Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/SF0Wycm8XxeCBkJ3AMaU_awuQmA.roa
File: SF0Wycm8XxeCBkJ3AMaU_awuQmA.roa (raw, json)
Hash identifier: fcGaz4mBlLTNbTs5IwUyskMj3NUD80qC8BrW/NUJMCU=
Subject key identifier: 48:5D:16:C9:C9:BC:5F:17:82:06:42:77:00:C6:94:FD:AC:2E:42:60
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 01856DCAF6D8C7F513E15B00987EEFB2C541
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/SF0Wycm8XxeCBkJ3AMaU_awuQmA.roa
Signing time: Sun 01 Jan 2023 14:44:56 +0000
ROA not before: Sun 01 Jan 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.68.0/22 maxlen: 22
176.117.76.0/22 maxlen: 22
176.117.80.0/22 maxlen: 22
176.117.84.0/22 maxlen: 22
176.117.88.0/22 maxlen: 22
176.117.92.0/22 maxlen: 22
176.117.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f6:d8:c7:f5:13:e1:5b:00:98:7e:ef:b2:c5:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Jan 1 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=485d16c9c9bc5f178206427700c694fdac2e4260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:83:92:61:ba:11:c3:ac:e6:2d:92:b7:b7:3a:
4b:16:50:fc:42:f0:45:ad:88:3d:a6:4b:e9:74:27:
b3:bc:7e:0a:55:e9:64:dc:dc:6a:95:77:10:9f:30:
00:1c:64:be:5d:e4:61:5c:22:2e:c2:1f:67:40:55:
25:c0:a8:91:35:97:e4:ec:2e:00:02:60:6a:5a:60:
e3:01:8f:ea:39:0a:bb:35:4e:f9:58:8f:b3:90:af:
11:a7:2e:0b:20:48:67:f6:cd:75:65:4a:ba:e7:8d:
cc:d1:53:63:07:67:47:5a:c8:f4:d1:c3:87:e8:3f:
d5:f1:02:14:21:b4:6b:ec:6f:f5:b4:92:5c:f1:33:
37:cc:a2:87:da:1a:97:57:ce:44:08:19:05:5c:ca:
e9:e0:bf:44:00:cc:de:ea:b8:ec:44:d2:6c:05:e2:
83:da:99:11:5d:46:f4:12:76:a1:be:3e:e5:33:ad:
89:ae:cc:7d:b9:a1:eb:f9:42:d6:59:1e:dc:01:33:
56:c8:9a:63:04:f4:70:64:81:bc:50:69:ef:ba:a4:
8b:f7:23:1b:b4:1d:7e:bd:11:e0:af:04:b3:e3:98:
78:45:fb:a4:7a:6e:22:0a:59:73:de:3b:42:f2:d7:
31:d7:b7:60:43:83:17:de:1a:60:42:91:11:21:8d:
2b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5D:16:C9:C9:BC:5F:17:82:06:42:77:00:C6:94:FD:AC:2E:42:60
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/SF0Wycm8XxeCBkJ3AMaU_awuQmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.64.0/21
176.117.76.0-176.117.95.255
Signature Algorithm: sha256WithRSAEncryption
4a:2d:a8:6c:88:47:b8:d4:80:48:8b:8a:3f:46:13:32:7d:39:
a1:a3:56:48:eb:64:e9:07:14:92:cc:6e:17:aa:b5:79:63:43:
d0:70:e6:d3:17:1b:48:33:27:0f:15:9e:b0:fa:9b:cd:39:da:
27:4f:05:43:73:b9:3d:33:2d:47:40:06:e0:66:7f:a5:18:19:
a1:1d:1e:04:68:49:fa:cb:48:6c:48:b0:82:56:67:3a:75:d4:
83:fd:6f:0c:99:43:f7:64:4d:47:4f:57:77:4b:49:61:bc:d8:
28:0f:1a:87:5a:bd:b3:e6:45:9a:7b:8b:66:b4:46:f8:92:ed:
5a:32:4d:ed:a6:de:5e:87:96:60:d9:9c:ce:bb:4d:7d:d5:23:
d6:6c:31:66:61:76:8a:1c:7c:71:36:59:62:f3:29:6f:e0:5a:
fd:3a:29:50:a6:f6:09:14:42:22:d1:16:a0:4d:93:a8:d9:21:
0d:de:79:a6:53:60:14:86:b3:9d:a0:30:59:90:de:2a:58:06:
85:f8:67:cc:7a:5f:38:2a:17:08:29:d6:13:a7:31:9d:ad:df:
0c:52:98:2c:53:97:0a:6c:9c:9d:0a:17:c8:23:10:b5:c0:43:
61:9b:8b:f5:91:21:68:37:bc:c0:e2:a1:bf:5b:56:ea:e6:7e:
e0:4f:7d:c1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtyvbYx/UT4VsAmH7vssVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjMwMTAxMTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVkMTZjOWM5YmM1ZjE3ODIwNjQyNzcwMGM2OTRmZGFjMmU0MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoOSYboRw6zmLZK3tzpLFlD8QvBF
rYg9pkvpdCezvH4KVelk3NxqlXcQnzAAHGS+XeRhXCIuwh9nQFUlwKiRNZfk7C4A
AmBqWmDjAY/qOQq7NU75WI+zkK8Rpy4LIEhn9s11ZUq6543M0VNjB2dHWsj00cOH
6D/V8QIUIbRr7G/1tJJc8TM3zKKH2hqXV85ECBkFXMrp4L9EAMze6rjsRNJsBeKD
2pkRXUb0Enahvj7lM62Jrsx9uaHr+ULWWR7cATNWyJpjBPRwZIG8UGnvuqSL9yMb
tB1+vRHgrwSz45h4Rfukem4iCllz3jtC8tcx17dgQ4MX3hpgQpERIY0rrwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEhdFsnJvF8XggZCdwDGlP2sLkJgMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvU0YwV3ljbThYeGVDQmtKM0FNYVVfYXd1UW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDsHVAMAwD
BAKwdUwDBAWwdUAwDQYJKoZIhvcNAQELBQADggEBAEotqGyIR7jUgEiLij9GEzJ9
OaGjVkjrZOkHFJLMbheqtXljQ9Bw5tMXG0gzJw8VnrD6m8052idPBUNzuT0zLUdA
BuBmf6UYGaEdHgRoSfrLSGxIsIJWZzp11IP9bwyZQ/dkTUdPV3dLSWG82CgPGoda
vbPmRZp7i2a0RviS7VoyTe2m3l6HlmDZnM67TX3VI9ZsMWZhdoocfHE2WWLzKW/g
Wv06KVCm9gkUQiLRFqBNk6jZIQ3eeaZTYBSGs52gMFmQ3ipYBoX4Z8x6XzgqFwgp
1hOnMZ2t3wxSmCxTlwpsnJ0KF8gjELXAQ2Gbi/WRIWg3vMDiob9bVurmfuBPfcE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:53 2023 by rpki-client on console-ams.rpki-client.org