Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/qkrqRLOBcWBs6XjryyccExNI-aY.roa
File: qkrqRLOBcWBs6XjryyccExNI-aY.roa (raw, json)
Hash identifier: b/4T04kXidyX4nRPsqOS1v8sh/vwJjvtgpI7mRJ088A=
Subject key identifier: AA:4A:EA:44:B3:81:71:60:6C:E9:78:EB:CB:27:1C:13:13:48:F9:A6
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 1ABF43A9
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/qkrqRLOBcWBs6XjryyccExNI-aY.roa
Signing time: Sat 01 Jan 2022 00:54:15 +0000
ROA not before: Sat 01 Jan 2022 00:54:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 188.209.116.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448742313 (0x1abf43a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 00:54:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa4aea44b38171606ce978ebcb271c131348f9a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:bb:8b:5b:15:61:45:97:dd:61:d2:ec:b2:
6d:b5:57:a5:3a:8c:82:f0:fc:3f:cd:10:d4:bb:10:
be:25:35:40:05:b7:62:49:83:21:ca:92:a0:66:f6:
d7:6b:98:50:8c:83:db:9d:fc:77:04:6e:2e:69:fa:
26:8d:84:1f:79:8c:c4:30:23:13:c3:d2:24:04:a8:
c1:b5:3c:30:8b:71:b3:30:8d:e2:c4:48:fa:dc:e0:
cd:8d:c1:7e:1b:46:0c:34:c1:9e:84:b6:f0:b5:39:
a1:13:2f:d9:95:a5:da:c1:8a:c2:89:2a:34:16:99:
7a:33:0c:07:b8:71:80:6b:2b:14:0c:69:fa:3f:bf:
85:74:a9:9d:72:87:c1:e2:bf:c5:2e:73:85:a0:f5:
5a:5d:79:d9:54:80:36:b7:be:1e:48:e7:4b:65:4e:
9d:44:80:8f:98:b2:be:7a:fa:eb:1a:d4:fb:65:b4:
c2:12:33:db:4c:e7:14:31:83:67:53:e6:e1:97:0a:
02:7c:30:6f:5a:63:12:a9:97:de:36:ac:0e:dc:ed:
f6:a8:05:05:f1:af:35:29:f3:a9:26:2c:7d:a2:23:
6d:51:8a:66:5e:fd:f6:36:f9:44:65:99:45:e0:c6:
83:38:f3:bc:90:fb:4f:7d:1b:1c:2a:e6:af:5e:13:
a2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4A:EA:44:B3:81:71:60:6C:E9:78:EB:CB:27:1C:13:13:48:F9:A6
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/qkrqRLOBcWBs6XjryyccExNI-aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.116.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:dc:f4:84:a7:d5:12:05:11:81:62:51:c6:39:56:39:33:49:
6a:f0:ac:75:22:7d:cd:a2:79:23:24:91:7b:e5:6d:ad:f7:02:
dd:45:df:78:07:af:df:da:b4:b0:8c:6e:74:97:1d:72:57:23:
5e:f8:06:16:ac:57:c0:b9:32:50:3e:5f:8f:ce:2c:73:c9:7e:
4e:e1:50:f7:9f:c6:f3:a6:c3:1c:14:6f:da:60:e0:ae:60:bb:
6b:54:eb:69:89:55:5c:9f:eb:0f:f2:69:7f:db:da:97:0c:04:
f7:90:d4:4b:e9:16:64:b9:6e:94:66:1f:d9:d9:9a:2f:d0:0d:
4a:b5:19:5d:2e:9c:85:19:f1:ce:54:d8:1c:b6:d2:ca:5f:9f:
e4:32:7d:e7:3d:20:2c:fa:9d:09:5d:4c:bc:a0:76:39:b1:d0:
75:a4:e8:bf:d8:9b:c5:28:3b:5e:a8:79:fa:e5:43:19:4a:ab:
22:d4:04:63:a3:f9:8c:8c:f1:f7:cf:4e:38:32:e2:1f:8d:1d:
36:d4:2d:af:71:54:0f:48:6f:da:01:fb:c3:82:11:f4:26:31:
aa:44:ae:cf:99:28:d9:98:04:db:40:8c:9e:72:8b:41:7f:ac:
0f:6d:e6:db:8a:25:41:7d:bd:cb:76:c6:57:9a:28:c1:35:30:
8e:9f:35:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGr9DqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGRiMzhiMzQzZGEyZDExOTMwOWVkYWExOWM3YTc4ODcwMzI3ZWJlMB4XDTIyMDEw
MTAwNTQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE0YWVhNDRiMzgx
NzE2MDZjZTk3OGViY2IyNzFjMTMxMzQ4ZjlhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsJu4tbFWFFl91h0uyybbVXpTqMgvD8P80Q1LsQviU1QAW3
YkmDIcqSoGb212uYUIyD2538dwRuLmn6Jo2EH3mMxDAjE8PSJASowbU8MItxszCN
4sRI+tzgzY3BfhtGDDTBnoS28LU5oRMv2ZWl2sGKwokqNBaZejMMB7hxgGsrFAxp
+j+/hXSpnXKHweK/xS5zhaD1Wl152VSANre+HkjnS2VOnUSAj5iyvnr66xrU+2W0
whIz20znFDGDZ1Pm4ZcKAnwwb1pjEqmX3jasDtzt9qgFBfGvNSnzqSYsfaIjbVGK
Zl799jb5RGWZReDGgzjzvJD7T30bHCrmr14ToqUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqSupEs4FxYGzpeOvLJxwTE0j5pjAfBgNVHSMEGDAWgBRt2zizQ9otEZMJ
7aoZx6eIcDJ+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JkczRzMFBhTFJHVENlMnFHY2VuaUhBeWZyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvYzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8x
L3FrcnFSTE9CY1dCczZYanJ5eWNjRXhOSS1hWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
Yzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8xL2JkczRzMFBhTFJH
VENlMnFHY2VuaUhBeWZyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArzRdDANBgkqhkiG9w0BAQsFAAOC
AQEAftz0hKfVEgURgWJRxjlWOTNJavCsdSJ9zaJ5IySRe+VtrfcC3UXfeAev39q0
sIxudJcdclcjXvgGFqxXwLkyUD5fj84sc8l+TuFQ95/G86bDHBRv2mDgrmC7a1Tr
aYlVXJ/rD/Jpf9valwwE95DUS+kWZLlulGYf2dmaL9ANSrUZXS6chRnxzlTYHLbS
yl+f5DJ95z0gLPqdCV1MvKB2ObHQdaTov9ibxSg7Xqh5+uVDGUqrItQEY6P5jIzx
989OODLiH40dNtQtr3FUD0hv2gH7w4IR9CYxqkSuz5ko2ZgE20CMnnKLQX+sD23m
24olQX29y3bGV5oowTUwjp81CQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:10 2023 by rpki-client on console-ams.rpki-client.org