Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/PIfBosNZG__MEtMNTwswDWh-0Ec.roa
File: PIfBosNZG__MEtMNTwswDWh-0Ec.roa (raw, json)
Hash identifier: sYYvcdWZQ9/RjrnuUmh/BoOFJpm01r2BmN3TXxrnIaY=
Subject key identifier: 3C:87:C1:A2:C3:59:1B:FF:CC:12:D3:0D:4F:0B:30:0D:68:7E:D0:47
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 0185078807C010380C3531CD70D13B16CCDE
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/PIfBosNZG__MEtMNTwswDWh-0Ec.roa
Signing time: Mon 12 Dec 2022 18:10:33 +0000
ROA not before: Mon 12 Dec 2022 18:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 178.130.136.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:88:07:c0:10:38:0c:35:31:cd:70:d1:3b:16:cc:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Dec 12 18:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c87c1a2c3591bffcc12d30d4f0b300d687ed047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:d6:cc:5c:19:d4:2a:14:a9:aa:9b:63:c4:
65:21:ff:20:a3:bf:67:98:69:17:5a:2a:15:ac:8a:
2f:e4:aa:9a:d0:0d:ed:72:87:0d:3e:37:63:42:c0:
37:33:9f:e2:89:24:f0:75:ad:db:21:ea:50:13:c0:
59:5b:25:6b:03:c4:24:24:81:73:cb:5b:37:f1:26:
ad:57:7e:5d:89:18:d3:fa:aa:06:50:56:8b:c1:bc:
2d:8e:29:ec:4a:25:c9:9c:92:18:57:cc:ce:71:79:
14:e1:8a:f1:70:a4:7a:ee:a7:71:7a:96:f0:3e:6f:
96:63:8b:df:99:87:aa:66:78:75:ce:ed:71:2b:44:
ea:22:4b:c6:a5:bd:2a:d0:2a:a9:c0:e1:5e:23:3e:
78:7d:1e:24:53:fa:1c:7e:c1:99:d6:c5:bb:cd:2b:
d7:e0:62:61:7e:a2:57:34:4a:7b:eb:ae:ed:48:b5:
08:78:eb:2b:f8:9e:47:8f:73:83:93:1e:18:0a:a0:
bf:07:02:15:27:0b:0f:aa:38:12:88:07:50:7f:ff:
bd:f0:f8:d5:e8:32:d0:53:4e:5d:5a:43:f4:0a:0d:
9d:33:f1:6f:c2:5c:64:74:2c:09:54:32:0f:1a:33:
be:7d:03:9a:d4:e6:54:e7:f0:cd:9a:49:87:7d:c4:
3c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:87:C1:A2:C3:59:1B:FF:CC:12:D3:0D:4F:0B:30:0D:68:7E:D0:47
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/PIfBosNZG__MEtMNTwswDWh-0Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.130.136.0/21
Signature Algorithm: sha256WithRSAEncryption
85:ae:65:34:72:ff:35:d4:9f:76:3a:24:db:2c:80:23:bc:d3:
4a:ef:db:ac:92:b8:eb:7b:ca:c3:59:03:46:01:f7:ef:fe:7f:
13:15:10:a3:88:a0:07:e6:e7:07:97:14:f0:66:58:46:2b:af:
76:70:37:fc:d4:b3:71:69:5d:86:57:3e:cd:2e:c2:d0:76:9b:
de:ff:5e:46:db:48:0a:42:d6:22:76:2f:6f:e0:23:77:f9:07:
89:d8:c3:a6:00:2c:5f:aa:cc:68:e9:a2:8e:50:05:57:5b:40:
7a:60:15:19:6d:14:dd:72:39:23:f0:f4:6e:85:1b:bd:8d:cd:
f5:9b:01:3c:8d:d1:1f:1b:f1:9f:d9:75:fc:3d:ec:3f:7c:08:
36:2d:51:c4:95:54:f4:24:ce:42:79:68:46:10:a9:c0:a1:4c:
d5:fe:24:79:25:e0:2a:9c:7a:4e:34:b4:75:81:6e:5a:12:7e:
2d:bd:8d:c0:55:9e:c1:0c:20:ab:3a:dc:1f:76:a6:90:4d:a3:
02:62:76:ab:9c:b9:74:d5:76:1f:c7:75:5f:5f:0c:24:f0:27:
56:c2:4e:74:c7:1c:81:a3:e1:29:f0:14:ef:48:bf:ac:14:a3:
78:f3:0d:f3:83:2d:8b:59:f5:dd:ba:31:4e:f4:dc:bf:da:bd:
cd:a6:bf:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUHiAfAEDgMNTHNcNE7FszeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjIxMjEyMTgxMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg3YzFhMmMzNTkxYmZmY2MxMmQzMGQ0ZjBiMzAwZDY4N2VkMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyXWzFwZ1CoUqaqbY8RlIf8go79n
mGkXWioVrIov5Kqa0A3tcocNPjdjQsA3M5/iiSTwda3bIepQE8BZWyVrA8QkJIFz
y1s38SatV35diRjT+qoGUFaLwbwtjinsSiXJnJIYV8zOcXkU4YrxcKR67qdxepbw
Pm+WY4vfmYeqZnh1zu1xK0TqIkvGpb0q0CqpwOFeIz54fR4kU/ocfsGZ1sW7zSvX
4GJhfqJXNEp7667tSLUIeOsr+J5Hj3ODkx4YCqC/BwIVJwsPqjgSiAdQf/+98PjV
6DLQU05dWkP0Cg2dM/FvwlxkdCwJVDIPGjO+fQOa1OZU5/DNmkmHfcQ8+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyHwaLDWRv/zBLTDU8LMA1oftBHMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvUElmQm9zTlpHX19NRXRNTlR3c3dEV2gtMEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsoKIMA0G
CSqGSIb3DQEBCwUAA4IBAQCFrmU0cv811J92OiTbLIAjvNNK79uskrjre8rDWQNG
Affv/n8TFRCjiKAH5ucHlxTwZlhGK692cDf81LNxaV2GVz7NLsLQdpve/15G20gK
QtYidi9v4CN3+QeJ2MOmACxfqsxo6aKOUAVXW0B6YBUZbRTdcjkj8PRuhRu9jc31
mwE8jdEfG/Gf2XX8Pew/fAg2LVHElVT0JM5CeWhGEKnAoUzV/iR5JeAqnHpONLR1
gW5aEn4tvY3AVZ7BDCCrOtwfdqaQTaMCYnarnLl01XYfx3VfXwwk8CdWwk50xxyB
o+Ep8BTvSL+sFKN48w3zgy2LWfXdujFO9Ny/2r3Npr9q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:09 2024 by rpki-client on console-fra.rpki-client.org