Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/204af5-b249-46d0-9126-282f728a8c44/1/wiXR9T_mbEZMwuKzs7fkh8Edcxg.roa
File: wiXR9T_mbEZMwuKzs7fkh8Edcxg.roa (raw, json)
Hash identifier: 1Gx60TW0kSh/Gq+lug19RUp8EYh8kDIBvzwdGhoz9ZE=
Subject key identifier: C2:25:D1:F5:3F:E6:6C:46:4C:C2:E2:B3:B3:B7:E4:87:C1:1D:73:18
Certificate issuer: /CN=15fd8ad5d4700b836671ad66114664cf3303b7ef
Certificate serial: 01856C25B3747B9B4A9F6AD8B42AD8611E36
Authority key identifier: 15:FD:8A:D5:D4:70:0B:83:66:71:AD:66:11:46:64:CF:33:03:B7:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff2K1dRwC4Nmca1mEUZkzzMDt-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/204af5-b249-46d0-9126-282f728a8c44/1/wiXR9T_mbEZMwuKzs7fkh8Edcxg.roa
Signing time: Sun 01 Jan 2023 07:04:48 +0000
ROA not before: Sun 01 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34281
IP address blocks: 83.137.56.0/22 maxlen: 22
83.137.56.0/21 maxlen: 21
83.137.60.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:b3:74:7b:9b:4a:9f:6a:d8:b4:2a:d8:61:1e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd8ad5d4700b836671ad66114664cf3303b7ef
Validity
Not Before: Jan 1 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c225d1f53fe66c464cc2e2b3b3b7e487c11d7318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:5d:cc:f9:0a:31:85:0c:96:07:f4:70:cc:
fa:e4:f0:93:ad:7d:74:8c:18:06:95:4e:fb:5a:d6:
14:1a:28:25:68:47:b2:56:4d:d7:e9:ac:21:0c:c6:
39:fc:42:6e:43:d6:3b:88:05:c4:48:c9:41:bd:e0:
2f:87:d3:bd:83:78:cd:9e:a8:97:78:94:fd:20:83:
69:63:9f:98:8b:8b:fe:d6:ac:62:7d:52:7e:0a:8a:
c8:e6:21:19:9b:66:8e:da:e4:e4:57:30:9f:61:5f:
e9:92:10:41:e2:5f:30:5f:ef:55:c0:22:9e:65:e6:
35:1b:38:9c:62:03:65:de:d2:0f:df:c5:90:a3:ec:
0d:c3:d2:32:c1:04:0c:dc:15:70:16:42:df:af:44:
3a:85:0e:4a:5f:bd:4d:3e:40:38:ae:6b:52:76:11:
cf:56:b8:65:bf:2f:2a:fd:1a:b5:43:01:9b:8c:6b:
45:b6:48:bb:78:e6:a4:a7:ca:2a:59:78:e5:e3:93:
dc:cc:5a:2b:d2:56:b4:0d:25:79:d9:59:c3:51:f0:
4a:e2:0b:ee:fd:b2:25:bb:12:64:f0:68:1e:eb:c3:
1a:76:e4:49:28:a6:44:44:e0:2f:af:b1:83:39:d2:
a9:b0:ee:a7:91:df:7b:05:49:0f:23:c8:bb:89:0e:
e7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:25:D1:F5:3F:E6:6C:46:4C:C2:E2:B3:B3:B7:E4:87:C1:1D:73:18
X509v3 Authority Key Identifier:
keyid:15:FD:8A:D5:D4:70:0B:83:66:71:AD:66:11:46:64:CF:33:03:B7:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff2K1dRwC4Nmca1mEUZkzzMDt-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/204af5-b249-46d0-9126-282f728a8c44/1/wiXR9T_mbEZMwuKzs7fkh8Edcxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/204af5-b249-46d0-9126-282f728a8c44/1/Ff2K1dRwC4Nmca1mEUZkzzMDt-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.56.0/21
