Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/204af5-b249-46d0-9126-282f728a8c44/1/qQtie_DwEpbF--XPEoUMue_9EkA.roa
File: qQtie_DwEpbF--XPEoUMue_9EkA.roa (raw, json)
Hash identifier: hg0m3cTJq9Zo8o6mR5A/+zd+IajZ2iGeJEI+fA5Mobo=
Subject key identifier: A9:0B:62:7B:F0:F0:12:96:C5:FB:E5:CF:12:85:0C:B9:EF:FD:12:40
Certificate issuer: /CN=15fd8ad5d4700b836671ad66114664cf3303b7ef
Certificate serial: 018CC348B321349E73A9980C850A23E0BE23
Authority key identifier: 15:FD:8A:D5:D4:70:0B:83:66:71:AD:66:11:46:64:CF:33:03:B7:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff2K1dRwC4Nmca1mEUZkzzMDt-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/204af5-b249-46d0-9126-282f728a8c44/1/qQtie_DwEpbF--XPEoUMue_9EkA.roa
Signing time: Mon 01 Jan 2024 04:29:30 +0000
ROA not before: Mon 01 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34281
IP address blocks: 83.137.56.0/22 maxlen: 22
83.137.56.0/21 maxlen: 21
83.137.60.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b3:21:34:9e:73:a9:98:0c:85:0a:23:e0:be:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd8ad5d4700b836671ad66114664cf3303b7ef
Validity
Not Before: Jan 1 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a90b627bf0f01296c5fbe5cf12850cb9effd1240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2d:f0:1a:bf:71:d6:e9:aa:8e:d9:2b:92:7c:
5f:34:28:f5:cb:9c:85:36:16:9c:5e:1e:7d:24:25:
1a:26:c7:42:0b:ee:42:ef:c1:2c:c7:1b:85:73:7d:
eb:b7:09:d6:95:9e:75:f9:fe:9b:fe:45:60:d6:7a:
e2:a8:06:30:31:ac:10:cd:34:1c:6d:75:ca:dc:a0:
fc:a8:2c:6b:02:92:05:d7:db:37:a7:9e:b9:30:7b:
d6:50:e5:3d:a8:62:50:b6:bb:a2:d8:a7:27:c6:22:
ef:65:2e:29:a4:66:6f:ae:bd:50:46:6c:16:49:e8:
f6:23:ed:0a:be:f7:1b:26:ba:2c:46:3c:9d:e8:d2:
29:38:ae:95:05:0e:93:32:ec:11:54:67:91:d4:90:
c3:67:68:57:12:cf:67:68:b8:d6:64:0c:e3:20:b4:
51:0b:93:86:20:86:03:a8:2b:ad:fb:92:81:42:bb:
1d:21:d6:83:01:aa:b2:da:ac:7d:dd:30:67:d9:2d:
1a:99:eb:5f:16:23:6d:ce:72:3f:05:a7:6b:ee:cb:
71:48:52:92:5c:85:0d:7c:91:12:54:83:eb:96:85:
fa:95:75:0a:af:bc:6a:7f:d1:7d:99:0f:79:a0:1a:
63:7d:44:85:e8:2b:6d:23:37:a3:67:2b:69:96:f9:
a3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0B:62:7B:F0:F0:12:96:C5:FB:E5:CF:12:85:0C:B9:EF:FD:12:40
X509v3 Authority Key Identifier:
keyid:15:FD:8A:D5:D4:70:0B:83:66:71:AD:66:11:46:64:CF:33:03:B7:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff2K1dRwC4Nmca1mEUZkzzMDt-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/204af5-b249-46d0-9126-282f728a8c44/1/qQtie_DwEpbF--XPEoUMue_9EkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/204af5-b249-46d0-9126-282f728a8c44/1/Ff2K1dRwC4Nmca1mEUZkzzMDt-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.56.0/21
