Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/RMiXgQ4_bt1UeK-0zA6QoZ9ZX2M.roa
File: RMiXgQ4_bt1UeK-0zA6QoZ9ZX2M.roa (raw, json)
Hash identifier: fuIbHLbSziN5S512aemAjuElNAFd9rrHmwUkwfrnKtA=
Subject key identifier: 44:C8:97:81:0E:3F:6E:DD:54:78:AF:B4:CC:0E:90:A1:9F:59:5F:63
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 01852A77F01AA799193A8C5FD4A2A286C7F0
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/RMiXgQ4_bt1UeK-0zA6QoZ9ZX2M.roa
Signing time: Mon 19 Dec 2022 12:59:41 +0000
ROA not before: Mon 19 Dec 2022 12:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 178.130.136.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:77:f0:1a:a7:99:19:3a:8c:5f:d4:a2:a2:86:c7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Dec 19 12:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44c897810e3f6edd5478afb4cc0e90a19f595f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a9:2b:32:0b:bc:c4:3b:39:e5:65:99:60:f2:
4a:f8:55:4e:90:39:c6:af:60:19:75:eb:74:ac:70:
aa:cf:23:1e:f9:7e:dd:32:d9:29:f4:03:30:e3:fa:
4b:95:84:96:af:1d:f1:d7:8a:a0:f2:14:9a:28:55:
45:b8:4a:c0:72:16:45:3f:72:f9:c3:df:20:cc:db:
db:8a:7d:24:a7:82:75:a3:3f:83:0c:b9:de:cb:34:
3d:2a:72:51:25:eb:aa:3f:ba:52:6a:ea:6f:70:27:
6a:af:6a:f8:77:d0:f4:0c:45:d4:c1:76:a8:bb:9d:
b4:20:a4:d8:af:de:a2:2c:9e:0e:2e:d4:4a:1d:3c:
35:6c:73:c7:01:91:86:aa:06:b3:78:c3:b4:70:7f:
93:d6:7d:63:9d:c8:d9:be:6f:4e:db:10:73:9c:39:
8a:61:ee:38:02:3e:93:a3:43:cd:de:48:fd:aa:c4:
df:3d:f2:89:f9:50:6c:9a:46:30:78:88:ed:d9:d4:
17:81:1f:e3:2f:d7:3c:a3:11:41:b4:ba:b7:4c:6b:
1b:70:50:bb:da:f2:e0:20:46:e6:b1:7f:d3:85:b8:
b0:a4:1d:30:81:a7:41:28:c9:8f:70:36:b7:22:77:
a8:81:a6:e0:6b:d9:94:47:a6:a2:e5:3f:a4:ab:8a:
01:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C8:97:81:0E:3F:6E:DD:54:78:AF:B4:CC:0E:90:A1:9F:59:5F:63
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/RMiXgQ4_bt1UeK-0zA6QoZ9ZX2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.130.136.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:8e:61:d2:cc:18:0a:35:98:45:b2:a7:2a:80:f0:12:09:d2:
b6:5c:9a:e4:92:3b:8b:74:85:86:08:a3:24:83:81:8a:e0:d7:
b3:24:58:c9:e3:5e:8c:b3:ae:81:94:b4:2d:95:20:34:55:37:
9f:8c:58:87:4a:ba:5e:86:b2:23:be:56:93:34:80:fb:c0:51:
44:9b:e1:72:fc:a4:6c:8e:23:da:56:e7:ae:2d:29:16:7c:da:
56:ba:f7:f7:49:c2:6d:85:a8:12:c5:fa:ec:5d:2d:2c:83:0e:
8d:5e:76:e0:d0:f3:0f:86:61:18:be:d6:28:bd:df:92:66:88:
8b:f8:a1:73:c1:91:7a:74:46:3a:94:16:2e:46:d7:3b:47:3f:
ef:ae:54:fe:b6:38:7a:2f:64:78:12:6f:7f:e7:12:ca:2f:3a:
69:cc:41:cd:fe:25:96:c3:07:d1:87:7b:69:17:d5:c8:e3:75:
9e:8e:7b:e8:16:29:f5:03:b2:a1:3c:81:c8:ab:31:15:1f:a6:
de:d6:bc:72:60:b9:73:98:f5:4b:d3:61:ee:ac:51:3b:3e:91:
bf:53:0f:0d:ee:51:11:d9:1c:44:7d:86:23:cf:2c:8a:6a:cc:
29:8a:75:49:84:72:4e:02:70:52:58:b7:fd:5a:78:42:ee:c0:
6c:af:8c:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUqd/Aap5kZOoxf1KKihsfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjIxMjE5MTI1OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGM4OTc4MTBlM2Y2ZWRkNTQ3OGFmYjRjYzBlOTBhMTlmNTk1ZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6krMgu8xDs55WWZYPJK+FVOkDnG
r2AZdet0rHCqzyMe+X7dMtkp9AMw4/pLlYSWrx3x14qg8hSaKFVFuErAchZFP3L5
w98gzNvbin0kp4J1oz+DDLneyzQ9KnJRJeuqP7pSaupvcCdqr2r4d9D0DEXUwXao
u520IKTYr96iLJ4OLtRKHTw1bHPHAZGGqgazeMO0cH+T1n1jncjZvm9O2xBznDmK
Ye44Aj6To0PN3kj9qsTfPfKJ+VBsmkYweIjt2dQXgR/jL9c8oxFBtLq3TGsbcFC7
2vLgIEbmsX/ThbiwpB0wgadBKMmPcDa3Ineogabga9mUR6ai5T+kq4oBuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFETIl4EOP27dVHivtMwOkKGfWV9jMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvUk1pWGdRNF9idDFVZUstMHpBNlFvWjlaWDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsoKIMA0G
CSqGSIb3DQEBCwUAA4IBAQCbjmHSzBgKNZhFsqcqgPASCdK2XJrkkjuLdIWGCKMk
g4GK4NezJFjJ416Ms66BlLQtlSA0VTefjFiHSrpehrIjvlaTNID7wFFEm+Fy/KRs
jiPaVueuLSkWfNpWuvf3ScJthagSxfrsXS0sgw6NXnbg0PMPhmEYvtYovd+SZoiL
+KFzwZF6dEY6lBYuRtc7Rz/vrlT+tjh6L2R4Em9/5xLKLzppzEHN/iWWwwfRh3tp
F9XI43WejnvoFin1A7KhPIHIqzEVH6be1rxyYLlzmPVL02HurFE7PpG/Uw8N7lER
2RxEfYYjzyyKaswpinVJhHJOAnBSWLf9WnhC7sBsr4yr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org