Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/vL3KbM5nFuJGd2Om1N_HIywbDno.roa
File: vL3KbM5nFuJGd2Om1N_HIywbDno.roa (raw, json)
Hash identifier: muOoUqsLlr7WBUCks3JkocjotRC/ji/N++lmET48DzE=
Subject key identifier: BC:BD:CA:6C:CE:67:16:E2:46:77:63:A6:D4:DF:C7:23:2C:1B:0E:7A
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 01852F752E7E2AAE16C56CEAF9EF4ED4F457
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/vL3KbM5nFuJGd2Om1N_HIywbDno.roa
Signing time: Tue 20 Dec 2022 12:14:46 +0000
ROA not before: Tue 20 Dec 2022 12:14:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 109.172.45.0/24 maxlen: 24
178.130.136.0/21 maxlen: 21
109.172.74.0/23 maxlen: 23
109.172.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:75:2e:7e:2a:ae:16:c5:6c:ea:f9:ef:4e:d4:f4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Dec 20 12:14:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bcbdca6cce6716e2467763a6d4dfc7232c1b0e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e0:02:c4:ef:31:4d:b2:56:0f:19:b1:5d:bb:
d0:8f:19:b6:0c:31:35:16:c4:ed:d7:f0:9b:32:3d:
f6:27:2b:a0:5d:de:e8:65:19:8a:c5:47:4b:00:6d:
d8:47:f0:90:9b:87:97:2d:51:cf:01:01:56:b6:23:
6e:73:6f:61:7d:9e:91:9e:3f:6a:ae:41:6a:cf:43:
38:6f:23:ad:c5:6b:8e:f3:e8:c7:ea:ee:d4:41:46:
65:5c:00:31:db:0a:00:8e:47:b1:de:dd:2e:5d:6e:
c6:f4:06:f1:97:1d:a0:5a:64:d8:b3:fb:6a:e0:b3:
ee:43:8e:be:4d:21:0d:18:c7:b8:60:be:bc:a1:54:
64:c9:a7:17:00:13:22:d9:ac:fe:78:85:8c:ba:82:
8a:28:e7:bd:40:da:f6:93:3b:af:73:0f:d0:b4:d4:
05:bd:61:8d:a4:7d:d8:28:6c:40:5f:6b:88:ae:35:
d5:73:31:4d:bf:e5:20:cc:a3:ee:0d:63:ce:ed:ea:
9f:d6:44:47:d9:0a:6a:78:cc:a3:fd:38:b6:ad:07:
98:bc:91:2e:3e:2f:8f:ab:45:b6:a6:92:04:ef:1f:
6a:cd:8c:43:e7:f7:d6:fa:95:e2:f3:8b:d4:de:14:
02:4e:c1:46:6b:b3:cc:8f:44:6c:4a:6b:7c:9e:7b:
28:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:BD:CA:6C:CE:67:16:E2:46:77:63:A6:D4:DF:C7:23:2C:1B:0E:7A
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/vL3KbM5nFuJGd2Om1N_HIywbDno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.45.0/24
109.172.74.0/23
178.130.136.0/21
Signature Algorithm: sha256WithRSAEncryption
39:dd:49:66:73:65:fd:9f:10:3d:3d:cf:08:d8:8d:6e:db:76:
19:e7:c3:81:87:10:38:b2:66:61:3d:98:f1:ba:f3:59:82:17:
19:60:18:0b:64:0c:23:ab:ac:73:99:bd:75:ad:7c:5e:2b:73:
32:f4:c0:12:c2:26:35:1c:38:7e:7b:9c:35:fc:07:7c:2d:04:
3b:2a:a0:98:8c:88:3e:41:18:e3:d3:36:e9:36:08:f9:f8:fb:
0e:e1:c4:37:95:c0:1c:05:22:60:43:40:0b:67:c7:eb:16:f6:
7e:02:35:35:2b:38:ca:c0:d8:a4:3a:d5:ed:f0:2d:e6:91:ce:
c8:14:aa:16:17:9f:2e:9a:ef:98:1b:00:8c:e1:17:32:35:f8:
2e:2d:8a:58:7a:d6:26:03:90:9d:0f:56:36:57:e2:bd:f7:8c:
16:26:05:3f:f5:80:bf:fc:8f:82:28:e4:86:5f:93:9e:1f:06:
c7:80:50:d0:f6:f1:58:4e:be:99:25:3f:5a:d9:5d:2b:b8:59:
a4:5f:b5:97:ae:39:d5:06:be:0b:3f:3a:da:d5:25:75:f4:7b:
23:9f:c9:2c:ee:9d:f9:7e:df:d5:63:42:6e:58:61:fa:df:13:
e9:f6:bb:93:01:89:9a:13:8b:5d:71:b1:71:69:32:57:a9:59:
9d:f6:66:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUvdS5+Kq4WxWzq+e9O1PRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjIxMjIwMTIxNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2JkY2E2Y2NlNjcxNmUyNDY3NzYzYTZkNGRmYzcyMzJjMWIwZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuACxO8xTbJWDxmxXbvQjxm2DDE1
FsTt1/CbMj32JyugXd7oZRmKxUdLAG3YR/CQm4eXLVHPAQFWtiNuc29hfZ6Rnj9q
rkFqz0M4byOtxWuO8+jH6u7UQUZlXAAx2woAjkex3t0uXW7G9Abxlx2gWmTYs/tq
4LPuQ46+TSENGMe4YL68oVRkyacXABMi2az+eIWMuoKKKOe9QNr2kzuvcw/QtNQF
vWGNpH3YKGxAX2uIrjXVczFNv+UgzKPuDWPO7eqf1kRH2QpqeMyj/Ti2rQeYvJEu
Pi+Pq0W2ppIE7x9qzYxD5/fW+pXi84vU3hQCTsFGa7PMj0RsSmt8nnsopwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLy9ymzOZxbiRndjptTfxyMsGw56MB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvdkwzS2JNNW5GdUpHZDJPbTFOX0hJeXdiRG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbawtAwQB
baxKAwQDsoKIMA0GCSqGSIb3DQEBCwUAA4IBAQA53Ulmc2X9nxA9Pc8I2I1u23YZ
58OBhxA4smZhPZjxuvNZghcZYBgLZAwjq6xzmb11rXxeK3My9MASwiY1HDh+e5w1
/Ad8LQQ7KqCYjIg+QRjj0zbpNgj5+PsO4cQ3lcAcBSJgQ0ALZ8frFvZ+AjU1KzjK
wNikOtXt8C3mkc7IFKoWF58umu+YGwCM4RcyNfguLYpYetYmA5CdD1Y2V+K994wW
JgU/9YC//I+CKOSGX5OeHwbHgFDQ9vFYTr6ZJT9a2V0ruFmkX7WXrjnVBr4LPzra
1SV19Hsjn8ks7p35ft/VY0JuWGH63xPp9ruTAYmaE4tdcbFxaTJXqVmd9mZZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:09 2024 by rpki-client on console-fra.rpki-client.org