Signature Algorithm: sha256WithRSAEncryption
90:8f:26:03:53:2e:37:df:91:11:f0:07:a0:41:03:65:be:e8:
a3:97:13:32:1e:1a:2b:d9:dd:32:b7:b9:ef:e0:ed:59:27:d5:
5a:6d:34:21:da:a3:4e:bf:be:88:b7:b9:86:71:86:1d:00:0f:
0e:a6:66:75:c3:40:07:d8:99:73:69:4c:d8:e4:cd:e0:5b:c2:
88:37:1c:c9:89:e7:4c:e4:2e:c0:a9:f4:a9:f6:31:d7:c3:19:
fa:12:af:5b:f0:a0:4f:15:17:83:83:10:17:13:fe:d2:b2:7e:
a8:dd:23:a9:20:eb:5e:02:f5:46:00:3f:6d:9e:68:98:56:ff:
05:32:f6:7c:71:95:74:d5:76:bb:e4:da:87:15:28:ed:dc:f5:
ca:ce:40:50:3a:ed:21:de:d7:e7:7c:2e:0b:55:fb:5e:80:12:
5c:33:b7:1e:a3:0d:d1:d5:42:89:e1:26:7d:b8:62:ed:8a:53:
3f:58:6a:25:88:69:34:2e:73:85:c9:fe:17:71:10:94:41:c8:
29:30:a4:34:ad:42:50:76:6c:52:ed:24:99:13:af:97:29:a4:
fb:9b:27:60:73:7a:b7:3f:97:48:1e:2e:46:c5:a7:91:79:fe:
25:c1:13:cd:63:12:a0:43:2c:d1:43:4e:6f:f9:24:fd:4c:bc:
a3:c3:18:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsJbN0e5tKn2rYtCrYYR42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQ4YWQ1ZDQ3MDBiODM2NjcxYWQ2NjExNDY2NGNmMzMw
M2I3ZWYwHhcNMjMwMTAxMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjI1ZDFmNTNmZTY2YzQ2NGNjMmUyYjNiM2I3ZTQ4N2MxMWQ3MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixBdzPkKMYUMlgf0cMz65PCTrX10
jBgGlU77WtYUGiglaEeyVk3X6awhDMY5/EJuQ9Y7iAXESMlBveAvh9O9g3jNnqiX
eJT9IINpY5+Yi4v+1qxifVJ+CorI5iEZm2aO2uTkVzCfYV/pkhBB4l8wX+9VwCKe
ZeY1GzicYgNl3tIP38WQo+wNw9IywQQM3BVwFkLfr0Q6hQ5KX71NPkA4rmtSdhHP
Vrhlvy8q/Rq1QwGbjGtFtki7eOakp8oqWXjl45PczFor0la0DSV52VnDUfBK4gvu
/bIluxJk8Gge68MaduRJKKZEROAvr7GDOdKpsO6nkd97BUkPI8i7iQ7nMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIl0fU/5mxGTMLis7O35IfBHXMYMB8GA1UdIwQY
MBaAFBX9itXUcAuDZnGtZhFGZM8zA7fvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYySzFkUndDNE5tY2ExbUVVWmt6ek1EdC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMDRhZjUtYjI0OS00NmQwLTkxMjYt
MjgyZjcyOGE4YzQ0LzEvd2lYUjlUX21iRVpNd3VLenM3ZmtoOEVkY3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMDRhZjUtYjI0OS00NmQwLTkxMjYtMjgyZjcyOGE4YzQ0
LzEvRmYySzFkUndDNE5tY2ExbUVVWmt6ek1EdC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU4k4MA0G
CSqGSIb3DQEBCwUAA4IBAQCQjyYDUy4335ER8AegQQNlvuijlxMyHhor2d0yt7nv
4O1ZJ9VabTQh2qNOv76It7mGcYYdAA8OpmZ1w0AH2JlzaUzY5M3gW8KINxzJiedM
5C7AqfSp9jHXwxn6Eq9b8KBPFReDgxAXE/7Ssn6o3SOpIOteAvVGAD9tnmiYVv8F
MvZ8cZV01Xa75NqHFSjt3PXKzkBQOu0h3tfnfC4LVftegBJcM7ceow3R1UKJ4SZ9
uGLtilM/WGoliGk0LnOFyf4XcRCUQcgpMKQ0rUJQdmxS7SSZE6+XKaT7mydgc3q3
P5dIHi5GxaeRef4lwRPNYxKgQyzRQ05v+ST9TLyjwxid
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:18 2024 by rpki-client on console-fra.rpki-client.org