Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/t9WwQey4SEY3VI2C25DK0lqVCyo.roa
File: t9WwQey4SEY3VI2C25DK0lqVCyo.roa (raw, json)
Hash identifier: s/AVB3Tik3WZ1qoTDs8OzJH/1EVDT/u38vVqEzaIlmM=
Subject key identifier: B7:D5:B0:41:EC:B8:48:46:37:54:8D:82:DB:90:CA:D2:5A:95:0B:2A
Certificate issuer: /CN=f6f18c02405742c25377d696cd2a69dcc974bff8
Certificate serial: 0188D30955B21C346D31DEDF3D6F83AEC135
Authority key identifier: F6:F1:8C:02:40:57:42:C2:53:77:D6:96:CD:2A:69:DC:C9:74:BF:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/t9WwQey4SEY3VI2C25DK0lqVCyo.roa
Signing time: Mon 19 Jun 2023 09:43:04 +0000
ROA not before: Mon 19 Jun 2023 09:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48919
IP address blocks: 95.215.92.0/22 maxlen: 22
31.128.160.0/20 maxlen: 20
31.128.160.0/19 maxlen: 19
2001:67c:19ac::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:09:55:b2:1c:34:6d:31:de:df:3d:6f:83:ae:c1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6f18c02405742c25377d696cd2a69dcc974bff8
Validity
Not Before: Jun 19 09:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7d5b041ecb8484637548d82db90cad25a950b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ef:22:a7:14:dd:d9:e5:4e:66:10:2d:33:cb:
3e:8a:c6:db:f1:e2:41:a9:84:b6:17:7b:9e:56:fa:
5e:dc:ca:ab:66:67:71:6e:4d:c2:e0:bc:2a:73:c3:
2d:e9:93:c8:1f:16:c3:97:28:af:c0:c4:1d:fa:de:
48:fa:d5:64:98:72:ad:83:d2:99:ac:fe:91:f6:e4:
6f:69:76:a7:2c:0d:ad:06:9b:e0:b3:a0:72:0e:4e:
38:88:3b:2c:f8:ab:6c:63:15:3e:ed:9a:96:c2:87:
f9:fa:2b:a0:d7:2a:a2:bd:32:8d:62:71:43:5f:69:
20:06:ff:d8:b2:32:e9:46:17:a3:c2:71:f8:e2:c6:
b5:f3:4d:8d:12:6c:9d:bf:3d:76:87:5c:1b:4b:da:
1c:1e:71:e9:6e:c8:81:79:32:95:0a:52:cd:5c:f9:
de:18:5d:8f:c8:0c:b3:c8:18:42:77:df:68:ff:a4:
29:9c:ec:3b:d8:f1:f3:3f:9d:4b:0b:87:7e:39:26:
4b:06:c7:70:cf:16:fc:5d:52:c3:10:f2:66:1b:d4:
88:b7:9f:10:cb:69:5d:48:3a:b3:87:c4:9d:69:02:
24:51:ae:7f:5e:57:cc:43:0e:e7:7b:64:84:33:15:
7e:a0:10:2c:b8:b7:69:7a:20:65:38:fd:f8:4a:ad:
66:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D5:B0:41:EC:B8:48:46:37:54:8D:82:DB:90:CA:D2:5A:95:0B:2A
X509v3 Authority Key Identifier:
keyid:F6:F1:8C:02:40:57:42:C2:53:77:D6:96:CD:2A:69:DC:C9:74:BF:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/t9WwQey4SEY3VI2C25DK0lqVCyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.160.0/19
95.215.92.0/22
IPv6:
2001:67c:19ac::/48
Signature Algorithm: sha256WithRSAEncryption
41:b0:91:a1:70:05:4a:76:ce:93:01:55:20:ae:4b:5a:e6:4f:
