Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Oa2dpiPr_8TTNnqoi6nvNpr3hdQ.roa
File: Oa2dpiPr_8TTNnqoi6nvNpr3hdQ.roa (raw, json)
Hash identifier: yCWpiFRZh4llKOxVcvPvvgvap1ZOyKYPq6h+D5OB5hg=
Subject key identifier: 39:AD:9D:A6:23:EB:FF:C4:D3:36:7A:A8:8B:A9:EF:36:9A:F7:85:D4
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 39442DCF
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Oa2dpiPr_8TTNnqoi6nvNpr3hdQ.roa
Signing time: Wed 11 May 2022 21:12:02 +0000
ROA not before: Wed 11 May 2022 21:12:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.96.168.0/23 maxlen: 24
87.251.0.0/20 maxlen: 24
87.251.16.0/22 maxlen: 24
87.251.24.0/22 maxlen: 24
185.203.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960769487 (0x39442dcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: May 11 21:12:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39ad9da623ebffc4d3367aa88ba9ef369af785d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:5e:dc:40:4c:8a:0b:a8:20:8e:7c:47:d4:
a4:fc:79:d2:28:7e:77:99:b6:be:a8:c7:d2:d6:d0:
e8:18:99:d6:82:a6:d3:64:8d:78:93:9d:df:2c:5c:
cf:73:4c:21:0a:39:6d:08:f5:3b:4c:1c:4a:27:95:
c5:14:cb:84:87:ed:1d:87:67:67:fe:ea:2c:1b:ab:
e3:6c:9f:2c:e3:93:36:91:5e:75:ef:70:51:19:d9:
52:eb:e0:d5:25:6c:e2:46:9b:90:e2:44:07:0d:c6:
ce:d4:fc:75:b4:69:39:a0:9f:0b:dc:d0:44:fd:e3:
ad:d7:92:3e:70:f8:9f:ae:be:d7:58:6f:14:42:31:
25:ce:a0:74:5a:9b:8f:c8:90:46:fc:c1:e9:4a:15:
7a:33:17:99:e2:50:8d:68:5e:fd:1f:b4:91:9f:ef:
d5:d1:d5:1c:ec:9d:6d:b2:e1:0c:a5:d9:b7:ee:16:
e4:f9:06:56:9b:97:bc:cd:fa:38:77:6e:81:a7:8f:
50:64:82:a3:f2:c1:56:1c:9a:7d:21:37:80:30:39:
ba:cd:3c:b9:72:92:8a:e1:be:e1:40:d5:73:6e:a7:
f9:ce:c5:95:57:5e:37:b5:b6:c3:18:89:2b:55:14:
40:56:32:ab:b5:32:52:4a:3d:82:b5:22:f6:1d:f0:
84:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AD:9D:A6:23:EB:FF:C4:D3:36:7A:A8:8B:A9:EF:36:9A:F7:85:D4
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Oa2dpiPr_8TTNnqoi6nvNpr3hdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.0.0-87.251.19.255
87.251.24.0/22
185.96.168.0/23
185.203.35.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:6c:33:cb:43:ee:8f:9d:60:24:40:e3:e2:8c:7d:55:92:0c:
13:d6:d0:0b:12:6f:cd:bd:77:af:9d:e3:bb:f6:b5:3d:dc:9d:
38:32:8e:50:4a:12:c8:c1:75:e5:d2:05:db:f6:f7:84:4c:40:
5a:79:28:85:9d:c1:76:d6:59:91:3a:20:ca:78:59:b2:56:2e:
ec:be:ba:31:7d:d7:8d:87:d1:fa:85:3b:0b:02:06:84:ab:62:
f7:d9:a2:f0:dc:f0:99:cb:1e:b9:e2:a8:85:98:d2:13:ae:61:
c0:99:3b:3f:e6:a6:b1:67:70:2f:db:f3:93:a5:3f:fc:16:34:
f3:84:89:d8:c0:f8:d3:81:ef:b4:cb:0a:56:3c:aa:1a:f2:de:
97:9f:28:14:24:66:a6:2c:8d:fe:8b:2d:49:05:dc:e8:fe:c6:
9e:e1:a3:56:b0:b9:42:01:22:aa:89:8e:cc:41:b4:12:24:ed:
2f:98:4c:16:3c:16:79:3f:45:8d:c6:3a:36:3e:1c:26:1a:4d:
9d:8a:6c:47:2d:65:b5:29:79:f4:56:9a:ef:30:54:82:f5:3b:
3e:a7:e7:78:6e:fd:0c:92:cb:64:65:b4:9e:e1:5a:15:a5:87:
17:94:cf:fe:c0:c2:a7:f6:8c:80:78:4b:37:22:ad:6c:11:62:
7e:9b:e6:a0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIEOUQtzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTAxODE1YzZmOThmM2EyYjYxODRhZmViZjE4ZWEzNDFiZTg4MmVhMB4XDTIyMDUx
MTIxMTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzlhZDlkYTYyM2Vi
ZmZjNGQzMzY3YWE4OGJhOWVmMzY5YWY3ODVkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALV3XtxATIoLqCCOfEfUpPx50ih+d5m2vqjH0tbQ6BiZ1oKm
02SNeJOd3yxcz3NMIQo5bQj1O0wcSieVxRTLhIftHYdnZ/7qLBur42yfLOOTNpFe
de9wURnZUuvg1SVs4kabkOJEBw3GztT8dbRpOaCfC9zQRP3jrdeSPnD4n66+11hv
FEIxJc6gdFqbj8iQRvzB6UoVejMXmeJQjWhe/R+0kZ/v1dHVHOydbbLhDKXZt+4W
5PkGVpuXvM36OHdugaePUGSCo/LBVhyafSE3gDA5us08uXKSiuG+4UDVc26n+c7F
lVdeN7W2wxiJK1UUQFYyq7UyUko9grUi9h3whHkCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBQ5rZ2mI+v/xNM2eqiLqe82mveF1DAfBgNVHSMEGDAWgBTlAYFcb5jzorYY
Sv6/GOo0G+iC6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVRR0JYRy1ZODZLMkdFci12eGpxTkJ2b2d1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8x
L09hMmRwaVByXzhUVE5ucW9pNm52TnByM2hkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8xLzVRR0JYRy1ZODZL
MkdFci12eGpxTkJ2b2d1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwJQQCAAEwHzALAwMAV/sDBAJX+xADBAJX+xgDBAG5
YKgDBAC5yyMwDQYJKoZIhvcNAQELBQADggEBAF9sM8tD7o+dYCRA4+KMfVWSDBPW
0AsSb829d6+d47v2tT3cnTgyjlBKEsjBdeXSBdv294RMQFp5KIWdwXbWWZE6IMp4
WbJWLuy+ujF9142H0fqFOwsCBoSrYvfZovDc8JnLHrniqIWY0hOuYcCZOz/mprFn
cC/b85OlP/wWNPOEidjA+NOB77TLClY8qhry3pefKBQkZqYsjf6LLUkF3Oj+xp7h
o1awuUIBIqqJjsxBtBIk7S+YTBY8Fnk/RY3GOjY+HCYaTZ2KbEctZbUpefRWmu8w
VIL1Oz6n53hu/QySy2RltJ7hWhWlhxeUz/7Awqf2jIB4SzcirWwRYn6b5qA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:59 2024 by rpki-client on console-ams.rpki-client.org