Signature Algorithm: sha256WithRSAEncryption
69:6f:54:b3:58:75:a1:5a:e2:6b:5d:52:f6:97:62:2a:39:22:
b1:66:98:56:23:75:d8:49:56:48:a3:89:fe:72:bc:16:28:b5:
2f:8e:e9:12:50:f0:b5:9e:fd:7d:02:17:fb:6b:d1:23:62:33:
91:57:ef:6f:22:9a:10:93:ad:80:36:0d:be:78:94:d6:7e:5f:
3e:fb:f7:47:aa:b2:a0:75:cc:3c:dc:fb:79:12:67:49:a7:3c:
fb:b8:ee:9a:f1:24:f3:df:bb:7a:97:92:16:90:ad:24:53:ef:
9d:03:9e:8d:6d:ec:0b:82:24:fb:52:7b:91:37:09:f4:49:00:
79:3f:d4:1d:52:35:19:fd:7b:61:74:3c:ff:12:47:0a:da:af:
d8:0f:4a:1b:9c:0f:02:52:50:d8:c8:0e:02:c3:cc:a9:20:f2:
46:88:be:fc:52:ca:9d:0e:e4:0a:29:fd:0f:bc:8d:62:e9:1b:
ce:1c:08:72:0c:32:25:b8:5d:b5:4f:32:3b:64:37:85:5b:79:
04:74:5d:4b:67:39:41:e6:34:90:da:65:88:2f:18:9a:b7:4b:
f6:56:48:47:3b:ea:84:11:de:69:5e:b0:8c:88:c4:a2:2d:0c:
e5:f6:73:ad:af:ca:1e:28:f9:2a:68:50:33:49:f9:f1:35:63:
93:a3:b8:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLMhNJ5zqZgMhQoj4L4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQ4YWQ1ZDQ3MDBiODM2NjcxYWQ2NjExNDY2NGNmMzMw
M2I3ZWYwHhcNMjQwMTAxMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTBiNjI3YmYwZjAxMjk2YzVmYmU1Y2YxMjg1MGNiOWVmZmQxMjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqy3wGr9x1umqjtkrknxfNCj1y5yF
NhacXh59JCUaJsdCC+5C78EsxxuFc33rtwnWlZ51+f6b/kVg1nriqAYwMawQzTQc
bXXK3KD8qCxrApIF19s3p565MHvWUOU9qGJQtrui2KcnxiLvZS4ppGZvrr1QRmwW
Sej2I+0KvvcbJrosRjyd6NIpOK6VBQ6TMuwRVGeR1JDDZ2hXEs9naLjWZAzjILRR
C5OGIIYDqCut+5KBQrsdIdaDAaqy2qx93TBn2S0ametfFiNtznI/Badr7stxSFKS
XIUNfJESVIPrloX6lXUKr7xqf9F9mQ95oBpjfUSF6CttIzejZytplvmjWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkLYnvw8BKWxfvlzxKFDLnv/RJAMB8GA1UdIwQY
MBaAFBX9itXUcAuDZnGtZhFGZM8zA7fvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYySzFkUndDNE5tY2ExbUVVWmt6ek1EdC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMDRhZjUtYjI0OS00NmQwLTkxMjYt
MjgyZjcyOGE4YzQ0LzEvcVF0aWVfRHdFcGJGLS1YUEVvVU11ZV85RWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMDRhZjUtYjI0OS00NmQwLTkxMjYtMjgyZjcyOGE4YzQ0
LzEvRmYySzFkUndDNE5tY2ExbUVVWmt6ek1EdC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU4k4MA0G
CSqGSIb3DQEBCwUAA4IBAQBpb1SzWHWhWuJrXVL2l2IqOSKxZphWI3XYSVZIo4n+
crwWKLUvjukSUPC1nv19Ahf7a9EjYjORV+9vIpoQk62ANg2+eJTWfl8++/dHqrKg
dcw83Pt5EmdJpzz7uO6a8STz37t6l5IWkK0kU++dA56NbewLgiT7UnuRNwn0SQB5
P9QdUjUZ/XthdDz/EkcK2q/YD0obnA8CUlDYyA4Cw8ypIPJGiL78UsqdDuQKKf0P
vI1i6RvOHAhyDDIluF21TzI7ZDeFW3kEdF1LZzlB5jSQ2mWILxiat0v2VkhHO+qE
Ed5pXrCMiMSiLQzl9nOtr8oeKPkqaFAzSfnxNWOTo7iD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:43 2024 by rpki-client on console-ams.rpki-client.org