Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Bd_rqm1y1dox9aTQ-VA5_5KLslk.roa
File: Bd_rqm1y1dox9aTQ-VA5_5KLslk.roa (raw, json)
Hash identifier: k6E+MOrFy7CcZDB9dXbr/ikqsYlrUO6t7VQWWELo6a0=
Subject key identifier: 05:DF:EB:AA:6D:72:D5:DA:31:F5:A4:D0:F9:50:39:FF:92:8B:B2:59
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 414ACC7E
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Bd_rqm1y1dox9aTQ-VA5_5KLslk.roa
Signing time: Sat 01 Jan 2022 05:58:35 +0000
ROA not before: Sat 01 Jan 2022 05:58:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39554
IP address blocks: 90.184.0.0/15 maxlen: 15
2a02:980::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1095421054 (0x414acc7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Jan 1 05:58:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05dfebaa6d72d5da31f5a4d0f95039ff928bb259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:72:e3:c9:b9:2d:21:cd:16:a0:92:31:2f:e9:
42:e0:48:af:b8:9a:0a:71:9d:39:3b:29:d3:0f:57:
a7:91:9a:75:3c:7f:6c:89:b3:74:f1:b3:ed:56:ba:
81:a1:f1:ea:19:a6:51:d5:14:25:91:0b:2d:e9:a1:
b2:59:bb:a1:2a:4b:28:0f:cd:a0:ca:7c:c9:11:1e:
5b:3a:2c:5d:13:e8:18:35:d1:8d:1b:4d:56:60:fe:
d2:7c:e5:f0:97:8d:b7:46:5e:f4:13:a2:39:37:d5:
9f:fa:b7:2e:ab:c5:0a:9d:3a:1e:45:72:61:4a:10:
7e:66:bb:f9:af:5f:ab:88:42:e9:df:f8:0b:29:c0:
61:9b:a5:de:13:15:ca:78:45:21:65:b1:cb:31:ff:
0e:fc:ae:de:3e:17:c3:4b:95:d5:34:b6:bc:cb:31:
d5:cd:f9:8b:b4:5d:f0:75:09:49:a7:86:92:1e:5e:
2b:27:2c:ea:0a:d5:0f:9d:75:c4:2b:35:5a:9e:f9:
bc:98:e8:54:ad:38:e5:07:9e:6f:b6:08:8d:cd:d3:
67:9a:46:84:40:dc:a9:2d:f0:fa:6a:c5:77:b8:dc:
7e:28:1a:e6:1a:cc:0a:99:b7:a2:81:f8:6e:80:fc:
67:5f:50:d6:ea:ce:cf:3d:64:b0:88:d6:90:35:05:
c1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DF:EB:AA:6D:72:D5:DA:31:F5:A4:D0:F9:50:39:FF:92:8B:B2:59
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Bd_rqm1y1dox9aTQ-VA5_5KLslk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.184.0.0/15
IPv6:
2a02:980::/32
Signature Algorithm: sha256WithRSAEncryption
1f:0b:30:d1:dd:71:bd:bb:19:97:06:25:e2:5d:b4:6a:98:4f:
88:ea:d7:f9:94:4f:d2:22:78:3e:f3:dc:22:d3:bc:75:69:f3:
48:11:e8:5b:df:d6:c2:fd:8c:1f:f2:04:1c:c3:44:b3:86:d1:
d3:00:48:91:26:e4:2d:fd:39:74:97:64:0c:35:5d:7b:34:57:
94:07:c3:49:14:01:2e:13:8a:a3:38:16:d9:2f:bf:0e:50:9c:
97:3c:37:20:31:f4:fb:7b:2b:2e:f2:00:10:ed:62:1f:92:5e:
14:1f:f2:97:74:e1:e4:62:71:e5:1a:ee:05:63:ab:b3:57:ef:
a9:24:cf:d4:61:f4:f0:65:eb:3e:55:e7:f6:c4:57:df:85:8c:
9e:f4:b5:21:4e:fc:62:76:ab:59:08:3c:48:84:21:14:27:fc:
66:4a:77:7c:df:87:8f:0e:cc:19:aa:bb:68:fe:e2:86:f9:23:
f3:40:0f:c7:90:be:2d:10:23:1d:6e:29:15:ca:70:14:9a:d7:
ac:06:9d:97:0c:1f:63:9e:e1:b7:d0:06:bd:e2:58:37:ad:bd:
6b:78:68:f1:50:f2:2e:a4:92:f3:3a:f6:78:a8:2c:c7:d6:65:
0d:2f:ba:fe:8c:10:c3:95:a9:76:3d:f3:e8:b8:24:75:23:d7:
d7:11:7b:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEQUrMfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZThiMjRjNzZhZDg3YTZjMWZlZGZmYWYwOGQ5YjE3YjQ1MjQ5OTkxMB4XDTIyMDEw
MTA1NTgzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVkZmViYWE2ZDcy
ZDVkYTMxZjVhNGQwZjk1MDM5ZmY5MjhiYjI1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxy48m5LSHNFqCSMS/pQuBIr7iaCnGdOTsp0w9Xp5GadTx/
bImzdPGz7Va6gaHx6hmmUdUUJZELLemhslm7oSpLKA/NoMp8yREeWzosXRPoGDXR
jRtNVmD+0nzl8JeNt0Ze9BOiOTfVn/q3LqvFCp06HkVyYUoQfma7+a9fq4hC6d/4
CynAYZul3hMVynhFIWWxyzH/Dvyu3j4Xw0uV1TS2vMsx1c35i7Rd8HUJSaeGkh5e
Kycs6grVD511xCs1Wp75vJjoVK045Qeeb7YIjc3TZ5pGhEDcqS3w+mrFd7jcfiga
5hrMCpm3ooH4boD8Z19Q1urOzz1ksIjWkDUFwdcCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQF3+uqbXLV2jH1pND5UDn/kouyWTAfBgNVHSMEGDAWgBQuiyTHath6bB/t
/68I2bF7RSSZkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xvc2t4MnJZZW13ZjdmLXZDTm14ZTBVa21aRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvMDRkMzQ4LTc1YjktNDhkMi1iZTEwLTkxMTkwYTAyZGI3MC8x
L0JkX3JxbTF5MWRveDlhVFEtVkE1XzVLTHNsay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
MDRkMzQ4LTc1YjktNDhkMi1iZTEwLTkxMTkwYTAyZGI3MC8xL0xvc2t4MnJZZW13
ZjdmLXZDTm14ZTBVa21aRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwCwQCAAEwBQMDAVq4MA0EAgACMAcDBQAqAgmAMA0G
CSqGSIb3DQEBCwUAA4IBAQAfCzDR3XG9uxmXBiXiXbRqmE+I6tf5lE/SIng+89wi
07x1afNIEehb39bC/Ywf8gQcw0SzhtHTAEiRJuQt/Tl0l2QMNV17NFeUB8NJFAEu
E4qjOBbZL78OUJyXPDcgMfT7eysu8gAQ7WIfkl4UH/KXdOHkYnHlGu4FY6uzV++p
JM/UYfTwZes+Vef2xFffhYye9LUhTvxidqtZCDxIhCEUJ/xmSnd834ePDswZqrto
/uKG+SPzQA/HkL4tECMdbikVynAUmtesBp2XDB9jnuG30Aa94lg3rb1reGjxUPIu
pJLzOvZ4qCzH1mUNL7r+jBDDlal2PfPouCR1I9fXEXsC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:12 2025 by rpki-client