Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/8Fc_-DvRf51WCD36LFk6140lMXI.roa
File: 8Fc_-DvRf51WCD36LFk6140lMXI.roa (raw, json)
Hash identifier: 4wBCTeV3PV8XGkVLoB1XeTRiwuXblKh4HEjjC4jEVGE=
Subject key identifier: F0:57:3F:F8:3B:D1:7F:9D:56:08:3D:FA:2C:59:3A:D7:8D:25:31:72
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 38AE228A
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/8Fc_-DvRf51WCD36LFk6140lMXI.roa
Signing time: Tue 01 Mar 2022 09:07:37 +0000
ROA not before: Tue 01 Mar 2022 09:07:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211504
IP address blocks: 178.175.167.0/24 maxlen: 24
178.175.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 950936202 (0x38ae228a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Mar 1 09:07:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0573ff83bd17f9d56083dfa2c593ad78d253172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a7:ea:e0:60:5c:98:cb:84:61:72:03:44:78:
91:b1:a8:96:cf:c5:91:ce:84:7b:20:ca:08:97:b0:
ec:01:38:b0:fa:19:de:2c:06:5c:c8:04:ab:a9:2b:
ce:e0:e1:bc:aa:49:28:f0:94:7b:61:f2:72:d9:51:
d6:32:c9:92:b3:f1:83:09:cf:f1:f9:de:26:e6:b6:
f4:00:ee:88:3a:7f:35:32:87:5d:be:bc:24:70:f8:
e7:45:9c:86:52:da:d8:8a:f8:26:7b:98:6f:a8:64:
2b:ac:44:90:3f:cf:2d:82:78:98:6a:fa:9e:1b:73:
b3:ce:39:c9:7c:d6:ee:04:7e:32:a4:ae:6a:f0:56:
6e:62:6c:64:d2:cb:fa:60:7f:38:e6:05:ca:06:c7:
a3:60:dc:67:ff:d9:d4:12:29:3b:30:50:13:27:6c:
14:a5:39:6c:48:58:43:8c:14:d7:46:a3:5d:21:2e:
8b:24:5f:49:1d:9e:b9:b0:f0:cd:f7:63:d5:1f:ea:
8c:47:cd:40:d9:fb:2b:6e:c1:05:62:86:ae:31:a4:
66:19:ab:27:7d:c9:2a:ea:f3:9d:23:f2:06:5b:0e:
78:12:cb:b3:d4:15:a6:4b:cb:fd:2a:ca:11:3a:c2:
c6:7b:3d:42:22:d7:a3:a0:2f:e8:6d:f8:5a:2b:5a:
59:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:57:3F:F8:3B:D1:7F:9D:56:08:3D:FA:2C:59:3A:D7:8D:25:31:72
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/8Fc_-DvRf51WCD36LFk6140lMXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.167.0/24
178.175.190.0/24
Signature Algorithm: sha256WithRSAEncryption
72:85:9e:d5:85:82:53:5d:dc:ae:1d:08:7f:18:8e:29:cf:b2:
23:74:56:2f:d2:7f:e1:2e:a1:1a:cb:59:d4:86:0e:3e:10:c7:
d3:a1:c7:2d:61:93:29:a1:ed:0d:ee:63:76:67:73:55:58:59:
54:03:7e:df:21:5d:5e:69:83:37:5c:0a:73:ef:df:6b:15:0f:
02:cc:d1:fb:7b:78:72:a4:a6:6a:a6:d2:d6:ae:eb:9d:12:b2:
66:74:b5:98:de:16:69:9e:99:94:00:22:59:d5:c1:41:63:99:
12:dd:41:0d:5e:5f:c1:e0:ce:1e:24:15:56:7e:5a:b8:42:6a:
e6:a7:0c:ee:4c:d3:b2:4a:92:26:25:ab:9a:3c:b2:39:05:73:
94:08:81:2e:62:c7:59:87:63:bf:12:5f:3d:0e:73:c7:b1:59:
9e:bd:37:4f:41:5a:54:62:c4:d3:5a:e0:d2:07:e6:b3:31:14:
3d:5b:80:a9:f7:0b:7c:a3:96:9c:0e:4b:88:f1:cb:3b:b0:32:
5d:09:f9:7f:e6:27:03:4d:f6:1c:fd:e2:05:bd:d0:f9:f5:1b:
57:1d:60:4c:67:59:bc:01:b0:06:6e:a5:e2:20:80:fa:c1:b2:
50:1f:09:c9:c3:f1:6f:aa:28:a9:19:02:1a:26:a3:6a:97:d0:
46:d6:11:42
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOK4iijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTFiOTE1MDQ5ODMwOTE1MDZhMWE5NDQ0NTdhNDU1OGI5NGRhYjdmMB4XDTIyMDMw
MTA5MDczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA1NzNmZjgzYmQx
N2Y5ZDU2MDgzZGZhMmM1OTNhZDc4ZDI1MzE3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKn6uBgXJjLhGFyA0R4kbGols/Fkc6EeyDKCJew7AE4sPoZ
3iwGXMgEq6krzuDhvKpJKPCUe2HyctlR1jLJkrPxgwnP8fneJua29ADuiDp/NTKH
Xb68JHD450WchlLa2Ir4JnuYb6hkK6xEkD/PLYJ4mGr6nhtzs845yXzW7gR+MqSu
avBWbmJsZNLL+mB/OOYFygbHo2DcZ//Z1BIpOzBQEydsFKU5bEhYQ4wU10ajXSEu
iyRfSR2eubDwzfdj1R/qjEfNQNn7K27BBWKGrjGkZhmrJ33JKurznSPyBlsOeBLL
s9QVpkvL/SrKETrCxns9QiLXo6Av6G34WitaWecCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTwVz/4O9F/nVYIPfosWTrXjSUxcjAfBgNVHSMEGDAWgBS5G5FQSYMJFQah
qURFekVYuU2rfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VSdVJVRW1EQ1JVR29hbEVSWHBGV0xsTnEzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8x
LzhGY18tRHZSZjUxV0NEMzZMRms2MTQwbE1YSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8xL3VSdVJVRW1EQ1JV
R29hbEVSWHBGV0xsTnEzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALKvpwMEALKvvjANBgkqhkiG9w0B
AQsFAAOCAQEAcoWe1YWCU13crh0IfxiOKc+yI3RWL9J/4S6hGstZ1IYOPhDH06HH
LWGTKaHtDe5jdmdzVVhZVAN+3yFdXmmDN1wKc+/faxUPAszR+3t4cqSmaqbS1q7r
nRKyZnS1mN4WaZ6ZlAAiWdXBQWOZEt1BDV5fweDOHiQVVn5auEJq5qcM7kzTskqS
JiWrmjyyOQVzlAiBLmLHWYdjvxJfPQ5zx7FZnr03T0FaVGLE01rg0gfmszEUPVuA
qfcLfKOWnA5LiPHLO7AyXQn5f+YnA032HP3iBb3Q+fUbVx1gTGdZvAGwBm6l4iCA
+sGyUB8JycPxb6ooqRkCGiajapfQRtYRQg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org