Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/Vr8b10nee_KBztTNl6StcY-Qemo.roa
File: Vr8b10nee_KBztTNl6StcY-Qemo.roa (raw, json)
Hash identifier: EdBMLtzyJJiynL9ndfTKS+ZDPFNbJPq4QMTfUa12hao=
Subject key identifier: 56:BF:1B:D7:49:DE:7B:F2:81:CE:D4:CD:97:A4:AD:71:8F:90:7A:6A
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0185111AE517BF67C4BB44802858377ECCFA
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/Vr8b10nee_KBztTNl6StcY-Qemo.roa
Signing time: Wed 14 Dec 2022 14:47:33 +0000
ROA not before: Wed 14 Dec 2022 14:47:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.68.0/22 maxlen: 22
176.117.76.0/22 maxlen: 22
176.117.80.0/22 maxlen: 22
176.117.84.0/22 maxlen: 22
176.117.88.0/22 maxlen: 22
176.117.92.0/22 maxlen: 22
176.117.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:1a:e5:17:bf:67:c4:bb:44:80:28:58:37:7e:cc:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Dec 14 14:47:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56bf1bd749de7bf281ced4cd97a4ad718f907a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7e:8d:26:a3:95:a5:20:d4:23:1f:7f:e6:d7:
8d:b8:10:f2:bb:80:bf:f9:35:80:4a:a8:10:39:47:
3e:92:2e:50:b4:95:09:6c:cb:5b:67:d5:86:b1:47:
f2:ff:c5:59:23:e1:dc:c7:85:70:33:15:a4:ff:7b:
af:07:40:bd:93:4f:e8:c7:22:ee:2d:2f:a3:25:d6:
dc:ab:9d:8d:54:6d:bd:b6:bb:52:9e:25:2e:e0:00:
59:9a:5b:14:6b:e3:28:48:8b:6c:cc:09:59:81:4f:
e0:71:a9:f9:3f:95:12:2e:5c:83:36:65:1a:9a:60:
dc:a8:f9:08:d4:c6:b7:65:96:ae:91:51:56:0d:05:
fb:25:f3:48:88:5b:35:8a:74:79:0a:7b:60:3a:97:
ad:a2:7c:c4:68:6b:1b:1a:fd:10:16:b6:66:9b:91:
45:28:c5:cb:25:b2:0a:4c:9a:1b:76:0b:23:f4:12:
a0:2a:53:59:35:d9:ed:64:73:c0:0e:e6:55:c8:04:
f6:75:70:e8:6f:03:26:37:5e:3e:11:ec:56:48:77:
46:67:8a:07:47:bc:94:1a:52:b3:b4:19:3e:ae:1d:
0e:21:b5:77:40:02:cf:74:42:1e:07:10:9e:5f:8b:
2b:03:ae:17:d7:ce:56:61:24:bd:19:6f:88:34:0e:
a9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BF:1B:D7:49:DE:7B:F2:81:CE:D4:CD:97:A4:AD:71:8F:90:7A:6A
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/Vr8b10nee_KBztTNl6StcY-Qemo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.64.0/21
176.117.76.0-176.117.95.255
Signature Algorithm: sha256WithRSAEncryption
44:c4:54:6e:5b:ea:f0:e5:97:25:86:c6:c7:c6:59:e5:3c:18:
cf:0f:cf:5b:1c:01:99:7a:14:47:ce:a3:e7:0b:50:95:7d:cc:
ec:74:3c:80:42:da:3a:38:d5:48:77:72:90:fd:ff:6b:7f:f4:
a5:b0:58:85:58:a4:ee:02:b2:98:b7:1c:93:e4:98:b6:9b:21:
6b:64:53:e8:9f:55:49:44:88:77:5d:e1:6f:48:03:4c:7a:5e:
2d:08:d7:27:1a:43:64:3a:4e:79:db:09:ed:6e:2a:05:77:74:
47:61:b0:ff:49:0a:81:93:87:c4:e0:5b:82:05:70:a8:57:40:
47:bf:da:b4:31:6d:b4:77:4c:43:75:6e:d1:f7:47:86:fb:a9:
fb:fa:13:d1:64:b5:28:a7:ab:f7:7c:03:6f:ff:24:ab:a5:45:
92:93:f3:2b:3c:3a:9b:f1:27:14:4b:3d:47:58:b0:fb:98:c8:
73:ce:59:f4:1b:60:69:67:7f:57:79:f9:0f:e7:ed:4b:af:52:
23:35:ae:6a:ba:85:5c:46:0a:02:9e:92:7e:98:ce:e9:93:e2:
53:2e:4b:84:5d:23:fa:80:47:7d:b3:05:b2:80:4e:a8:ad:63:
6a:66:33:0e:12:8f:d1:16:e8:dc:69:0b:12:5e:8d:ac:be:18:
94:f0:c1:04
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYURGuUXv2fEu0SAKFg3fsz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjIxMjE0MTQ0NzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmJmMWJkNzQ5ZGU3YmYyODFjZWQ0Y2Q5N2E0YWQ3MThmOTA3YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n6NJqOVpSDUIx9/5teNuBDyu4C/
+TWASqgQOUc+ki5QtJUJbMtbZ9WGsUfy/8VZI+Hcx4VwMxWk/3uvB0C9k0/oxyLu
LS+jJdbcq52NVG29trtSniUu4ABZmlsUa+MoSItszAlZgU/gcan5P5USLlyDNmUa
mmDcqPkI1Ma3ZZaukVFWDQX7JfNIiFs1inR5CntgOpetonzEaGsbGv0QFrZmm5FF
KMXLJbIKTJobdgsj9BKgKlNZNdntZHPADuZVyAT2dXDobwMmN14+EexWSHdGZ4oH
R7yUGlKztBk+rh0OIbV3QALPdEIeBxCeX4srA64X185WYSS9GW+INA6pZQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFa/G9dJ3nvygc7UzZekrXGPkHpqMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvVnI4YjEwbmVlX0tCenRUTmw2U3RjWS1RZW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDsHVAMAwD
BAKwdUwDBAWwdUAwDQYJKoZIhvcNAQELBQADggEBAETEVG5b6vDllyWGxsfGWeU8
GM8Pz1scAZl6FEfOo+cLUJV9zOx0PIBC2jo41Uh3cpD9/2t/9KWwWIVYpO4Cspi3
HJPkmLabIWtkU+ifVUlEiHdd4W9IA0x6Xi0I1ycaQ2Q6TnnbCe1uKgV3dEdhsP9J
CoGTh8TgW4IFcKhXQEe/2rQxbbR3TEN1btH3R4b7qfv6E9FktSinq/d8A2//JKul
RZKT8ys8OpvxJxRLPUdYsPuYyHPOWfQbYGlnf1d5+Q/n7UuvUiM1rmq6hVxGCgKe
kn6YzumT4lMuS4RdI/qAR32zBbKATqitY2pmMw4Sj9EW6NxpCxJejay+GJTwwQQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:05 2025 by rpki-client