1e:63:64:d0:06:73:4e:6f:f8:fb:cc:1e:f6:5a:91:02:db:08:
62:81:f1:5a:07:ce:2b:43:4e:62:19:16:e3:eb:cc:e0:b0:90:
5a:85:7a:cb:13:66:a9:c8:5e:08:f3:d7:fd:e5:c5:a1:77:10:
ec:5b:cf:d9:65:d2:c5:ff:13:75:ba:ec:d7:66:e5:67:2b:c5:
9e:7f:5b:7c:d4:7e:eb:35:9c:f9:fd:ea:bd:b8:23:d5:68:80:
7f:3b:fc:9b:0e:af:04:fb:91:10:c9:08:a8:ca:b7:63:52:3c:
11:49:f5:72:71:56:e1:9f:a7:95:c7:e0:b8:50:68:aa:bc:e8:
f7:03:4a:a2:61:8e:e8:70:c1:2f:cf:9f:42:e9:5e:07:54:72:
28:ed:c6:25:8a:52:f6:c0:93:54:62:1e:a9:0f:d1:5c:8f:28:
4a:6d:c1:df:85:52:00:d9:79:52:7e:76:d9:ea:9a:c6:34:0d:
5c:d3:7c:24:3c:2e:4f:62:82:4d:99:cd:1f:06:a4:0b:75:2f:
b3:b4:00:5e:65:3e:83:ea:f3:20:28:cf:43:ca:01:bd:ee:49:
1c:13:20:7b:51:58:19:0f:c5:f5:d7:45:09:d6:15:13:30:4b:
d6:2f:ee:05
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYjTCVWyHDRtMd7fPW+DrsE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2ZjE4YzAyNDA1NzQyYzI1Mzc3ZDY5NmNkMmE2OWRjYzk3
NGJmZjgwHhcNMjMwNjE5MDk0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Q1YjA0MWVjYjg0ODQ2Mzc1NDhkODJkYjkwY2FkMjVhOTUwYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO8ipxTd2eVOZhAtM8s+isbb8eJB
qYS2F3ueVvpe3MqrZmdxbk3C4Lwqc8Mt6ZPIHxbDlyivwMQd+t5I+tVkmHKtg9KZ
rP6R9uRvaXanLA2tBpvgs6ByDk44iDss+KtsYxU+7ZqWwof5+iug1yqivTKNYnFD
X2kgBv/YsjLpRhejwnH44sa1802NEmydvz12h1wbS9ocHnHpbsiBeTKVClLNXPne
GF2PyAyzyBhCd99o/6QpnOw72PHzP51LC4d+OSZLBsdwzxb8XVLDEPJmG9SIt58Q
y2ldSDqzh8SdaQIkUa5/XlfMQw7ne2SEMxV+oBAsuLdpeiBlOP34Sq1mwQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLfVsEHsuEhGN1SNgtuQytJalQsqMB8GA1UdIwQY
MBaAFPbxjAJAV0LCU3fWls0qadzJdL/4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXZHTUFrQlhRc0pUZDlhV3pTcHAzTWwwdl9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kZjA1ZTEtNjg2Mi00ZWQ0LTg3NmQt
MTUwYjVkYjRmNTZiLzEvdDlXd1FleTRTRVkzVkkyQzI1REswbHFWQ3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kZjA1ZTEtNjg2Mi00ZWQ0LTg3NmQtMTUwYjVkYjRmNTZi
LzEvOXZHTUFrQlhRc0pUZDlhV3pTcHAzTWwwdl9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQFH4CgAwQC
X9dcMA8EAgACMAkDBwAgAQZ8GawwDQYJKoZIhvcNAQELBQADggEBAEGwkaFwBUp2
zpMBVSCuS1rmTx5jZNAGc05v+PvMHvZakQLbCGKB8VoHzitDTmIZFuPrzOCwkFqF
essTZqnIXgjz1/3lxaF3EOxbz9ll0sX/E3W67Ndm5WcrxZ5/W3zUfus1nPn96r24
I9VogH87/JsOrwT7kRDJCKjKt2NSPBFJ9XJxVuGfp5XH4LhQaKq86PcDSqJhjuhw
wS/Pn0LpXgdUcijtxiWKUvbAk1RiHqkP0VyPKEptwd+FUgDZeVJ+dtnqmsY0DVzT
fCQ8Lk9igk2ZzR8GpAt1L7O0AF5lPoPq8yAoz0PKAb3uSRwTIHtRWBkPxfXXRQnW
FRMwS9Yv7gU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:00 2024 by rpki-client on console-ams.rpki-client.org