Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/F_QK8TzoBIyGxY7iiXDMSv5GFyc.roa
File: F_QK8TzoBIyGxY7iiXDMSv5GFyc.roa (raw, json)
Hash identifier: NObPhu2lvEYNvgrhLND0n6zxGptPQ3246KEu/ZA+9B0=
Subject key identifier: 17:F4:0A:F1:3C:E8:04:8C:86:C5:8E:E2:89:70:CC:4A:FE:46:17:27
Certificate issuer: /CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
Certificate serial: 08E0B77C
Authority key identifier: 47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/F_QK8TzoBIyGxY7iiXDMSv5GFyc.roa
Signing time: Sat 01 Jan 2022 05:04:23 +0000
ROA not before: Sat 01 Jan 2022 05:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138968
IP address blocks: 2.57.240.0/22 maxlen: 22
78.41.40.0/22 maxlen: 22
85.208.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148944764 (0x8e0b77c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
Validity
Not Before: Jan 1 05:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17f40af13ce8048c86c58ee28970cc4afe461727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0a:25:66:dd:08:dc:ff:e8:ef:a2:a6:75:ef:
7c:7b:e0:88:8c:02:70:a8:f7:6f:22:56:70:66:52:
76:63:d8:5c:72:ae:f9:5e:1a:52:46:b3:c0:77:2d:
b1:fc:32:47:1d:cb:c3:ad:f1:8c:e9:9f:32:25:f0:
33:d2:f2:1a:4d:63:0a:99:20:9e:06:6f:68:47:8d:
15:2e:7a:64:f9:6c:94:cc:16:f5:80:d7:ba:34:38:
eb:65:e6:92:60:4d:26:25:6f:03:7c:a0:ee:d2:96:
c5:c8:69:c1:13:fa:2a:3c:51:78:fd:e2:0f:3d:74:
4d:8e:46:d7:eb:27:90:4a:11:d8:0c:ea:24:d4:85:
93:31:94:60:3b:2b:d9:59:dc:77:83:1f:bd:d3:e0:
e4:b1:5f:35:3f:6a:1b:7d:b5:94:91:a2:a9:5a:31:
f9:30:81:5c:5f:49:3d:25:f3:09:f8:ec:37:85:ba:
d1:13:fb:4c:e9:ff:43:80:23:d2:9a:b5:41:74:b6:
d8:f6:93:cd:ed:4c:1d:dc:6e:ea:cf:b3:e7:ba:47:
14:37:20:f4:33:cb:52:28:c1:ba:95:f2:eb:27:91:
0d:f0:b3:d4:41:dd:d9:fd:7f:a2:cf:b8:a5:c3:f6:
fc:1c:95:28:52:6f:6c:74:65:8f:dc:c8:7b:75:d4:
59:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F4:0A:F1:3C:E8:04:8C:86:C5:8E:E2:89:70:CC:4A:FE:46:17:27
X509v3 Authority Key Identifier:
keyid:47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/F_QK8TzoBIyGxY7iiXDMSv5GFyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/22
78.41.40.0/22
85.208.212.0/22
Signature Algorithm: sha256WithRSAEncryption
ec:84:5f:47:dd:a7:85:9a:5a:33:98:5d:56:9e:8f:3c:d7:a7:
c4:48:33:6c:50:7d:fe:87:50:f6:21:32:89:9f:19:02:6c:aa:
de:5f:97:ce:c3:78:fb:65:d0:e2:7b:10:47:6f:13:13:cb:f1:
c3:ef:b8:d4:cb:44:f1:70:c2:46:55:dd:c8:99:de:45:48:1d:
a5:28:a5:49:0b:62:83:69:5d:bc:67:14:1d:c7:f2:b8:9f:23:
48:3f:23:1f:b7:a4:8e:54:dc:49:0d:ed:b8:38:9b:92:6d:5b:
77:12:86:1d:33:6d:51:9a:b9:12:5c:85:73:52:fc:6c:af:a5:
84:1f:24:fb:53:42:18:e2:2c:69:0e:0b:b3:17:99:4f:fb:88:
d1:67:e3:55:20:77:1e:80:d9:c0:e6:61:ea:e3:93:55:e7:44:
d9:66:7b:5f:f1:96:08:39:73:c8:22:17:76:74:06:f4:a7:71:
92:6a:b1:1e:32:b2:02:73:bd:7f:77:3c:7a:a9:5d:f7:cb:cf:
41:41:13:9e:0b:b5:e9:cf:7f:71:9c:71:51:0b:f1:27:e4:51:
8f:b2:43:45:3c:29:03:6e:ef:a9:83:ed:5f:ce:96:7f:c3:32:
5f:ee:2a:c2:06:9e:16:d6:e5:69:2e:44:cf:e8:18:ad:22:bb:
d0:1b:df:bf
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECOC3fDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NzA1ZDNjNmE1YjA1MTI2ODJjZGZkZjM2M2IxOWE5YzU2N2YxZjZjMB4XDTIyMDEw
MTA1MDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdmNDBhZjEzY2U4
MDQ4Yzg2YzU4ZWUyODk3MGNjNGFmZTQ2MTcyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsKJWbdCNz/6O+ipnXvfHvgiIwCcKj3byJWcGZSdmPYXHKu
+V4aUkazwHctsfwyRx3Lw63xjOmfMiXwM9LyGk1jCpkgngZvaEeNFS56ZPlslMwW
9YDXujQ462XmkmBNJiVvA3yg7tKWxchpwRP6KjxReP3iDz10TY5G1+snkEoR2Azq
JNSFkzGUYDsr2Vncd4MfvdPg5LFfNT9qG321lJGiqVox+TCBXF9JPSXzCfjsN4W6
0RP7TOn/Q4Aj0pq1QXS22PaTze1MHdxu6s+z57pHFDcg9DPLUijBupXy6yeRDfCz
1EHd2f1/os+4pcP2/ByVKFJvbHRlj9zIe3XUWQ8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQX9ArxPOgEjIbFjuKJcMxK/kYXJzAfBgNVHSMEGDAWgBRHBdPGpbBRJoLN
/fNjsZqcVn8fbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1J3WFR4cVd3VVNhQ3pmM3pZN0dhbkZaX0gydy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvNTZhZWU5LTk5NmMtNDM4Zi1iYjAwLTBkZmE2YjIyZWZmMi8x
L0ZfUUs4VHpvQkl5R3hZN2lpWERNU3Y1R0Z5Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
NTZhZWU5LTk5NmMtNDM4Zi1iYjAwLTBkZmE2YjIyZWZmMi8xL1J3WFR4cVd3VVNh
Q3pmM3pZN0dhbkZaX0gydy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAgI58AMEAk4pKAMEAlXQ1DANBgkq
hkiG9w0BAQsFAAOCAQEA7IRfR92nhZpaM5hdVp6PPNenxEgzbFB9/odQ9iEyiZ8Z
Amyq3l+XzsN4+2XQ4nsQR28TE8vxw++41MtE8XDCRlXdyJneRUgdpSilSQtig2ld
vGcUHcfyuJ8jSD8jH7ekjlTcSQ3tuDibkm1bdxKGHTNtUZq5ElyFc1L8bK+lhB8k
+1NCGOIsaQ4LsxeZT/uI0WfjVSB3HoDZwOZh6uOTVedE2WZ7X/GWCDlzyCIXdnQG
9KdxkmqxHjKyAnO9f3c8eqld98vPQUETngu16c9/cZxxUQvxJ+RRj7JDRTwpA27v
qYPtX86Wf8MyX+4qwgaeFtblaS5Ez+gYrSK70Bvfvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:20 2024 by rpki-client on console-fra.rpki-client.org