Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/_e89UcfxAsI5s4Dg2fWBSWvy2CI.roa
File: _e89UcfxAsI5s4Dg2fWBSWvy2CI.roa (raw, json)
Hash identifier: c1i0Irw7kSLVHQhPuYNIJpAXafwAm2/v//qNnbF6o+s=
Subject key identifier: FD:EF:3D:51:C7:F1:02:C2:39:B3:80:E0:D9:F5:81:49:6B:F2:D8:22
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0185729ED7071CA51E7FA62A0A94A69EECC5
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/_e89UcfxAsI5s4Dg2fWBSWvy2CI.roa
Signing time: Mon 02 Jan 2023 13:14:50 +0000
ROA not before: Mon 02 Jan 2023 13:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.96.168.0/23 maxlen: 24
87.251.0.0/20 maxlen: 24
87.251.16.0/22 maxlen: 24
87.251.24.0/22 maxlen: 24
185.203.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:d7:07:1c:a5:1e:7f:a6:2a:0a:94:a6:9e:ec:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 13:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdef3d51c7f102c239b380e0d9f581496bf2d822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:cf:94:da:1c:22:7d:4a:31:fe:6c:5b:c8:
23:81:c8:22:29:b9:bc:af:5f:83:57:51:e5:25:04:
d6:e0:fe:fa:45:87:5e:04:e9:59:5b:9c:ef:5b:2b:
2c:96:a6:9d:c0:84:a6:3d:d7:ac:b1:47:1c:54:5b:
02:fb:22:4c:4c:e4:b2:08:6b:a1:ab:14:ff:41:1b:
7c:f0:65:ca:95:ae:54:4e:ba:4f:a7:d5:1d:03:43:
06:57:2c:30:e4:fd:c4:0c:5a:60:23:ba:55:51:84:
4b:09:c1:37:a8:13:7a:de:8e:fa:93:dc:5b:70:74:
f6:78:3c:30:91:fa:fa:a7:4d:86:4f:56:9a:40:b8:
6e:f5:60:d9:2b:6a:22:7a:cf:4d:98:16:c8:09:95:
4b:c0:18:bf:ed:ae:b7:c9:21:f0:33:12:f8:2c:df:
ca:d0:6b:10:83:3f:77:91:39:ee:30:ca:4f:df:b7:
52:8c:26:27:f9:29:a9:54:78:e9:d0:00:62:fb:cb:
ed:be:58:4a:bf:d3:4a:c9:63:44:79:f6:d5:5a:98:
dc:72:2b:07:52:55:aa:4f:aa:3f:3f:f6:1f:f7:99:
93:df:18:84:62:59:d9:af:0a:f7:aa:67:6a:f9:99:
7d:52:f9:29:81:fe:3a:98:4d:83:4b:dc:38:70:68:
57:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:EF:3D:51:C7:F1:02:C2:39:B3:80:E0:D9:F5:81:49:6B:F2:D8:22
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/_e89UcfxAsI5s4Dg2fWBSWvy2CI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.0.0-87.251.19.255
87.251.24.0/22
185.96.168.0/23
185.203.35.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:01:68:1e:ed:7f:bf:ef:a8:58:56:a3:02:d3:7f:1c:e1:53:
3b:7b:b1:16:0a:8c:ee:98:14:cb:4d:9b:57:0e:69:65:5d:af:
6d:85:d8:dd:e3:d6:23:c7:12:56:4e:62:5f:a5:73:89:45:60:
fc:f9:40:32:d0:ec:92:58:85:ca:a4:f8:77:e0:d7:f2:4a:6f:
98:b3:5e:00:3f:f5:fa:de:87:67:3d:76:18:d6:81:8f:7d:21:
19:2c:ea:7b:ec:54:77:68:72:82:bd:6f:cd:2a:9d:ca:f9:d7:
e1:7e:4d:93:85:2e:c3:32:d3:2f:bb:e1:5e:d9:72:ce:c5:09:
2a:49:9a:1a:c8:da:e0:83:f8:31:be:b1:fa:c8:01:aa:11:0d:
ac:99:14:b1:68:85:32:1d:19:1b:92:ce:08:a1:be:23:cb:f7:
33:6c:0b:bb:2b:15:33:71:ad:4e:ba:0f:35:dd:3d:d9:d4:64:
5a:4f:67:7b:48:ff:93:03:bf:7b:41:c1:b3:64:c0:bf:3e:d0:
1e:13:1c:1e:8b:3a:f5:64:09:19:3d:8e:30:79:e5:63:a8:5f:
ae:bd:fd:a6:fb:75:9a:56:03:c5:b1:8b:59:27:d1:ad:4f:a2:
81:fe:84:68:64:69:28:7c:13:dd:a1:34:24:c6:0c:e9:5a:34:
7a:d0:ed:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVyntcHHKUef6YqCpSmnuzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjMwMTAyMTMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGVmM2Q1MWM3ZjEwMmMyMzliMzgwZTBkOWY1ODE0OTZiZjJkODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3DPlNocIn1KMf5sW8gjgcgiKbm8
r1+DV1HlJQTW4P76RYdeBOlZW5zvWysslqadwISmPdessUccVFsC+yJMTOSyCGuh
qxT/QRt88GXKla5UTrpPp9UdA0MGVyww5P3EDFpgI7pVUYRLCcE3qBN63o76k9xb
cHT2eDwwkfr6p02GT1aaQLhu9WDZK2oies9NmBbICZVLwBi/7a63ySHwMxL4LN/K
0GsQgz93kTnuMMpP37dSjCYn+SmpVHjp0ABi+8vtvlhKv9NKyWNEefbVWpjccisH
UlWqT6o/P/Yf95mT3xiEYlnZrwr3qmdq+Zl9Uvkpgf46mE2DS9w4cGhXJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3vPVHH8QLCObOA4Nn1gUlr8tgiMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvX2U4OVVjZnhBc0k1czREZzJmV0JTV3Z5MkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfMAsDAwBX+wME
Alf7EAMEAlf7GAMEAblgqAMEALnLIzANBgkqhkiG9w0BAQsFAAOCAQEAtwFoHu1/
v++oWFajAtN/HOFTO3uxFgqM7pgUy02bVw5pZV2vbYXY3ePWI8cSVk5iX6VziUVg
/PlAMtDskliFyqT4d+DX8kpvmLNeAD/1+t6HZz12GNaBj30hGSzqe+xUd2hygr1v
zSqdyvnX4X5Nk4UuwzLTL7vhXtlyzsUJKkmaGsja4IP4Mb6x+sgBqhENrJkUsWiF
Mh0ZG5LOCKG+I8v3M2wLuysVM3GtTroPNd092dRkWk9ne0j/kwO/e0HBs2TAvz7Q
HhMcHos69WQJGT2OMHnlY6hfrr39pvt1mlYDxbGLWSfRrU+igf6EaGRpKHwT3aE0
JMYM6Vo0etDtag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org