Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EElBT1LZtR57cWCUCwyTPV6fCHQ.roa
File: EElBT1LZtR57cWCUCwyTPV6fCHQ.roa (raw, json)
Hash identifier: 8mU9N4omyOoWyGE7Djm/bAQbF7ViqLYCi/fScCnrhkc=
Subject key identifier: 10:49:41:4F:52:D9:B5:1E:7B:71:60:94:0B:0C:93:3D:5E:9F:08:74
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01837A134CF9A4FC0A767818100ABDFC4890
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EElBT1LZtR57cWCUCwyTPV6fCHQ.roa
Signing time: Mon 26 Sep 2022 13:53:48 +0000
ROA not before: Mon 26 Sep 2022 13:53:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209945
IP address blocks: 2.56.0.0/22 maxlen: 22
5.252.168.0/22 maxlen: 22
92.118.108.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:13:4c:f9:a4:fc:0a:76:78:18:10:0a:bd:fc:48:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 26 13:53:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1049414f52d9b51e7b7160940b0c933d5e9f0874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2f:4d:3a:97:dd:59:79:47:9a:3f:08:ea:63:
ba:dd:ec:9c:bb:49:7e:65:b0:29:ee:06:a1:b7:12:
50:80:68:0e:1e:ce:0e:4d:3e:2f:d4:7d:ef:44:dd:
a4:f2:6f:c9:52:8b:72:74:1b:44:00:65:22:b5:d9:
89:75:6e:c3:97:42:5c:3d:7a:29:82:13:80:c0:82:
75:33:a2:be:48:18:17:35:bf:95:d0:e2:81:63:e7:
44:70:7e:c4:bd:b0:ff:0b:e1:7c:60:10:f4:5d:fe:
b8:c8:85:de:dc:8b:de:c0:52:3d:bf:88:62:b7:69:
43:e5:29:1b:c5:0d:46:c0:3d:70:a9:39:33:e3:52:
0b:ab:ee:b1:6e:75:3f:b0:6b:ab:8a:17:34:4c:7e:
53:92:44:0f:69:24:b7:71:62:40:0e:45:6d:6e:00:
30:75:0c:20:87:78:5d:d6:b4:7e:4b:c5:91:27:ef:
fd:0e:01:54:a4:39:07:30:41:06:8b:c5:33:42:4d:
15:5b:77:25:32:88:d3:30:69:f0:b8:d3:45:74:f4:
aa:41:db:81:1f:23:83:7c:72:ab:88:70:ae:86:a7:
fa:ef:e4:15:14:8e:37:86:ac:26:4c:7c:2b:7c:50:
c7:bf:ab:57:6a:87:67:c9:6f:70:88:05:43:30:f2:
57:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:49:41:4F:52:D9:B5:1E:7B:71:60:94:0B:0C:93:3D:5E:9F:08:74
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EElBT1LZtR57cWCUCwyTPV6fCHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.252.168.0/22
92.118.108.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:eb:b1:8f:14:42:d9:5f:fb:38:ba:c6:6f:64:da:2a:35:83:
45:91:71:4c:29:5e:80:35:bf:82:97:d7:7e:1e:bd:f0:92:dd:
17:8c:13:cd:41:35:5a:90:94:36:4c:c3:ab:9c:3a:9b:11:48:
94:ce:07:7b:b9:57:f3:bb:e1:01:95:7e:7f:fe:db:01:78:e7:
7b:2a:cd:27:97:38:24:46:2c:ad:f9:bb:ff:1b:ee:e7:d0:f5:
21:ec:f3:1d:43:64:1d:83:a5:f1:4b:5f:b7:75:2d:dc:f8:f1:
80:e8:0f:74:dc:5b:db:2c:6b:d1:88:5a:40:7f:59:e5:4a:ad:
c7:d2:7d:d4:1a:aa:62:94:53:43:0b:10:6e:ff:66:a9:aa:9a:
4b:04:b0:18:91:a8:bd:75:3c:ea:31:ac:b5:bc:e5:b0:e2:bd:
0d:c7:5b:f2:2e:8d:94:67:ad:72:6f:9d:62:c3:d1:d0:f4:54:
11:52:88:8a:1e:02:79:7d:d8:17:5a:7b:18:ba:00:85:58:36:
fb:75:49:bb:6c:36:cd:6a:31:90:14:e1:45:f1:9b:e1:97:b6:
e8:51:f0:ec:14:f7:17:af:5b:70:06:f7:f5:15:de:37:76:d4:
b1:d0:34:7b:51:f3:e2:c1:3f:67:28:91:c1:60:e7:17:dc:0f:
10:89:cd:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN6E0z5pPwKdngYEAq9/EiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTM1MzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDQ5NDE0ZjUyZDliNTFlN2I3MTYwOTQwYjBjOTMzZDVlOWYwODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS9NOpfdWXlHmj8I6mO63eycu0l+
ZbAp7gahtxJQgGgOHs4OTT4v1H3vRN2k8m/JUotydBtEAGUitdmJdW7Dl0JcPXop
ghOAwIJ1M6K+SBgXNb+V0OKBY+dEcH7EvbD/C+F8YBD0Xf64yIXe3IvewFI9v4hi
t2lD5SkbxQ1GwD1wqTkz41ILq+6xbnU/sGurihc0TH5TkkQPaSS3cWJADkVtbgAw
dQwgh3hd1rR+S8WRJ+/9DgFUpDkHMEEGi8UzQk0VW3clMojTMGnwuNNFdPSqQduB
HyODfHKriHCuhqf67+QVFI43hqwmTHwrfFDHv6tXaodnyW9wiAVDMPJXvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBBJQU9S2bUee3FglAsMkz1enwh0MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRUVsQlQxTFp0UjU3Y1dDVUN3eVRQVjZmQ0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjgAAwQC
BfyoAwQAXHZsMA0GCSqGSIb3DQEBCwUAA4IBAQCn67GPFELZX/s4usZvZNoqNYNF
kXFMKV6ANb+Cl9d+Hr3wkt0XjBPNQTVakJQ2TMOrnDqbEUiUzgd7uVfzu+EBlX5/
/tsBeOd7Ks0nlzgkRiyt+bv/G+7n0PUh7PMdQ2Qdg6XxS1+3dS3c+PGA6A903Fvb
LGvRiFpAf1nlSq3H0n3UGqpilFNDCxBu/2apqppLBLAYkai9dTzqMay1vOWw4r0N
x1vyLo2UZ61yb51iw9HQ9FQRUoiKHgJ5fdgXWnsYugCFWDb7dUm7bDbNajGQFOFF
8Zvhl7boUfDsFPcXr1twBvf1Fd43dtSx0DR7UfPiwT9nKJHBYOcX3A8Qic2s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org