Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/13qPhnx3Dmdg3PXuRQ1pNnW3V8o.roa
File: 13qPhnx3Dmdg3PXuRQ1pNnW3V8o.roa (raw, json)
Hash identifier: Btt1QPzzU33mA1cZGT+6AICC2bKEuBdO0HmWsAK1SmQ=
Subject key identifier: D7:7A:8F:86:7C:77:0E:67:60:DC:F5:EE:45:0D:69:36:75:B7:57:CA
Certificate issuer: /CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Certificate serial: 0A4C080C
Authority key identifier: C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/13qPhnx3Dmdg3PXuRQ1pNnW3V8o.roa
Signing time: Sat 01 Jan 2022 05:57:57 +0000
ROA not before: Sat 01 Jan 2022 05:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34420
IP address blocks: 195.149.119.0/24 maxlen: 24
195.170.165.0/24 maxlen: 24
195.170.167.0/24 maxlen: 24
195.170.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172754956 (0xa4c080c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Validity
Not Before: Jan 1 05:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d77a8f867c770e6760dcf5ee450d693675b757ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:01:f4:1d:3a:39:02:e8:38:03:9c:9b:e7:40:
ec:0d:ab:70:2c:c8:72:6f:a7:81:16:a1:21:50:99:
cf:70:f7:b9:f5:e1:aa:cd:2e:03:b9:33:42:d7:83:
c2:65:15:a0:c5:ca:92:9c:ab:85:b6:a1:63:be:bc:
b2:4a:78:23:ae:f2:8e:a9:8c:68:48:87:0f:44:6b:
32:be:21:66:70:b7:5d:f4:42:e2:bf:4e:f6:5e:64:
5d:f9:a2:16:33:44:e9:5e:e7:a3:36:ff:8f:b0:c8:
7a:75:d1:0f:c8:d7:5a:d2:e8:ff:90:60:76:ea:6f:
9b:98:12:9c:c2:79:97:57:25:b2:c6:69:f5:fd:24:
86:5a:5f:18:96:25:21:78:a4:48:ad:47:fd:41:0c:
7c:45:fa:5f:c1:b4:9c:99:d3:05:7e:89:1c:2c:a1:
91:45:64:29:54:7d:7f:3c:6b:84:cc:9e:8e:6e:5b:
11:24:c8:ee:dd:96:73:9b:69:f3:36:56:6f:9f:0a:
53:08:fd:0d:6a:6a:3b:2b:24:f6:5b:ac:66:fc:6b:
08:b8:8a:17:02:85:80:61:ea:11:6f:3a:a0:28:f3:
7d:e2:c2:07:5e:9e:25:2f:ad:55:49:71:88:ed:dd:
35:4a:f3:b6:0e:a6:66:29:b5:c7:57:80:7b:cd:f8:
d2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:7A:8F:86:7C:77:0E:67:60:DC:F5:EE:45:0D:69:36:75:B7:57:CA
X509v3 Authority Key Identifier:
keyid:C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/13qPhnx3Dmdg3PXuRQ1pNnW3V8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/wlWYnVecS16t6FL5f2Lpvyz73jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.119.0/24
195.170.165.0/24
195.170.167.0/24
195.170.172.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:05:69:b0:7d:7a:a1:11:b1:ad:31:3b:9b:c5:b7:ba:ef:86:
69:82:b9:c1:8f:b3:7e:c2:fa:7f:12:95:5c:cf:f2:f7:e6:d6:
