Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/4E5YuXlJILEkn0d1_LMBgQJNGD0.roa
File: 4E5YuXlJILEkn0d1_LMBgQJNGD0.roa (raw, json)
Hash identifier: /zL+peXnmI70qmarF4qZud5OKGIzCb2kig3c4ngalvg=
Subject key identifier: E0:4E:58:B9:79:49:20:B1:24:9F:47:75:FC:B3:01:81:02:4D:18:3D
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0185AA81B0D6E23212B648F19BA9EA1EBD26
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/4E5YuXlJILEkn0d1_LMBgQJNGD0.roa
Signing time: Fri 13 Jan 2023 09:41:44 +0000
ROA not before: Fri 13 Jan 2023 09:41:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.76.0/22 maxlen: 22
176.117.80.0/22 maxlen: 22
176.117.84.0/22 maxlen: 22
176.117.88.0/22 maxlen: 22
176.117.92.0/22 maxlen: 22
176.117.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:81:b0:d6:e2:32:12:b6:48:f1:9b:a9:ea:1e:bd:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Jan 13 09:41:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e04e58b9794920b1249f4775fcb30181024d183d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d6:21:e7:fe:7e:e8:06:e5:de:75:fb:9d:68:
4e:4b:b3:47:e5:c3:2f:04:24:b1:66:7d:bf:0b:81:
65:d8:73:8e:be:52:7e:59:70:0b:74:1a:51:d7:26:
47:b5:a5:b8:cd:c3:87:62:b2:20:a5:d9:92:63:85:
57:5f:49:67:ee:da:ad:db:69:92:e7:dd:eb:1b:9c:
17:8d:7b:3d:e7:c1:c7:2f:a3:d4:1b:1a:60:ff:36:
55:97:e5:4c:e4:c0:c9:93:95:09:8d:59:28:5a:c4:
b9:94:e9:b6:b7:39:29:f1:ed:7b:39:44:d4:f1:45:
3f:ad:16:27:8b:ff:e9:94:26:b9:7d:1c:c3:7e:fb:
fa:33:51:ac:b3:6a:b1:e8:65:c3:da:b9:4a:2f:88:
f4:5f:1a:fb:d7:f3:4d:75:0b:8c:04:e5:e2:7a:ce:
8d:e5:a0:00:4f:ca:2e:2c:8c:b2:35:9e:ab:c5:ad:
30:81:c8:c3:a5:b7:27:df:4b:9f:88:9f:bd:a3:f0:
93:ea:6a:b0:b3:83:ea:46:17:8b:cf:f5:3c:53:d6:
98:fc:37:ac:86:33:da:50:45:98:9a:ff:6b:3f:ed:
6b:60:34:70:aa:29:86:df:48:9a:5c:d6:d5:73:fa:
b2:5f:b2:4e:3a:41:62:79:ba:af:86:8c:a6:dc:49:
2b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4E:58:B9:79:49:20:B1:24:9F:47:75:FC:B3:01:81:02:4D:18:3D
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/4E5YuXlJILEkn0d1_LMBgQJNGD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.64.0/22
176.117.76.0-176.117.95.255
Signature Algorithm: sha256WithRSAEncryption
87:1a:10:65:d1:48:d3:3a:95:da:89:36:c6:1f:3a:88:c7:ad:
5e:ee:76:7d:76:63:a6:fe:e7:fd:4d:7f:d3:ce:64:31:f5:86:
84:1d:6b:95:0a:1e:fd:20:89:1a:c7:82:77:f2:1f:07:47:b8:
80:f4:3b:41:86:bf:7f:cd:e7:8a:cd:16:11:00:a8:5f:81:65:
c3:a6:7d:a5:c5:de:b3:87:3a:6e:30:02:f7:b2:3b:7c:ee:6a:
bb:55:34:54:e7:ae:96:2a:16:aa:cf:b5:61:c8:9e:7c:0b:d9:
ee:b0:18:2d:22:60:67:ff:87:a3:75:54:a4:89:02:e3:b9:b8:
06:a6:b7:32:9a:70:2b:ae:d9:c3:3d:b4:8b:e1:97:2f:fd:8a:
c1:e3:b2:35:20:0c:6e:24:8b:16:f6:2d:f2:d4:52:90:63:ed:
4c:7e:7e:f4:dc:6e:06:ab:33:63:6e:36:7b:5c:e3:c7:59:39:
9d:1b:a7:65:b0:25:e4:3a:d6:30:46:df:cc:ce:08:af:a3:ff:
a1:f9:c8:96:f1:b6:83:12:1b:44:4f:36:65:9f:87:38:ed:c9:
8e:c0:07:0e:8c:92:a5:39:39:cc:ee:72:c5:7a:0a:15:76:61:
d5:c8:85:60:41:f2:a4:7a:6b:56:67:09:a1:bc:aa:54:ed:b3:
fd:8d:c1:43
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYWqgbDW4jIStkjxm6nqHr0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjMwMTEzMDk0MTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDRlNThiOTc5NDkyMGIxMjQ5ZjQ3NzVmY2IzMDE4MTAyNGQxODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9Yh5/5+6Abl3nX7nWhOS7NH5cMv
BCSxZn2/C4Fl2HOOvlJ+WXALdBpR1yZHtaW4zcOHYrIgpdmSY4VXX0ln7tqt22mS
593rG5wXjXs958HHL6PUGxpg/zZVl+VM5MDJk5UJjVkoWsS5lOm2tzkp8e17OUTU
8UU/rRYni//plCa5fRzDfvv6M1Gss2qx6GXD2rlKL4j0Xxr71/NNdQuMBOXies6N
5aAAT8ouLIyyNZ6rxa0wgcjDpbcn30ufiJ+9o/CT6mqws4PqRheLz/U8U9aY/Des
hjPaUEWYmv9rP+1rYDRwqimG30iaXNbVc/qyX7JOOkFiebqvhoym3EkrLwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOBOWLl5SSCxJJ9HdfyzAYECTRg9MB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvNEU1WXVYbEpJTEVrbjBkMV9MTUJnUUpOR0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCsHVAMAwD
BAKwdUwDBAWwdUAwDQYJKoZIhvcNAQELBQADggEBAIcaEGXRSNM6ldqJNsYfOojH
rV7udn12Y6b+5/1Nf9POZDH1hoQda5UKHv0giRrHgnfyHwdHuID0O0GGv3/N54rN
FhEAqF+BZcOmfaXF3rOHOm4wAveyO3zuartVNFTnrpYqFqrPtWHInnwL2e6wGC0i
YGf/h6N1VKSJAuO5uAamtzKacCuu2cM9tIvhly/9isHjsjUgDG4kixb2LfLUUpBj
7Ux+fvTcbgarM2NuNntc48dZOZ0bp2WwJeQ61jBG38zOCK+j/6H5yJbxtoMSG0RP
NmWfhzjtyY7ABw6MkqU5OczucsV6ChV2YdXIhWBB8qR6a1ZnCaG8qlTts/2NwUM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org