yUpUuFlliJXRCVz1vjWS
W/uBn9b6oQVXIfPDGDPdpoTnFZXMMPXTn2wAyxehnKDOlq3druk3DlPFlOaaX42S
Qjo139yAeVpFVqFnHfCQpG5Tef6YPlB/p5y9x4StTFQ1zMp/RTQqhBL0haco6BpK
UHAOKPq99TIprOXQx6jwPbPdRZfsSTg/BP33n1J3qHnnaxcMnz4o+4rOpgKgwUQl
YhiHMPODP/xMQw8IStjL3Z8Z9rQBMnIhDYYKUid4GQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org