Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/wvnFvoQC_ERpVTK7GkxkBYWHR_o.roa
File: wvnFvoQC_ERpVTK7GkxkBYWHR_o.roa (raw, json)
Hash identifier: JdacQOTSBPaeV0mdpaw/MuoGTz01MtqEMMyCUsTTn7w=
Subject key identifier: C2:F9:C5:BE:84:02:FC:44:69:55:32:BB:1A:4C:64:05:85:87:47:FA
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0188D9A27C3CBC64711C0C28B7A116AE11F4
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/wvnFvoQC_ERpVTK7GkxkBYWHR_o.roa
Signing time: Tue 20 Jun 2023 16:28:04 +0000
ROA not before: Tue 20 Jun 2023 16:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 194.180.238.0/24 maxlen: 24
45.140.32.0/22 maxlen: 22
185.145.80.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:a2:7c:3c:bc:64:71:1c:0c:28:b7:a1:16:ae:11:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 20 16:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2f9c5be8402fc44695532bb1a4c6405858747fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2c:ad:fa:97:f9:c1:59:e4:7f:77:42:2d:02:
5e:01:39:e5:b2:00:32:36:ca:e4:cc:22:26:41:62:
fe:f2:86:c0:32:06:f8:71:41:73:37:9e:12:88:df:
39:5b:b6:8e:bf:9e:0d:06:f5:52:e7:e9:ab:56:f1:
d3:e9:01:12:47:9b:3a:53:31:ad:bb:7e:ed:b8:89:
f0:71:6f:bd:c7:73:dd:91:22:ce:c5:22:cd:20:e5:
bb:dc:04:4d:8f:8e:f3:3d:bd:0a:12:3f:f1:bd:e8:
f3:01:6f:54:00:e6:18:c9:38:56:16:e6:ba:1b:96:
c4:d1:8d:e5:5d:76:eb:7b:5a:3b:91:fa:80:cc:01:
1b:7c:aa:98:08:ef:89:aa:63:cd:2a:2b:f5:70:dd:
45:7a:7e:97:db:cc:f8:93:6e:a1:2e:ea:16:bc:5e:
54:42:11:1a:91:c9:7b:c2:2a:e9:e6:00:b0:8b:57:
f7:c7:f9:5f:4c:82:a2:dc:76:d5:0b:32:d7:fe:f2:
d1:63:e0:a9:01:d1:85:b6:04:4a:8d:05:23:05:bb:
97:15:1b:37:0e:37:19:bd:32:e4:ac:23:e7:41:43:
0d:a4:7a:83:5f:dd:25:aa:1a:be:07:5a:ab:1a:e6:
d2:7f:2f:99:e7:d4:61:76:1e:66:79:7c:14:e2:84:
14:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F9:C5:BE:84:02:FC:44:69:55:32:BB:1A:4C:64:05:85:87:47:FA
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/wvnFvoQC_ERpVTK7GkxkBYWHR_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.32.0/22
185.145.80.0/22
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:b3:80:02:c0:53:ad:49:a0:23:bd:7c:88:2c:ec:ac:7a:d9:
f0:45:1d:5c:fa:10:6a:12:1d:ec:c3:8e:d1:8f:88:bd:bd:5b:
9f:5c:e8:de:c5:76:0f:87:0a:66:05:c8:0a:b1:76:ed:25:14:
a3:ca:7d:a6:0c:64:ee:01:22:eb:25:90:52:a6:0b:9d:27:52:
9c:81:56:53:d4:7c:71:60:b2:0a:d8:82:a5:75:35:b8:91:79:
46:0f:6a:84:b2:16:0d:d2:10:9d:a7:bf:ea:20:81:59:f7:5d:
3a:27:63:7c:94:6d:84:d0:f4:48:5a:1e:f5:5a:7d:73:f7:6a:
fc:56:d7:03:95:f7:62:4b:ce:cd:cb:83:e1:6a:9a:25:bb:98:
f4:07:8b:e4:96:00:ea:5e:74:be:7c:46:00:fb:dc:b7:f4:80:
42:7e:45:f0:b6:29:fb:d1:54:46:97:83:c9:6c:95:a2:a4:be:
b5:2e:03:13:8f:7b:d6:db:63:25:a3:9c:9b:c5:fa:de:8d:4c:
60:43:41:27:68:bb:cc:7c:c7:c2:16:61:09:a3:a4:74:13:3d:
a5:19:01:7b:d0:76:4a:8c:1c:2b:b3:f5:4f:bd:8a:3b:c1:d4:
c3:ce:e8:fe:e3:06:62:cc:25:a2:1a:6d:24:fe:be:ff:dd:80:
a7:be:ef:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjZonw8vGRxHAwot6EWrhH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNjIwMTYyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmY5YzViZTg0MDJmYzQ0Njk1NTMyYmIxYTRjNjQwNTg1ODc0N2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyyt+pf5wVnkf3dCLQJeATnlsgAy
NsrkzCImQWL+8obAMgb4cUFzN54SiN85W7aOv54NBvVS5+mrVvHT6QESR5s6UzGt
u37tuInwcW+9x3PdkSLOxSLNIOW73ARNj47zPb0KEj/xvejzAW9UAOYYyThWFua6
G5bE0Y3lXXbre1o7kfqAzAEbfKqYCO+JqmPNKiv1cN1Fen6X28z4k26hLuoWvF5U
QhEakcl7wirp5gCwi1f3x/lfTIKi3HbVCzLX/vLRY+CpAdGFtgRKjQUjBbuXFRs3
DjcZvTLkrCPnQUMNpHqDX90lqhq+B1qrGubSfy+Z59Rhdh5meXwU4oQUpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFML5xb6EAvxEaVUyuxpMZAWFh0f6MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvd3ZuRnZvUUNfRVJwVlRLN0dreGtCWVdIUl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYwgAwQC
uZFQAwQAwrTuMA0GCSqGSIb3DQEBCwUAA4IBAQAds4ACwFOtSaAjvXyILOysetnw
RR1c+hBqEh3sw47Rj4i9vVufXOjexXYPhwpmBcgKsXbtJRSjyn2mDGTuASLrJZBS
pgudJ1KcgVZT1HxxYLIK2IKldTW4kXlGD2qEshYN0hCdp7/qIIFZ9106J2N8lG2E
0PRIWh71Wn1z92r8VtcDlfdiS87Ny4Phapolu5j0B4vklgDqXnS+fEYA+9y39IBC
fkXwtin70VRGl4PJbJWipL61LgMTj3vW22Mlo5ybxfrejUxgQ0EnaLvMfMfCFmEJ
o6R0Ez2lGQF70HZKjBwrs/VPvYo7wdTDzuj+4wZizCWiGm0k/r7/3YCnvu+0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org