Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/t3-OndP-6wwDQqH0iMhkeUPedxs.roa
File: t3-OndP-6wwDQqH0iMhkeUPedxs.roa (raw, json)
Hash identifier: KIEURX2FRZEce/seBHXPi46y1b82GJ4pDNggZAXcMg4=
Subject key identifier: B7:7F:8E:9D:D3:FE:EB:0C:03:42:A1:F4:88:C8:64:79:43:DE:77:1B
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 0ABBCF29
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/t3-OndP-6wwDQqH0iMhkeUPedxs.roa
Signing time: Sat 05 Mar 2022 10:17:30 +0000
ROA not before: Sat 05 Mar 2022 10:17:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208972
IP address blocks: 5.182.247.0/24 maxlen: 24
185.233.244.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180080425 (0xabbcf29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Mar 5 10:17:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b77f8e9dd3feeb0c0342a1f488c8647943de771b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:91:6d:1b:2f:c3:d7:81:71:97:ba:3c:d4:cc:
af:ea:a1:cf:df:07:d7:cd:0d:14:8b:ab:a5:58:06:
4f:ee:d7:87:4b:9d:c0:21:e4:8d:6d:2b:20:a3:56:
f8:c2:73:f7:c2:92:80:87:4b:bd:14:50:20:88:6d:
f7:9c:d2:27:96:4e:39:f6:8d:85:1f:89:66:db:d8:
9b:e0:46:f8:ab:dd:56:db:d7:71:28:27:d0:25:e9:
b5:33:79:c3:5d:da:e6:0a:c6:29:a9:4b:4f:47:25:
ed:f0:68:ff:d7:d3:75:3a:e8:54:58:ed:e8:d8:2f:
89:ee:3e:62:30:74:4f:9b:0c:60:33:63:26:00:eb:
1e:0b:10:48:86:fe:14:22:7d:80:ef:55:07:44:7b:
3a:58:f0:98:3d:70:c2:10:b5:a8:58:de:8e:3c:7d:
ca:91:ad:ab:fe:e2:dd:ee:e8:b0:62:d1:d3:04:b3:
75:e7:f8:9b:72:ec:f9:0d:7a:63:4d:5b:2b:b5:86:
06:fb:b9:03:b3:4a:f5:73:29:d4:e5:3a:bb:52:c9:
5d:0c:21:f1:00:4c:86:42:08:e3:f7:aa:ee:cc:72:
a1:d5:37:a8:34:25:55:c2:1f:4b:a9:93:cd:ac:14:
be:fe:8a:76:79:6e:f9:57:89:68:4d:05:73:81:7f:
6a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7F:8E:9D:D3:FE:EB:0C:03:42:A1:F4:88:C8:64:79:43:DE:77:1B
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/t3-OndP-6wwDQqH0iMhkeUPedxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.247.0/24
185.233.244.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ff:f3:af:7c:29:c4:9b:0f:9e:d5:de:b7:80:34:48:90:2c:
ed:d0:a7:86:9b:be:11:c5:d4:65:71:3f:90:76:e8:79:01:01:
d7:f0:dd:62:48:63:47:6f:97:34:c0:ba:f9:70:3e:44:86:78:
7f:a0:53:55:9b:19:2c:31:88:db:fc:c1:f8:ae:75:74:ea:09:
5b:09:a7:67:f3:4e:a3:70:fe:74:a4:f0:5d:67:43:59:f7:77:
20:aa:89:d1:9c:a7:98:43:54:bd:d2:ed:2b:a1:a2:97:95:1c:
ff:71:07:06:ec:df:62:e8:e7:69:e7:e9:cf:1f:3d:66:c9:80:
9e:00:fd:0e:6a:9f:48:b8:b3:25:3d:8c:28:3a:3f:ac:f0:d3:
cd:ce:8f:71:61:f9:5a:ee:a0:3f:e3:88:9f:bf:2a:5a:a8:25:
25:76:0a:20:ae:41:77:64:4d:cf:8d:21:7d:61:58:6f:b7:fb:
b1:31:99:dd:e3:2c:98:d5:6e:80:f6:1f:7b:c8:28:32:48:4c:
2b:78:53:32:6a:af:89:eb:af:8b:46:bf:c8:7d:aa:78:43:3a:
b1:f3:4e:a1:37:7c:0e:fb:59:9a:79:6e:94:4e:ce:cd:96:04:
50:63:64:20:11:14:4c:5c:84:5a:db:03:87:9a:2d:f3:64:2d:
63:39:ba:20
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECrvPKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTU1MzIwMDc3Njk2OTQ0YjE2MTNjMmU4YzljNjA2YTFlMDZlYjc5MB4XDTIyMDMw
NTEwMTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc3ZjhlOWRkM2Zl
ZWIwYzAzNDJhMWY0ODhjODY0Nzk0M2RlNzcxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGRbRsvw9eBcZe6PNTMr+qhz98H180NFIurpVgGT+7Xh0ud
wCHkjW0rIKNW+MJz98KSgIdLvRRQIIht95zSJ5ZOOfaNhR+JZtvYm+BG+KvdVtvX
cSgn0CXptTN5w13a5grGKalLT0cl7fBo/9fTdTroVFjt6Ngvie4+YjB0T5sMYDNj
JgDrHgsQSIb+FCJ9gO9VB0R7OljwmD1wwhC1qFjejjx9ypGtq/7i3e7osGLR0wSz
def4m3Ls+Q16Y01bK7WGBvu5A7NK9XMp1OU6u1LJXQwh8QBMhkII4/eq7sxyodU3
qDQlVcIfS6mTzawUvv6Kdnlu+VeJaE0Fc4F/ak0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS3f46d0/7rDANCofSIyGR5Q953GzAfBgNVHSMEGDAWgBSeVTIAd2lpRLFh
PC6MnGBqHgbreTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25sVXlBSGRwYVVTeFlUd3VqSnhnYWg0RzYzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvMjYwYjYxLWEzNDgtNGQ0Ny05MmY2LTFlMGU4YjkwOWUzNC8x
L3QzLU9uZFAtNnd3RFFxSDBpTWhrZVVQZWR4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
MjYwYjYxLWEzNDgtNGQ0Ny05MmY2LTFlMGU4YjkwOWUzNC8xL25sVXlBSGRwYVVT
eFlUd3VqSnhnYWg0RzYzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAW29wMEALnp9DANBgkqhkiG9w0B
AQsFAAOCAQEAIv/zr3wpxJsPntXet4A0SJAs7dCnhpu+EcXUZXE/kHboeQEB1/Dd
YkhjR2+XNMC6+XA+RIZ4f6BTVZsZLDGI2/zB+K51dOoJWwmnZ/NOo3D+dKTwXWdD
Wfd3IKqJ0ZynmENUvdLtK6Gil5Uc/3EHBuzfYujnaefpzx89ZsmAngD9DmqfSLiz
JT2MKDo/rPDTzc6PcWH5Wu6gP+OIn78qWqglJXYKIK5Bd2RNz40hfWFYb7f7sTGZ
3eMsmNVugPYfe8goMkhMK3hTMmqvieuvi0a/yH2qeEM6sfNOoTd8DvtZmnlulE7O
zZYEUGNkIBEUTFyEWtsDh5ot82QtYzm6IA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:28 2023 by rpki-client on console-ams.rpki-client.org