Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/i6FgwCWDnxHy-odV_N3517KzrOU.roa
File: i6FgwCWDnxHy-odV_N3517KzrOU.roa (raw, json)
Hash identifier: BjXiaGaXztcsit3rWJZ+lk/sNHexvxg1zewXWD8mk3U=
Subject key identifier: 8B:A1:60:C0:25:83:9F:11:F2:FA:87:55:FC:DD:F9:D7:B2:B3:AC:E5
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 045BDBFC
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/i6FgwCWDnxHy-odV_N3517KzrOU.roa
Signing time: Sat 01 Jan 2022 00:54:00 +0000
ROA not before: Sat 01 Jan 2022 00:54:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9002
IP address blocks: 139.45.192.0/18 maxlen: 18
87.245.192.0/18 maxlen: 18
185.82.8.0/22 maxlen: 22
87.245.224.0/19 maxlen: 19
2a02:2d8::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73128956 (0x45bdbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Jan 1 00:54:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ba160c025839f11f2fa8755fcddf9d7b2b3ace5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8e:aa:81:68:29:d6:7a:8d:02:45:59:bd:03:
c5:51:5c:55:d2:9c:c3:65:40:e8:9a:9c:ba:07:99:
75:fc:37:69:d5:37:25:3e:18:f0:0d:f6:13:2b:b8:
ee:28:5f:65:56:01:b2:cc:07:e8:c6:26:78:65:7e:
e2:7d:fe:42:d6:63:54:25:de:bf:0e:66:4b:1d:a7:
18:c0:ff:b0:a1:13:5f:6c:7d:81:46:80:99:0e:1a:
10:a3:3e:21:87:27:ab:c4:70:ec:2d:15:58:6f:38:
46:61:09:29:ba:18:84:e1:f1:e9:3e:90:de:97:e8:
38:7d:0c:a5:91:c6:a0:33:8b:2c:a5:84:d6:cb:a8:
5a:c4:82:8d:c1:56:bf:71:6d:2f:b6:ac:09:67:e9:
cc:cd:3a:0d:be:16:a7:6b:e8:c6:7f:3d:13:15:c4:
d9:c6:3e:9c:77:e2:01:75:fc:3a:85:d9:f5:af:45:
65:54:5f:c6:de:98:ed:76:15:8d:22:b0:ea:3f:72:
95:c3:a5:ff:27:3b:9e:70:15:6c:3a:0f:f8:a9:c0:
d0:24:fb:96:fb:ea:6d:bb:78:bd:84:91:6d:32:57:
70:af:f7:2d:e8:87:cd:e5:e6:77:01:18:9f:76:cd:
2a:78:f5:5c:0a:86:00:34:dc:ad:9e:e6:32:90:50:
b4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A1:60:C0:25:83:9F:11:F2:FA:87:55:FC:DD:F9:D7:B2:B3:AC:E5
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/i6FgwCWDnxHy-odV_N3517KzrOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.192.0/18
139.45.192.0/18
185.82.8.0/22
IPv6:
2a02:2d8::/32
Signature Algorithm: sha256WithRSAEncryption
09:7d:1c:9b:3f:ce:a7:ba:a4:d0:21:7f:6e:d2:d6:a1:0f:de:
df:ff:e9:da:25:22:28:97:28:38:80:22:c4:bc:0a:01:f7:fb:
4e:2f:e1:10:81:25:06:44:66:0a:2e:36:b7:e4:98:bb:41:30:
45:48:85:ff:5e:47:4b:a8:83:90:00:7d:3d:56:a5:33:8b:49:
91:e4:73:e4:ea:4e:9d:a9:a4:50:2b:e3:b4:d9:bc:91:30:64:
99:a2:1d:e1:17:f0:13:2d:4b:02:2a:6c:89:a1:fb:29:88:78:
63:27:32:1d:5e:70:95:ea:84:97:52:d1:4e:66:e2:c6:e0:72:
c4:b8:f6:65:d3:33:64:77:a2:cc:72:21:68:37:d0:41:75:9a:
86:de:d9:3b:c6:5b:12:be:18:0d:69:9c:83:5e:06:ee:6d:dc:
fb:f9:05:b1:ee:87:ff:e3:0a:c9:90:ca:06:da:f6:15:90:2c:
f1:32:87:dd:d6:1b:c5:f3:7a:b4:02:33:40:47:4a:cf:94:b2:
78:60:85:e1:d4:7f:88:ac:c2:ce:69:a5:5d:2c:8f:dd:58:24:
b6:62:5a:25:d2:b0:26:4e:49:82:87:ad:97:2f:a0:a2:0b:84:
b4:b0:19:18:2e:5f:0c:ce:41:7f:4a:d4:58:87:2f:06:c6:39:
6b:6d:97:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBFvb/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWJlMDJkZWEwYTA4NmU5ODgwZjU2NGM4Njg3MmJiYzU5N2NjNjcyMB4XDTIyMDEw
MTAwNTQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJhMTYwYzAyNTgz
OWYxMWYyZmE4NzU1ZmNkZGY5ZDdiMmIzYWNlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuOqoFoKdZ6jQJFWb0DxVFcVdKcw2VA6JqcugeZdfw3adU3
JT4Y8A32Eyu47ihfZVYBsswH6MYmeGV+4n3+QtZjVCXevw5mSx2nGMD/sKETX2x9
gUaAmQ4aEKM+IYcnq8Rw7C0VWG84RmEJKboYhOHx6T6Q3pfoOH0MpZHGoDOLLKWE
1suoWsSCjcFWv3FtL7asCWfpzM06Db4Wp2voxn89ExXE2cY+nHfiAXX8OoXZ9a9F
ZVRfxt6Y7XYVjSKw6j9ylcOl/yc7nnAVbDoP+KnA0CT7lvvqbbt4vYSRbTJXcK/3
LeiHzeXmdwEYn3bNKnj1XAqGADTcrZ7mMpBQtFUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSLoWDAJYOfEfL6h1X83fnXsrOs5TAfBgNVHSMEGDAWgBQpvgLeoKCG6YgP
VkyGhyu8WXzGcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tiNEMzcUNnaHVtSUQxWk1ob2NydkZsOHhuSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvZWExY2ZmLWFlOGYtNDcxOS04OWIzLTAwM2ExNTY4YmYzZi8x
L2k2Rmd3Q1dEbnhIeS1vZFZfTjM1MTdLenJPVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
ZWExY2ZmLWFlOGYtNDcxOS04OWIzLTAwM2ExNTY4YmYzZi8xL0tiNEMzcUNnaHVt
SUQxWk1ob2NydkZsOHhuSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBlf1wAMEBostwAMEArlSCDANBAIA
AjAHAwUAKgIC2DANBgkqhkiG9w0BAQsFAAOCAQEACX0cmz/Op7qk0CF/btLWoQ/e
3//p2iUiKJcoOIAixLwKAff7Ti/hEIElBkRmCi42t+SYu0EwRUiF/15HS6iDkAB9
PValM4tJkeRz5OpOnamkUCvjtNm8kTBkmaId4RfwEy1LAipsiaH7KYh4YycyHV5w
leqEl1LRTmbixuByxLj2ZdMzZHeizHIhaDfQQXWaht7ZO8ZbEr4YDWmcg14G7m3c
+/kFse6H/+MKyZDKBtr2FZAs8TKH3dYbxfN6tAIzQEdKz5SyeGCF4dR/iKzCzmml
XSyP3VgktmJaJdKwJk5Jgoetly+goguEtLAZGC5fDM5Bf0rUWIcvBsY5a22Xjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org