Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/IkWfvmaYXnA7LFW-znWmQmlMQcs.roa
File: IkWfvmaYXnA7LFW-znWmQmlMQcs.roa (raw, json)
Hash identifier: mOqkhwjtRntjGvXi1ZOUIG+s6G1ImLYajuAvNHCtOBk=
Subject key identifier: 22:45:9F:BE:66:98:5E:70:3B:2C:55:BE:CE:75:A6:42:69:4C:41:CB
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0185729ED4AB493FDEF63BA6B3A7FA48C644
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/IkWfvmaYXnA7LFW-znWmQmlMQcs.roa
Signing time: Mon 02 Jan 2023 13:14:49 +0000
ROA not before: Mon 02 Jan 2023 13:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 87.251.29.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:d4:ab:49:3f:de:f6:3b:a6:b3:a7:fa:48:c6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 13:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22459fbe66985e703b2c55bece75a642694c41cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6a:77:c1:03:dd:26:4d:b0:85:be:3c:f8:12:
38:b1:12:f8:1e:bc:a4:39:b1:e3:1d:f5:d4:23:c4:
69:b6:cc:f9:6a:0e:eb:76:2e:c7:89:58:4a:c0:bc:
ee:16:98:f7:ab:a3:61:68:c8:9c:a3:69:7b:6d:21:
40:01:54:62:30:20:78:0c:fa:37:cc:b7:0b:bb:c8:
74:ad:c9:02:26:14:51:a7:cd:fa:37:48:c2:33:c1:
69:a9:7b:9f:43:6f:c0:79:26:ff:fc:89:36:a0:36:
4f:cd:0b:5a:08:9d:49:ad:97:60:be:62:27:b2:55:
d0:7b:7b:a0:1b:5f:f6:8d:84:15:1c:1a:34:a0:90:
52:08:e3:01:e8:50:49:84:8d:31:ea:26:6c:81:61:
fb:c7:e6:58:d2:74:be:fb:f1:f2:3c:6f:ab:0e:db:
72:70:6f:61:5f:49:41:a7:6f:51:e3:5b:08:9e:58:
fb:0c:60:ff:3d:3b:7c:80:f4:2e:fe:16:df:0d:0e:
f4:31:65:a6:48:fa:b5:c8:a3:96:6a:2b:11:67:69:
ae:44:3f:77:32:64:9c:1e:8e:ad:2e:1f:fe:ba:7e:
75:a8:40:0d:bd:57:88:cc:4f:16:bb:88:97:0c:dc:
38:35:e9:5c:fa:a2:e7:cc:df:ea:cf:ce:7b:09:03:
07:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:45:9F:BE:66:98:5E:70:3B:2C:55:BE:CE:75:A6:42:69:4C:41:CB
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/IkWfvmaYXnA7LFW-znWmQmlMQcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.29.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:57:00:da:b9:c8:8b:95:7a:c3:4f:43:30:ab:ce:22:40:6e:
10:35:db:2b:9d:78:bf:90:4f:e8:95:d6:fa:3b:f9:ca:8e:92:
ec:08:48:e7:c9:86:7a:f3:47:1c:8f:01:6b:cb:df:5b:ad:16:
e0:f8:57:23:bc:37:21:0b:db:92:60:41:97:b2:cb:1c:4f:c5:
4a:56:2e:d2:82:69:34:40:a6:89:d7:e3:a1:fb:47:57:f0:59:
df:76:f5:04:d4:3c:b6:48:41:c1:7b:85:fd:b3:3f:83:82:f1:
cd:ec:dc:e3:ca:20:4a:fb:87:4a:84:d5:21:f2:f6:be:e9:27:
bc:9e:f2:4e:6c:cf:53:6c:19:89:e8:96:f0:0b:ac:75:c0:7f:
ef:06:31:5e:a5:47:52:ed:39:4f:b2:64:5a:45:a1:2d:f9:33:
c7:9a:3c:33:fa:65:ed:3f:fe:f9:b0:3b:4e:45:5d:10:e1:11:
ac:46:fd:52:07:e6:95:77:65:d2:5d:e0:ad:35:31:88:e1:fd:
b2:2a:2b:fc:5d:4b:d0:70:39:b6:95:46:d1:bb:3f:dc:12:2f:
23:35:41:e5:f7:04:d7:81:50:1a:5b:02:1a:1c:50:56:d0:df:
04:82:91:40:01:62:f6:9b:38:7e:66:4b:26:02:d0:d9:81:65:
6c:24:19:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyntSrST/e9jums6f6SMZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjMwMTAyMTMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQ1OWZiZTY2OTg1ZTcwM2IyYzU1YmVjZTc1YTY0MjY5NGM0MWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGp3wQPdJk2whb48+BI4sRL4Hryk
ObHjHfXUI8Rptsz5ag7rdi7HiVhKwLzuFpj3q6NhaMico2l7bSFAAVRiMCB4DPo3
zLcLu8h0rckCJhRRp836N0jCM8FpqXufQ2/AeSb//Ik2oDZPzQtaCJ1JrZdgvmIn
slXQe3ugG1/2jYQVHBo0oJBSCOMB6FBJhI0x6iZsgWH7x+ZY0nS++/HyPG+rDtty
cG9hX0lBp29R41sInlj7DGD/PTt8gPQu/hbfDQ70MWWmSPq1yKOWaisRZ2muRD93
MmScHo6tLh/+un51qEANvVeIzE8Wu4iXDNw4Nelc+qLnzN/qz857CQMHdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJFn75mmF5wOyxVvs51pkJpTEHLMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvSWtXZnZtYVlYbkE3TEZXLXpuV21RbWxNUWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/sdMA0G
CSqGSIb3DQEBCwUAA4IBAQC2VwDauciLlXrDT0Mwq84iQG4QNdsrnXi/kE/oldb6
O/nKjpLsCEjnyYZ680ccjwFry99brRbg+FcjvDchC9uSYEGXssscT8VKVi7Sgmk0
QKaJ1+Oh+0dX8FnfdvUE1Dy2SEHBe4X9sz+DgvHN7NzjyiBK+4dKhNUh8va+6Se8
nvJObM9TbBmJ6JbwC6x1wH/vBjFepUdS7TlPsmRaRaEt+TPHmjwz+mXtP/75sDtO
RV0Q4RGsRv1SB+aVd2XSXeCtNTGI4f2yKiv8XUvQcDm2lUbRuz/cEi8jNUHl9wTX
gVAaWwIaHFBW0N8EgpFAAWL2mzh+ZksmAtDZgWVsJBla
-----END CERTIFICATE-----
Generated at Wed Aug 2 10:59:40 2023 by rpki-client on console-ams.rpki-client.org