Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/wxfet9o8gGSHBCmzNaCGpsdA6WE.roa
File: wxfet9o8gGSHBCmzNaCGpsdA6WE.roa (raw, json)
Hash identifier: MkdwVU767FxklIRRWXLEa3fVrVYel/Qmi5CM5Wobfh0=
Subject key identifier: C3:17:DE:B7:DA:3C:80:64:87:04:29:B3:35:A0:86:A6:C7:40:E9:61
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0190FB1C7694DA1897B3C6B4F2E8CCCE483B
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/wxfet9o8gGSHBCmzNaCGpsdA6WE.roa
Signing time: Sun 28 Jul 2024 20:51:04 +0000
ROA not before: Sun 28 Jul 2024 20:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.84.0/22 maxlen: 22
176.117.88.0/22 maxlen: 22
176.117.92.0/24 maxlen: 24
176.117.93.0/24 maxlen: 24
176.117.94.0/24 maxlen: 24
176.117.95.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fb:1c:76:94:da:18:97:b3:c6:b4:f2:e8:cc:ce:48:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Jul 28 20:51:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c317deb7da3c8064870429b335a086a6c740e961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:99:29:f3:e0:8b:77:a9:51:cb:70:82:71:07:
f1:16:a4:2b:39:c6:8d:d2:1a:e5:78:24:96:41:e4:
89:21:c4:a1:89:28:ae:0b:18:33:11:ec:4f:6b:c1:
c6:40:3b:79:42:89:71:8a:af:ad:d5:cd:22:a6:66:
0a:e9:7e:a5:59:45:2f:cd:6d:ad:2d:0c:df:a8:3d:
7c:4b:16:5f:ae:5e:da:ce:4d:e5:ca:af:97:16:6f:
e6:82:bb:c2:7f:f5:4b:2b:b7:9e:f0:87:be:d3:c8:
ff:a8:66:10:85:2a:58:48:c2:eb:3d:14:b6:b6:c9:
47:b3:7d:ed:bb:1b:77:2f:11:63:49:c9:87:13:bb:
0b:09:e4:65:32:92:e9:cc:58:86:53:9b:bc:7d:99:
5c:60:5f:2d:2f:5e:7b:8e:04:a6:fa:31:f0:aa:46:
b8:eb:e6:27:05:61:05:f1:3c:6b:f1:a5:bc:03:d5:
88:bf:e1:9a:74:4b:e8:ac:0e:68:6b:46:14:30:e3:
07:10:2c:51:9c:20:12:f2:a0:0b:b8:89:91:2a:62:
01:42:53:d9:f0:ec:bb:4f:b5:d2:e9:16:5c:02:b1:
ae:e3:3e:d0:d0:47:cc:bd:16:5a:48:7f:d8:94:33:
25:e8:e6:d7:ac:a2:3f:21:ae:51:fb:a9:5b:08:76:
5c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:17:DE:B7:DA:3C:80:64:87:04:29:B3:35:A0:86:A6:C7:40:E9:61
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/wxfet9o8gGSHBCmzNaCGpsdA6WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.84.0-176.117.95.255
Signature Algorithm: sha256WithRSAEncryption
19:71:87:38:65:fc:39:50:9e:fd:b0:6f:fe:cc:a1:aa:2b:51:
34:73:4c:28:6d:30:7b:51:3e:95:b2:eb:28:57:dc:aa:b3:4c:
1b:1a:21:ea:50:c6:90:19:fa:8b:36:66:cc:dd:72:c0:d5:84:
86:90:39:cc:f5:cc:20:66:0c:8c:76:cb:d2:4f:f0:0b:ff:7a:
0d:5a:23:7d:6e:37:11:2e:44:53:7a:7b:9f:5d:cb:63:e3:a4:
1a:ac:6c:d4:56:8d:ae:93:07:72:96:e3:04:0b:de:7a:f8:19:
01:5e:63:51:e5:2e:0d:3a:c9:2a:1c:99:05:47:b0:6c:8a:f6:
58:35:f9:b0:55:73:f6:d8:98:a1:03:40:b3:53:c4:5d:78:c3:
84:09:44:17:93:78:00:c0:28:16:19:31:92:e2:b8:b1:5a:5d:
3c:53:98:c0:6f:be:dd:d7:ef:98:75:7c:95:8a:56:dd:3f:b6:
00:9a:db:0f:8f:cd:ce:36:c0:f2:f0:8a:5d:0f:ec:b0:07:5c:
4c:4c:91:cc:ed:bd:c2:e2:6e:2c:a4:e6:90:60:25:fc:35:17:
b3:88:79:64:1e:b0:ce:7d:64:24:f1:b9:ae:cf:f5:c1:4e:21:
d6:33:2f:8a:51:a7:12:55:4d:8c:cf:91:3a:49:c9:6d:3e:a7:
20:b3:ac:b2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZD7HHaU2hiXs8a08ujMzkg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjQwNzI4MjA1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzE3ZGViN2RhM2M4MDY0ODcwNDI5YjMzNWEwODZhNmM3NDBlOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZkp8+CLd6lRy3CCcQfxFqQrOcaN
0hrleCSWQeSJIcShiSiuCxgzEexPa8HGQDt5Qolxiq+t1c0ipmYK6X6lWUUvzW2t
LQzfqD18SxZfrl7azk3lyq+XFm/mgrvCf/VLK7ee8Ie+08j/qGYQhSpYSMLrPRS2
tslHs33tuxt3LxFjScmHE7sLCeRlMpLpzFiGU5u8fZlcYF8tL157jgSm+jHwqka4
6+YnBWEF8Txr8aW8A9WIv+GadEvorA5oa0YUMOMHECxRnCAS8qALuImRKmIBQlPZ
8Oy7T7XS6RZcArGu4z7Q0EfMvRZaSH/YlDMl6ObXrKI/Ia5R+6lbCHZc3wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMMX3rfaPIBkhwQpszWghqbHQOlhMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvd3hmZXQ5bzhnR1NIQkNtek5hQ0dwc2RBNldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKwdVQD
BAWwdUAwDQYJKoZIhvcNAQELBQADggEBABlxhzhl/DlQnv2wb/7MoaorUTRzTCht
MHtRPpWy6yhX3KqzTBsaIepQxpAZ+os2ZszdcsDVhIaQOcz1zCBmDIx2y9JP8Av/
eg1aI31uNxEuRFN6e59dy2PjpBqsbNRWja6TB3KW4wQL3nr4GQFeY1HlLg06ySoc
mQVHsGyK9lg1+bBVc/bYmKEDQLNTxF14w4QJRBeTeADAKBYZMZLiuLFaXTxTmMBv
vt3X75h1fJWKVt0/tgCa2w+Pzc42wPLwil0P7LAHXExMkcztvcLibiyk5pBgJfw1
F7OIeWQesM59ZCTxua7P9cFOIdYzL4pRpxJVTYzPkTpJyW0+pyCzrLI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:19 2025 by rpki-client