Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/r6P3sHtoOSH1Gq0WMJstihA1cmc.roa
File: r6P3sHtoOSH1Gq0WMJstihA1cmc.roa (raw, json)
Hash identifier: 8cQ7v9MziUzYB68eq8IXjY3ih4YjRn0q7IUdZFgr0ZY=
Subject key identifier: AF:A3:F7:B0:7B:68:39:21:F5:1A:AD:16:30:9B:2D:8A:10:35:72:67
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: C6ADF4
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/r6P3sHtoOSH1Gq0WMJstihA1cmc.roa
Signing time: Sun 19 Jun 2022 20:21:44 +0000
ROA not before: Sun 19 Jun 2022 20:21:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 88.214.51.0/24 maxlen: 24
45.140.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13020660 (0xc6adf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jun 19 20:21:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afa3f7b07b683921f51aad16309b2d8a10357267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e2:30:a6:23:b1:d5:0d:7c:02:2d:c6:fa:18:
f6:04:09:88:42:48:d1:bf:5d:1c:25:ee:bf:f3:be:
34:81:09:d2:6d:16:e3:ae:9c:05:1a:4a:bd:e2:8d:
4f:8c:b7:0a:7f:59:48:2f:7a:1a:e5:fa:04:80:f4:
ce:ce:1c:31:0f:91:c7:c1:de:6f:51:b8:3e:63:d5:
52:d3:54:03:6c:50:b1:45:68:99:e1:3a:55:db:d6:
d4:c8:de:d4:9b:4e:0a:09:4a:d5:c5:ec:e0:6c:76:
ec:8c:f4:b0:9a:44:a5:4c:ee:82:56:78:94:63:95:
9f:bb:f2:46:37:d1:87:92:37:2d:1e:6e:4a:44:53:
72:7e:86:f9:8a:8d:99:d2:4a:41:f0:f3:bf:5b:2a:
f9:1d:65:34:8d:da:37:e9:ed:05:61:7b:63:6b:a3:
42:e1:87:3a:72:22:fb:e4:c6:97:ab:c1:da:78:a6:
ce:af:86:33:3b:71:70:72:48:de:4f:7e:6d:b3:88:
d2:ec:44:59:a7:6b:d7:d8:ad:f1:5a:63:e3:b3:ce:
a9:f6:01:ae:58:38:f8:5e:b1:76:57:8d:76:ed:26:
e4:63:cb:2e:07:c0:ec:09:3a:10:d2:17:c7:cf:b0:
a3:70:69:b9:a8:a1:14:60:97:d4:d1:d0:07:05:ec:
e4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A3:F7:B0:7B:68:39:21:F5:1A:AD:16:30:9B:2D:8A:10:35:72:67
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/r6P3sHtoOSH1Gq0WMJstihA1cmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.172.0/24
88.214.51.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a0:42:13:45:f5:d5:62:4f:73:14:4c:20:af:20:f6:e3:18:
3a:de:2b:24:20:3e:cc:2d:9c:3d:bc:0d:f8:98:e9:f2:5b:6c:
a6:dc:18:44:4a:6a:b8:17:01:c1:8e:57:94:09:fd:42:18:f3:
bf:27:26:07:d0:24:df:aa:87:fc:ab:44:fa:2b:99:d0:4e:c6:
ff:c8:46:fd:54:b3:cb:3b:3f:62:9d:41:2f:5f:88:93:7f:d5:
5d:b0:e1:74:d2:8e:93:c4:a9:f7:72:16:ce:9d:fb:38:e9:63:
15:21:49:d0:e6:21:5a:12:8a:8b:2c:ea:9f:eb:af:c1:0a:79:
dd:13:bb:6e:cc:96:ac:d2:f0:c0:c5:8a:a9:74:19:ab:d5:f8:
cb:c0:f3:83:14:d8:4d:dc:8d:c0:37:79:91:eb:04:f5:5e:c9:
3e:74:98:52:52:c9:5f:30:cb:0f:6a:c2:ed:d7:d8:1c:d3:2e:
76:91:ce:09:84:67:3d:f4:9f:fd:8f:b1:4e:9e:df:bd:1b:5f:
6a:b7:74:ae:28:72:03:8d:42:0e:d5:39:95:20:99:01:5f:0d:
5a:5d:c6:07:f3:da:6e:4e:38:d6:c5:c2:97:16:ad:70:99:cd:
b3:7c:6d:9c:f5:c5:70:8e:3c:82:fe:21:52:81:92:1f:db:a8:
66:29:be:09
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAMat9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjBiMmJjNDU0NzdjODFkNzc0ZGFhMGMyOGFiNDRiNzc0YmEwOTIwMB4XDTIyMDYx
OTIwMjE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZhM2Y3YjA3YjY4
MzkyMWY1MWFhZDE2MzA5YjJkOGExMDM1NzI2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7iMKYjsdUNfAItxvoY9gQJiEJI0b9dHCXuv/O+NIEJ0m0W
466cBRpKveKNT4y3Cn9ZSC96GuX6BID0zs4cMQ+Rx8Heb1G4PmPVUtNUA2xQsUVo
meE6VdvW1Mje1JtOCglK1cXs4Gx27Iz0sJpEpUzuglZ4lGOVn7vyRjfRh5I3LR5u
SkRTcn6G+YqNmdJKQfDzv1sq+R1lNI3aN+ntBWF7Y2ujQuGHOnIi++TGl6vB2nim
zq+GMztxcHJI3k9+bbOI0uxEWadr19it8Vpj47POqfYBrlg4+F6xdleNdu0m5GPL
LgfA7Ak6ENIXx8+wo3BpuaihFGCX1NHQBwXs5EECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSvo/ewe2g5IfUarRYwmy2KEDVyZzAfBgNVHSMEGDAWgBQmCyvEVHfIHXdN
qgwoq0S3dLoJIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pnc3J4RlIzeUIxM1Rhb01LS3RFdDNTNkNTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvN2IxMjA1LTM0NTAtNGU5MC04YjE0LTE3ZTY2YzFmZDNkMS8x
L3I2UDNzSHRvT1NIMUdxMFdNSnN0aWhBMWNtYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
N2IxMjA1LTM0NTAtNGU5MC04YjE0LTE3ZTY2YzFmZDNkMS8xL0pnc3J4RlIzeUIx
M1Rhb01LS3RFdDNTNkNTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2MrAMEAFjWMzANBgkqhkiG9w0B
AQsFAAOCAQEAIaBCE0X11WJPcxRMIK8g9uMYOt4rJCA+zC2cPbwN+Jjp8ltsptwY
REpquBcBwY5XlAn9QhjzvycmB9Ak36qH/KtE+iuZ0E7G/8hG/VSzyzs/Yp1BL1+I
k3/VXbDhdNKOk8Sp93IWzp37OOljFSFJ0OYhWhKKiyzqn+uvwQp53RO7bsyWrNLw
wMWKqXQZq9X4y8DzgxTYTdyNwDd5kesE9V7JPnSYUlLJXzDLD2rC7dfYHNMudpHO
CYRnPfSf/Y+xTp7fvRtfard0rihyA41CDtU5lSCZAV8NWl3GB/Pabk441sXClxat
cJnNs3xtnPXFcI48gv4hUoGSH9uoZim+CQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org