Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/dQmUT64fTu-WfZx2v5O2lT-LCsI.roa
File: dQmUT64fTu-WfZx2v5O2lT-LCsI.roa (raw, json)
Hash identifier: AfgXkqsYS5kd+gj7jV4qwwnhg6m1wLyWiZN4xXQ+W1I=
Subject key identifier: 75:09:94:4F:AE:1F:4E:EF:96:7D:9C:76:BF:93:B6:95:3F:8B:0A:C2
Certificate issuer: /CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Certificate serial: 2766DB11
Authority key identifier: 1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/dQmUT64fTu-WfZx2v5O2lT-LCsI.roa
Signing time: Tue 12 Apr 2022 07:14:19 +0000
ROA not before: Tue 12 Apr 2022 07:14:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 130.255.16.0/22 maxlen: 22
130.255.16.0/23 maxlen: 23
185.17.44.0/22 maxlen: 22
130.255.20.0/24 maxlen: 24
130.255.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 661052177 (0x2766db11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Validity
Not Before: Apr 12 07:14:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7509944fae1f4eef967d9c76bf93b6953f8b0ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:2e:8d:39:72:37:0a:a1:e7:6e:5f:b9:35:14:
15:c3:23:2a:c3:e7:d0:b9:9a:a2:8b:32:7a:e8:c0:
ff:c4:ec:58:0f:e5:7b:88:52:d6:d0:a9:d3:09:73:
a1:31:d8:44:5f:cb:50:d6:6d:bd:b3:b3:e6:c3:3d:
f1:e0:e0:ca:ee:b9:d5:34:55:b2:8c:be:1d:59:c7:
c5:a9:9e:f0:ba:86:b2:91:d5:ec:b0:df:8e:57:83:
9f:3a:05:e8:71:5d:1a:a1:8e:88:8b:15:cf:72:06:
8e:72:da:2b:9c:2d:df:c0:30:d2:9e:6f:b7:9d:44:
92:ac:ea:da:ce:df:05:f8:93:f2:3c:a2:4f:4c:68:
a4:10:27:8b:87:cb:ef:c7:e5:cc:87:01:b7:1f:4b:
15:a7:87:a0:ec:76:c7:fa:8a:66:ee:ba:eb:30:71:
4c:af:08:59:01:cd:fc:4c:1a:7d:67:c1:4a:71:2d:
58:a8:ed:37:de:2e:81:cf:bc:33:ac:f4:05:af:3e:
4d:d3:79:1b:0b:5e:86:1c:19:4f:99:5e:b9:8b:48:
46:18:38:cd:79:d1:94:69:cc:3f:45:1d:92:b0:41:
ff:38:d6:5c:96:ff:fa:42:24:22:40:6b:0a:70:b0:
79:93:99:27:ff:ec:e2:18:90:52:28:70:dd:e2:73:
47:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:09:94:4F:AE:1F:4E:EF:96:7D:9C:76:BF:93:B6:95:3F:8B:0A:C2
X509v3 Authority Key Identifier:
keyid:1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/dQmUT64fTu-WfZx2v5O2lT-LCsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/G9Id-yT32M4jEbpAdndUdL1QvmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.16.0-130.255.20.255
130.255.27.0/24
185.17.44.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:8a:e8:72:60:62:4d:d9:29:68:2b:8e:3d:5e:ff:87:63:4f:
4e:0f:63:5b:84:b5:20:da:db:d2:16:59:f4:cd:d9:46:f0:7d:
1f:c9:31:15:68:a1:de:4a:b0:0f:01:06:63:f7:3a:4a:c6:a2:
d0:d6:b2:24:89:9f:5e:72:2a:26:af:b9:2d:5a:7e:82:bb:f7:
cf:34:e0:31:30:e0:3e:3c:d5:2a:00:8a:4e:ce:20:bd:a0:89:
20:de:08:f8:48:57:fb:96:b3:7c:bb:1f:ec:fa:2b:2c:28:52:
35:ed:e7:68:6e:74:f1:2d:ad:e0:be:9c:33:ed:21:dc:62:0a:
e4:e1:09:17:4d:fa:ff:ec:d3:be:a4:95:1c:e4:77:80:4a:61:
4c:69:7e:65:f5:e2:e9:47:11:34:73:33:6c:ee:dd:9d:1e:eb:
8e:88:d8:84:3f:38:aa:65:01:19:9d:bd:98:9e:e2:90:0f:0e:
3c:87:d3:73:80:ce:13:ee:d1:8a:74:84:12:88:55:18:ec:55:
04:7b:a1:95:2c:af:c3:96:cd:ec:87:8e:0a:dd:98:ee:80:33:
5a:99:c5:f3:11:84:54:b6:0f:2d:64:5a:b3:4c:ee:74:16:f5:
b2:fd:09:35:87:29:6b:63:ac:c2:e3:ca:4d:97:93:6b:a3:8b:
70:58:4e:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEJ2bbETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YmQyMWRmYjI0ZjdkOGNlMjMxMWJhNDA3Njc3NTQ3NGJkNTBiZTY0MB4XDTIyMDQx
MjA3MTQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzUwOTk0NGZhZTFm
NGVlZjk2N2Q5Yzc2YmY5M2I2OTUzZjhiMGFjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwujTlyNwqh525fuTUUFcMjKsPn0LmaoosyeujA/8TsWA/l
e4hS1tCp0wlzoTHYRF/LUNZtvbOz5sM98eDgyu651TRVsoy+HVnHxame8LqGspHV
7LDfjleDnzoF6HFdGqGOiIsVz3IGjnLaK5wt38Aw0p5vt51Ekqzq2s7fBfiT8jyi
T0xopBAni4fL78flzIcBtx9LFaeHoOx2x/qKZu666zBxTK8IWQHN/EwafWfBSnEt
WKjtN94ugc+8M6z0Ba8+TdN5GwtehhwZT5leuYtIRhg4zXnRlGnMP0UdkrBB/zjW
XJb/+kIkIkBrCnCweZOZJ//s4hiQUihw3eJzR3UCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR1CZRPrh9O75Z9nHa/k7aVP4sKwjAfBgNVHSMEGDAWgBQb0h37JPfYziMR
ukB2d1R0vVC+ZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c5SWQteVQzMk00akVicEFkbmRVZEwxUXZtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMDhlMTViLTRhMjQtNGNlMC05NDU0LWY4N2EzMjJhNzc3Ni8x
L2RRbVVUNjRmVHUtV2ZaeDJ2NU8ybFQtTENzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MDhlMTViLTRhMjQtNGNlMC05NDU0LWY4N2EzMjJhNzc3Ni8xL0c5SWQteVQzMk00
akVicEFkbmRVZEwxUXZtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQEgv8QAwQAgv8UAwQAgv8bAwQC
uREsMA0GCSqGSIb3DQEBCwUAA4IBAQAsiuhyYGJN2SloK449Xv+HY09OD2NbhLUg
2tvSFln0zdlG8H0fyTEVaKHeSrAPAQZj9zpKxqLQ1rIkiZ9eciomr7ktWn6Cu/fP
NOAxMOA+PNUqAIpOziC9oIkg3gj4SFf7lrN8ux/s+issKFI17edobnTxLa3gvpwz
7SHcYgrk4QkXTfr/7NO+pJUc5HeASmFMaX5l9eLpRxE0czNs7t2dHuuOiNiEPziq
ZQEZnb2YnuKQDw48h9NzgM4T7tGKdIQSiFUY7FUEe6GVLK/Dls3sh44K3ZjugDNa
mcXzEYRUtg8tZFqzTO50FvWy/Qk1hylrY6zC48pNl5Nro4twWE4Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:45 2024 by rpki-client on console-fra.rpki-client.org