Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/7RTgwwdOrusMn_FliH4b4DH5zjA.roa
File: 7RTgwwdOrusMn_FliH4b4DH5zjA.roa (raw, json)
Hash identifier: C4uK/P+okOK2r/mDi26zGBCYu4rSCI/liKEjsF+FtO4=
Subject key identifier: ED:14:E0:C3:07:4E:AE:EB:0C:9F:F1:65:88:7E:1B:E0:31:F9:CE:30
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 05169934
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/7RTgwwdOrusMn_FliH4b4DH5zjA.roa
Signing time: Wed 23 Mar 2022 14:53:08 +0000
ROA not before: Wed 23 Mar 2022 14:53:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29470
IP address blocks: 87.245.192.0/20 maxlen: 24
139.45.216.0/21 maxlen: 24
139.45.224.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85367092 (0x5169934)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Mar 23 14:53:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed14e0c3074eaeeb0c9ff165887e1be031f9ce30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:80:40:78:10:56:7c:38:b5:7d:74:03:1d:52:
b2:65:50:ab:03:d0:44:70:b5:da:46:cd:4b:97:a9:
e5:76:f0:a1:7c:2e:0e:7f:f2:15:31:61:d4:be:1f:
6e:02:4b:54:95:bb:a6:0d:a5:15:28:ef:9b:c4:84:
9c:8f:92:eb:cc:4e:74:7d:be:7b:a5:dc:a2:7c:0d:
11:14:de:f2:ba:fa:b4:4b:78:37:f0:9f:43:7e:ca:
e8:a0:9b:d8:88:e7:82:53:60:2f:8c:14:8f:21:27:
af:b1:8c:a4:6f:43:53:42:48:eb:7a:0d:df:95:e0:
0b:ee:4c:95:33:77:20:5d:a1:2b:e4:0c:08:a2:44:
74:36:79:d6:58:bc:62:3e:b0:81:d7:dc:a2:f1:b8:
0e:5a:8d:3b:22:07:65:41:b4:4e:9e:ec:51:fe:9e:
65:62:c7:e0:5c:3f:e4:e2:98:f5:79:b9:0e:b8:d3:
2a:38:83:f7:b5:39:f6:b7:cd:8f:5e:ab:14:4a:1b:
6d:6d:f0:31:c5:86:bd:ee:08:8f:fb:7b:70:93:2d:
92:14:a4:3a:8a:fd:07:e0:ae:4b:c0:d7:ed:24:bb:
cb:da:26:10:76:d1:4a:dc:89:fc:19:2a:07:a8:5a:
b4:25:b2:e1:e4:67:6f:af:9e:88:85:81:60:c2:22:
6c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:14:E0:C3:07:4E:AE:EB:0C:9F:F1:65:88:7E:1B:E0:31:F9:CE:30
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/7RTgwwdOrusMn_FliH4b4DH5zjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.192.0/20
139.45.216.0-139.45.239.255
Signature Algorithm: sha256WithRSAEncryption
1d:fd:f7:8e:79:44:7d:8c:0c:24:2f:2e:50:19:66:ff:f4:41:
50:72:86:df:af:bd:d2:fa:ec:d4:54:09:8b:dd:64:ed:6c:f2:
96:ef:0b:86:d3:f9:47:95:42:f0:cc:82:b7:ca:6d:a4:e7:f6:
24:87:33:80:9d:a7:0c:6b:ff:f6:5d:63:d5:73:ea:f2:13:f8:
1a:c3:03:3f:de:94:c0:69:58:81:91:a8:c7:c3:1e:74:ab:74:
e1:23:48:a6:c6:5a:df:17:fd:5d:c9:7a:3f:00:fd:cb:1c:77:
a2:e0:00:5e:8f:1f:78:86:73:f8:da:2a:01:d8:33:3b:c6:37:
3d:f5:01:d0:64:0a:a7:2b:1f:c3:e4:2e:bc:6f:83:c3:9c:14:
f5:70:64:8f:a0:51:19:68:53:25:7e:92:3e:e1:a7:34:9a:cb:
5e:1f:56:e1:38:40:eb:25:bc:cc:9b:07:a9:5d:f0:72:09:e2:
6d:bf:46:d6:cb:35:4a:ea:9d:a0:10:31:d4:b4:32:e8:a5:cf:
03:d9:ea:d2:5c:af:30:e3:a0:3b:2e:4f:d5:c3:11:70:2d:39:
20:6d:ba:ef:8b:86:11:17:c8:ff:0f:64:4d:73:b2:1c:c6:7d:
6d:0b:aa:1a:d5:54:57:32:79:f9:fe:19:bd:97:e9:fd:93:27:
0e:b2:2c:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBRaZNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWJlMDJkZWEwYTA4NmU5ODgwZjU2NGM4Njg3MmJiYzU5N2NjNjcyMB4XDTIyMDMy
MzE0NTMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQxNGUwYzMwNzRl
YWVlYjBjOWZmMTY1ODg3ZTFiZTAzMWY5Y2UzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmAQHgQVnw4tX10Ax1SsmVQqwPQRHC12kbNS5ep5XbwoXwu
Dn/yFTFh1L4fbgJLVJW7pg2lFSjvm8SEnI+S68xOdH2+e6XconwNERTe8rr6tEt4
N/CfQ37K6KCb2IjnglNgL4wUjyEnr7GMpG9DU0JI63oN35XgC+5MlTN3IF2hK+QM
CKJEdDZ51li8Yj6wgdfcovG4DlqNOyIHZUG0Tp7sUf6eZWLH4Fw/5OKY9Xm5DrjT
KjiD97U59rfNj16rFEobbW3wMcWGve4Ij/t7cJMtkhSkOor9B+CuS8DX7SS7y9om
EHbRStyJ/BkqB6hatCWy4eRnb6+eiIWBYMIibJkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBTtFODDB06u6wyf8WWIfhvgMfnOMDAfBgNVHSMEGDAWgBQpvgLeoKCG6YgP
VkyGhyu8WXzGcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tiNEMzcUNnaHVtSUQxWk1ob2NydkZsOHhuSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvZWExY2ZmLWFlOGYtNDcxOS04OWIzLTAwM2ExNTY4YmYzZi8x
LzdSVGd3d2RPcnVzTW5fRmxpSDRiNERINXpqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
ZWExY2ZmLWFlOGYtNDcxOS04OWIzLTAwM2ExNTY4YmYzZi8xL0tiNEMzcUNnaHVt
SUQxWk1ob2NydkZsOHhuSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEBFf1wDAMAwQDiy3YAwQEiy3gMA0G
CSqGSIb3DQEBCwUAA4IBAQAd/feOeUR9jAwkLy5QGWb/9EFQcobfr73S+uzUVAmL
3WTtbPKW7wuG0/lHlULwzIK3ym2k5/YkhzOAnacMa//2XWPVc+ryE/gawwM/3pTA
aViBkajHwx50q3ThI0imxlrfF/1dyXo/AP3LHHei4ABejx94hnP42ioB2DM7xjc9
9QHQZAqnKx/D5C68b4PDnBT1cGSPoFEZaFMlfpI+4ac0msteH1bhOEDrJbzMmwep
XfByCeJtv0bWyzVK6p2gEDHUtDLopc8D2erSXK8w46A7Lk/VwxFwLTkgbbrvi4YR
F8j/D2RNc7Icxn1tC6oa1VRXMnn5/hm9l+n9kycOsix5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org