27:71:bb:b5:af:07:3a:05:7f:d0:ff:1a:8d:b2:fd:f3:af:3e:
a1:9e:e0:11:62:58:51:b4:84:d3:ca:e6:9a:af:3d:3b:3e:4b:
48:e1:fa:85:9b:00:ab:ba:b1:51:07:64:d5:52:e5:3f:ee:44:
c3:d6:57:32:e2:06:c1:d8:c8:75:83:b9:29:6b:a3:cb:83:99:
a7:e3:8b:74:24:bc:2e:3a:92:28:b6:97:4e:2f:d8:6a:6e:35:
24:f6:4d:26:a6:1c:3f:d2:f2:c3:96:15:68:6c:94:f0:db:35:
8c:15:9b:60:87:c7:17:83:b6:b4:c5:9e:00:78:aa:b7:e6:6c:
7a:f6:3a:2d:35:c2:5f:0d:1e:fd:90:18:5c:57:6f:5a:57:7c:
6e:31:f0:b2:60:c5:c2:36:82:83:e3:72:b3:8e:6d:ef:a0:ac:
f6:ee:99:12:30:da:ab:ee:71:83:24:70:19:ff:86:b0:6f:c9:
58:20:01:33:83:54:38:07:38:d3:f3:fd:2f:7b:3e:da:1f:de:
65:02:a6:59:08:87:da:04:10:ca:1b:a8:6a:8d:35:bd:7e:ff:
0c:d7:46:1f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECkwIDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjU1OTg5ZDU3OWM0YjVlYWRlODUyZjk3ZjYyZTliZjJjZmJkZTNjMB4XDTIyMDEw
MTA1NTc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc3YThmODY3Yzc3
MGU2NzYwZGNmNWVlNDUwZDY5MzY3NWI3NTdjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAB9B06OQLoOAOcm+dA7A2rcCzIcm+ngRahIVCZz3D3ufXh
qs0uA7kzQteDwmUVoMXKkpyrhbahY768skp4I67yjqmMaEiHD0RrMr4hZnC3XfRC
4r9O9l5kXfmiFjNE6V7nozb/j7DIenXRD8jXWtLo/5Bgdupvm5gSnMJ5l1clssZp
9f0khlpfGJYlIXikSK1H/UEMfEX6X8G0nJnTBX6JHCyhkUVkKVR9fzxrhMyejm5b
ESTI7t2Wc5tp8zZWb58KUwj9DWpqOysk9lusZvxrCLiKFwKFgGHqEW86oCjzfeLC
B16eJS+tVUlxiO3dNUrztg6mZim1x1eAe8340lECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTXeo+GfHcOZ2Dc9e5FDWk2dbdXyjAfBgNVHSMEGDAWgBTCVZidV5xLXq3o
Uvl/Yum/LPvePDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dsV1luVmVjUzE2dDZGTDVmMkxwdnl6NzNqdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvNzIwMzk0LWNmNzEtNDBhMy1hNTM4LWVkMDFlZDdjMTI5Yi8x
LzEzcVBobngzRG1kZzNQWHVSUTFwTm5XM1Y4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
NzIwMzk0LWNmNzEtNDBhMy1hNTM4LWVkMDFlZDdjMTI5Yi8xL3dsV1luVmVjUzE2
dDZGTDVmMkxwdnl6NzNqdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMOVdwMEAMOqpQMEAMOqpwMEAMOq
rDANBgkqhkiG9w0BAQsFAAOCAQEAsgVpsH16oRGxrTE7m8W3uu+GaYK5wY+zfsL6
fxKVXM/y9+bWJ3G7ta8HOgV/0P8ajbL9868+oZ7gEWJYUbSE08rmmq89Oz5LSOH6
hZsAq7qxUQdk1VLlP+5Ew9ZXMuIGwdjIdYO5KWujy4OZp+OLdCS8LjqSKLaXTi/Y
am41JPZNJqYcP9Lyw5YVaGyU8Ns1jBWbYIfHF4O2tMWeAHiqt+ZsevY6LTXCXw0e
/ZAYXFdvWld8bjHwsmDFwjaCg+Nys45t76Cs9u6ZEjDaq+5xgyRwGf+GsG/JWCAB
M4NUOAc40/P9L3s+2h/eZQKmWQiH2gQQyhuoao01vX7/DNdGHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:11 2024 by rpki-client on console-fra.rpki-client.org