Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_RWge2GVc9Zr4QzvH7Sa9TWhD4M.roa
File: _RWge2GVc9Zr4QzvH7Sa9TWhD4M.roa (raw, json)
Hash identifier: vPbexKwewX9wUBjOvGfdJoH5gJXFNy879fROKqGQLm8=
Subject key identifier: FD:15:A0:7B:61:95:73:D6:6B:E1:0C:EF:1F:B4:9A:F5:35:A1:0F:83
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB3AC54309CBF62D4047EEFE597C8D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_RWge2GVc9Zr4QzvH7Sa9TWhD4M.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209396
IP address blocks: 2.58.60.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3a:c5:43:09:cb:f6:2d:40:47:ee:fe:59:7c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd15a07b619573d66be10cef1fb49af535a10f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:58:07:09:fb:37:21:86:fa:7b:27:0e:76:b8:
ce:d2:d8:04:90:b8:65:21:4a:69:07:e7:c5:f8:e1:
63:b3:f5:a0:4c:fc:1b:14:53:0a:01:33:cb:22:60:
e5:7d:bc:ad:14:fc:1c:4f:0d:3e:87:56:31:aa:40:
a9:90:f7:e2:c6:20:f6:5e:c9:13:43:4d:be:d0:83:
48:4c:f5:7b:86:62:4f:e2:a5:a6:4c:34:c9:3a:8a:
3b:82:1f:44:0a:6f:c9:a8:29:8e:8c:24:3e:86:ad:
16:13:05:c3:4f:24:a3:cc:0b:a1:69:cd:be:a1:25:
0f:87:a4:b3:db:e7:cc:52:a3:3d:2d:f1:6a:63:73:
a8:15:94:f9:95:61:4e:37:35:5d:0e:9b:ea:e7:a1:
46:62:e2:bd:1f:d5:4d:45:b7:46:b5:7d:f4:e4:78:
7e:48:1b:98:ac:85:12:35:24:31:93:3d:9a:31:ce:
8c:0f:44:0e:82:07:41:88:60:97:db:6e:21:26:5a:
d7:72:53:30:83:f8:7e:41:15:a0:41:b5:e8:44:5a:
3c:d9:4c:88:3e:41:9c:c7:d1:3b:bf:0f:e4:78:d9:
d2:14:89:03:de:d3:3c:d1:3a:c9:24:49:6d:33:fa:
30:d2:3a:91:86:49:b3:db:32:c0:ae:59:e3:2b:6e:
25:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:15:A0:7B:61:95:73:D6:6B:E1:0C:EF:1F:B4:9A:F5:35:A1:0F:83
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_RWge2GVc9Zr4QzvH7Sa9TWhD4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.60.0/22
45.151.196.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:02:ad:a5:df:7b:54:55:0f:3e:50:8b:bf:c9:96:ca:b0:a0:
9d:b6:66:8d:e4:1e:4b:ee:6e:8d:84:96:f6:5d:d2:ef:97:5b:
f1:1d:c3:24:ad:15:71:d6:83:a1:6e:2e:c5:7c:3a:dc:23:9c:
1c:14:90:3c:38:31:01:4f:81:80:ed:36:cc:9c:13:0a:89:d2:
4e:62:9b:fb:47:48:df:a7:d9:57:bc:49:51:64:06:2c:7e:3e:
e8:b3:1d:f4:ac:88:e6:33:09:19:32:66:b2:97:37:62:9c:ce:
49:b8:2d:1a:85:ea:4b:6c:93:f9:8d:61:fd:07:91:5c:4f:bb:
c9:44:3a:ce:47:63:c7:c9:27:02:a9:5e:cc:b3:b8:93:17:4c:
e7:68:a5:1f:d9:8d:c3:15:17:b1:ae:04:6b:20:14:27:de:d2:
2b:6c:f5:e1:f8:0f:b6:6a:7d:42:25:e2:04:43:df:37:a3:b2:
b4:a4:04:ac:38:f1:83:22:51:32:38:13:9f:fa:83:15:b1:00:
d6:a7:31:2b:eb:77:d4:c7:c4:50:6c:d2:e1:84:e2:6e:ad:3f:
28:c8:60:b4:8b:87:7a:ec:2e:bc:61:2e:8f:b3:a9:e6:ce:d7:
8c:e3:bc:9a:f0:81:32:32:cf:8e:bf:7b:98:f9:87:b6:d2:fe:
ad:d0:6f:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2zrFQwnL9i1AR+7+WXyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDE1YTA3YjYxOTU3M2Q2NmJlMTBjZWYxZmI0OWFmNTM1YTEwZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFgHCfs3IYb6eycOdrjO0tgEkLhl
IUppB+fF+OFjs/WgTPwbFFMKATPLImDlfbytFPwcTw0+h1YxqkCpkPfixiD2XskT
Q02+0INITPV7hmJP4qWmTDTJOoo7gh9ECm/JqCmOjCQ+hq0WEwXDTySjzAuhac2+
oSUPh6Sz2+fMUqM9LfFqY3OoFZT5lWFONzVdDpvq56FGYuK9H9VNRbdGtX305Hh+
SBuYrIUSNSQxkz2aMc6MD0QOggdBiGCX224hJlrXclMwg/h+QRWgQbXoRFo82UyI
PkGcx9E7vw/keNnSFIkD3tM80TrJJEltM/ow0jqRhkmz2zLArlnjK24lfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP0VoHthlXPWa+EM7x+0mvU1oQ+DMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvX1JXZ2UyR1ZjOVpyNFF6dkg3U2E5VFdoRDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjo8AwQC
LZfEMA0GCSqGSIb3DQEBCwUAA4IBAQBqAq2l33tUVQ8+UIu/yZbKsKCdtmaN5B5L
7m6NhJb2XdLvl1vxHcMkrRVx1oOhbi7FfDrcI5wcFJA8ODEBT4GA7TbMnBMKidJO
Ypv7R0jfp9lXvElRZAYsfj7osx30rIjmMwkZMmaylzdinM5JuC0ahepLbJP5jWH9
B5FcT7vJRDrOR2PHyScCqV7Ms7iTF0znaKUf2Y3DFRexrgRrIBQn3tIrbPXh+A+2
an1CJeIEQ983o7K0pASsOPGDIlEyOBOf+oMVsQDWpzEr63fUx8RQbNLhhOJurT8o
yGC0i4d67C68YS6Ps6nmzteM47ya8IEyMs+Ov3uY+Ye20v6t0G+n
-----END CERTIFICATE-----
Generated at Wed Apr 10 16:40:17 2024 by rpki-client on console-ams.rpki-client.org