Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/v7j_SqouaPKW10SyGYLo1AiTWGQ.roa
File: v7j_SqouaPKW10SyGYLo1AiTWGQ.roa (raw, json)
Hash identifier: PJMayGcj/V+xXaiNRIjOr2twS4jikzMk6ntjOSgVMIs=
Subject key identifier: BF:B8:FF:4A:AA:2E:68:F2:96:D7:44:B2:19:82:E8:D4:08:93:58:64
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 35C7E3
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/v7j_SqouaPKW10SyGYLo1AiTWGQ.roa
Signing time: Tue 22 Mar 2022 11:58:47 +0000
ROA not before: Tue 22 Mar 2022 11:58:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 193.57.35.0/24 maxlen: 24
193.57.33.0/24 maxlen: 24
185.239.245.0/24 maxlen: 24
193.57.57.0/24 maxlen: 24
185.254.19.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3524579 (0x35c7e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Mar 22 11:58:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfb8ff4aaa2e68f296d744b21982e8d408935864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:81:67:68:15:00:a4:2c:71:7d:2a:63:17:3b:
56:ae:3c:cc:59:8f:ae:d7:ec:11:23:56:c8:89:2b:
c4:8f:ba:f4:93:34:f6:6b:80:6e:5e:b1:b9:85:b0:
f5:83:31:a5:fb:2e:bf:91:c6:80:86:87:22:97:2d:
6b:b2:43:e4:98:4e:6e:17:84:9f:ca:83:53:ad:2b:
6d:18:a8:00:bb:5d:a3:d9:54:d1:a6:b1:af:e6:99:
0b:47:15:97:72:7a:ea:38:1f:68:0a:d8:17:e9:cd:
ef:f8:2d:d8:bf:bf:8e:d1:32:68:dd:d4:21:26:e4:
94:d1:36:cb:2e:01:62:ae:6d:dc:f5:30:6d:9c:80:
1b:13:65:db:e6:69:56:e1:4c:6a:3d:ad:68:da:ed:
be:2f:b8:28:04:53:49:93:1d:58:13:ce:75:be:47:
5c:5e:f0:43:f4:76:ab:16:dc:6a:4f:7d:0e:7d:88:
35:81:f8:d7:40:f8:12:ac:87:ef:4b:73:bf:4d:4a:
0b:7a:6b:66:e9:fd:7a:ab:7a:9c:71:93:14:b7:0d:
88:61:7b:31:cc:80:12:60:01:1a:45:a5:77:28:74:
ad:8e:31:8b:ee:f1:03:f0:9e:a3:64:0d:af:91:a9:
bd:35:2d:b7:26:d7:66:27:f8:fa:bc:98:c3:cd:69:
9b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B8:FF:4A:AA:2E:68:F2:96:D7:44:B2:19:82:E8:D4:08:93:58:64
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/v7j_SqouaPKW10SyGYLo1AiTWGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.245.0/24
185.254.19.0/24
193.57.33.0/24
193.57.35.0/24
193.57.57.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:9e:1e:24:2a:35:b3:8a:6d:f6:67:08:0a:e3:b3:c7:fa:16:
49:76:ec:0a:0c:14:25:eb:e3:44:fd:dc:2e:41:82:87:54:c2:
56:71:81:af:d3:e5:87:09:41:a7:20:4a:de:b0:21:b5:2d:50:
fd:0b:37:9f:37:e2:fa:68:b3:9e:72:39:2c:e3:c6:e1:44:0a:
b7:88:d3:ff:32:3a:9c:8a:20:34:b2:52:1a:66:3e:b9:9a:31:
04:08:d9:19:fc:ff:47:de:26:a3:13:9f:d5:59:c1:31:34:20:
d0:bc:47:39:c2:2f:6d:1b:99:d2:11:24:7d:c4:eb:e6:2e:62:
21:13:6e:76:35:f5:4a:d7:9b:19:21:07:d7:63:4c:a5:04:15:
59:39:13:93:dd:90:6d:1a:8c:76:03:1f:8a:09:1b:cd:96:ec:
29:a2:54:12:d9:26:ba:af:0f:e2:a6:81:40:82:a6:c5:b0:ce:
22:2f:08:c0:ef:98:49:1c:cf:9f:08:0e:01:55:99:fe:1f:0e:
b5:b7:09:12:84:83:42:68:37:e7:75:2b:86:28:cd:a4:3e:de:
06:21:1c:79:5f:0a:c4:e1:58:1c:bc:7f:b6:5f:eb:eb:13:c1:
44:b1:59:5a:f1:bb:8c:6d:12:61:8f:fd:61:06:24:a2:b8:fc:
0b:19:78:ff
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDNcfjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJi
MTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNlZmRiM2UwHhcNMjIwMzIy
MTE1ODQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiZmI4ZmY0YWFhMmU2
OGYyOTZkNzQ0YjIxOTgyZThkNDA4OTM1ODY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwYFnaBUApCxxfSpjFztWrjzMWY+u1+wRI1bIiSvEj7r0kzT2
a4BuXrG5hbD1gzGl+y6/kcaAhocily1rskPkmE5uF4SfyoNTrSttGKgAu12j2VTR
prGv5pkLRxWXcnrqOB9oCtgX6c3v+C3Yv7+O0TJo3dQhJuSU0TbLLgFirm3c9TBt
nIAbE2Xb5mlW4UxqPa1o2u2+L7goBFNJkx1YE851vkdcXvBD9HarFtxqT30OfYg1
gfjXQPgSrIfvS3O/TUoLemtm6f16q3qccZMUtw2IYXsxzIASYAEaRaV3KHStjjGL
7vED8J6jZA2vkam9NS23JtdmJ/j6vJjDzWmb9wIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFL+4/0qqLmjyltdEshmC6NQIk1hkMB8GA1UdIwQYMBaAFCsUWovfK8oVDyXt
VKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2NkLzEv
djdqX1Nxb3VhUEtXMTBTeUdZTG8xQWlUV0dRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8w
ZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2NkLzEvS3hSYWk5OHJ5aFVQ
SmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAue/1AwQAuf4TAwQAwTkhAwQAwTkj
AwQAwTk5MA0GCSqGSIb3DQEBCwUAA4IBAQCNnh4kKjWzim32ZwgK47PH+hZJduwK
DBQl6+NE/dwuQYKHVMJWcYGv0+WHCUGnIEresCG1LVD9CzefN+L6aLOecjks48bh
RAq3iNP/MjqciiA0slIaZj65mjEECNkZ/P9H3iajE5/VWcExNCDQvEc5wi9tG5nS
ESR9xOvmLmIhE252NfVK15sZIQfXY0ylBBVZOROT3ZBtGox2Ax+KCRvNluwpolQS
2Sa6rw/ipoFAgqbFsM4iLwjA75hJHM+fCA4BVZn+Hw61twkShINCaDfndSuGKM2k
Pt4GIRx5XwrE4VgcvH+2X+vrE8FEsVla8buMbRJhj/1hBiSiuPwLGXj/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-ams.rpki-client.org