Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/APvVAwTeOFXkvOm5Cy6S0dEMcuM.roa
File: APvVAwTeOFXkvOm5Cy6S0dEMcuM.roa (raw, json)
Hash identifier: akxPSV2fFbA9hwq7itLS2ji2z9WeAjAenp8Rjynh3rU=
Subject key identifier: 00:FB:D5:03:04:DE:38:55:E4:BC:E9:B9:0B:2E:92:D1:D1:0C:72:E3
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: B425B2
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/APvVAwTeOFXkvOm5Cy6S0dEMcuM.roa
Signing time: Mon 25 Apr 2022 12:01:43 +0000
ROA not before: Mon 25 Apr 2022 12:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 178.130.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11806130 (0xb425b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Apr 25 12:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00fbd50304de3855e4bce9b90b2e92d1d10c72e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ed:84:99:58:17:32:7b:4c:72:f5:24:d8:9f:
d0:90:45:77:f3:8c:31:e9:16:f4:40:04:39:e0:da:
38:c9:f7:31:ac:39:bd:2b:81:7d:1b:27:e6:cd:2a:
1e:3c:21:97:69:0a:69:82:c9:b7:ef:47:d0:4a:af:
a6:68:7e:bd:48:aa:4c:bc:c5:21:7c:fe:27:fb:17:
70:f5:59:7b:53:2a:13:3a:63:9e:6e:52:02:c4:62:
9b:72:b9:c4:10:39:9c:a0:5f:b1:3f:c3:c6:52:7b:
5b:29:8a:4b:c7:c7:72:b1:8c:12:62:76:e0:0e:f8:
a9:68:18:4e:8f:16:a4:08:20:f9:8c:62:40:78:56:
58:c8:c3:6f:cb:5b:44:6c:ff:7c:56:c9:e1:ec:e3:
de:6c:6c:a7:10:0f:b6:c8:5e:97:f1:5d:f6:0e:e8:
7d:44:88:c5:9a:93:20:73:37:ac:6f:ed:1e:f7:bf:
41:ea:50:da:b9:04:90:fc:58:31:3d:d9:af:82:ca:
bd:14:85:45:3b:98:78:1e:ab:51:41:a5:f0:65:80:
a1:02:f2:8a:b2:d7:9e:89:38:02:33:fe:b6:06:57:
bc:11:aa:4a:8d:82:9e:9a:08:7d:af:b3:d8:40:ce:
da:d7:03:c6:65:f3:be:b6:55:97:8e:27:fb:24:22:
93:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:FB:D5:03:04:DE:38:55:E4:BC:E9:B9:0B:2E:92:D1:D1:0C:72:E3
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/APvVAwTeOFXkvOm5Cy6S0dEMcuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.130.40.0/22
Signature Algorithm: sha256WithRSAEncryption
58:e7:3f:8c:c3:6d:3d:4f:61:ff:59:7f:c1:23:ab:31:c4:7d:
d5:9c:61:1a:e5:80:ca:2b:6a:aa:87:b0:03:7b:57:61:0d:82:
84:e2:3f:f8:f4:e6:b1:ab:47:29:83:e5:af:09:b4:05:1a:81:
53:69:2e:5f:bb:1e:fb:3b:1b:09:86:e7:24:9d:cb:9e:4e:ac:
6c:5c:4d:df:79:54:5b:cd:ca:05:6e:c9:8a:bd:ad:1c:70:e4:
01:35:5e:e1:8b:7e:a6:24:ff:db:1c:fb:44:cc:6b:d6:3b:71:
c4:a5:03:2e:53:c2:27:a8:64:c6:06:70:2d:e3:9f:40:0b:5f:
55:fc:8a:72:79:94:15:df:1e:5e:3f:6c:43:6f:00:6a:49:d4:
fd:24:82:90:22:e1:b1:45:bf:a7:7c:b5:87:20:00:cc:08:1c:
9d:51:08:8a:dc:89:87:20:29:c4:ae:75:38:2b:85:a4:fe:0c:
63:82:23:aa:27:23:7a:7f:d2:6a:e0:18:ad:7b:1b:74:d2:94:
db:84:25:0f:bf:bf:08:a7:d1:47:5b:72:79:17:a1:8a:16:72:
b9:8e:24:b5:9d:31:14:67:0b:5b:e8:e2:95:b5:d7:d9:84:ad:
80:26:74:b0:b7:29:12:91:45:47:4c:65:4a:cc:e0:1b:4b:a1:
ff:90:c5:ca
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALQlsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
N2VkNDllZmFjOTc5NTk4Nzc3MWFjZGM3N2EwZTIyODkwNDI3N2FkMB4XDTIyMDQy
NTEyMDE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBmYmQ1MDMwNGRl
Mzg1NWU0YmNlOWI5MGIyZTkyZDFkMTBjNzJlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfthJlYFzJ7THL1JNif0JBFd/OMMekW9EAEOeDaOMn3Maw5
vSuBfRsn5s0qHjwhl2kKaYLJt+9H0Eqvpmh+vUiqTLzFIXz+J/sXcPVZe1MqEzpj
nm5SAsRim3K5xBA5nKBfsT/DxlJ7WymKS8fHcrGMEmJ24A74qWgYTo8WpAgg+Yxi
QHhWWMjDb8tbRGz/fFbJ4ezj3mxspxAPtshel/Fd9g7ofUSIxZqTIHM3rG/tHve/
QepQ2rkEkPxYMT3Zr4LKvRSFRTuYeB6rUUGl8GWAoQLyirLXnok4AjP+tgZXvBGq
So2CnpoIfa+z2EDO2tcDxmXzvrZVl44n+yQikwkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQA+9UDBN44VeS86bkLLpLR0Qxy4zAfBgNVHSMEGDAWgBQ37UnvrJeVmHdx
rNx3oOIokEJ3rTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L04tMUo3NnlYbFpoM2NhemNkNkRpS0pCQ2Q2MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvMjE3MWJlLWIwODMtNDc5Yi1hNTgwLTZhMDZiNzUwMmJkNy8x
L0FQdlZBd1RlT0ZYa3ZPbTVDeTZTMGRFTWN1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
MjE3MWJlLWIwODMtNDc5Yi1hNTgwLTZhMDZiNzUwMmJkNy8xL04tMUo3NnlYbFpo
M2NhemNkNkRpS0pCQ2Q2MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArKCKDANBgkqhkiG9w0BAQsFAAOC
AQEAWOc/jMNtPU9h/1l/wSOrMcR91ZxhGuWAyitqqoewA3tXYQ2ChOI/+PTmsatH
KYPlrwm0BRqBU2kuX7se+zsbCYbnJJ3Lnk6sbFxN33lUW83KBW7Jir2tHHDkATVe
4Yt+piT/2xz7RMxr1jtxxKUDLlPCJ6hkxgZwLeOfQAtfVfyKcnmUFd8eXj9sQ28A
aknU/SSCkCLhsUW/p3y1hyAAzAgcnVEIityJhyApxK51OCuFpP4MY4Ijqicjen/S
auAYrXsbdNKU24QlD7+/CKfRR1tyeRehihZyuY4ktZ0xFGcLW+jilbXX2YStgCZ0
sLcpEpFFR0xlSszgG0uh/5DFyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:09 2024 by rpki-client on console-fra.rpki-client.org