Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/juIxoJ5HwEwIv67lfJEpDE7gM_A.roa
File: juIxoJ5HwEwIv67lfJEpDE7gM_A.roa (raw, json)
Hash identifier: U0cYiAhMI9RbH0hek209qwTvOBP8Ogvrq8vprKdYsqk=
Subject key identifier: 8E:E2:31:A0:9E:47:C0:4C:08:BF:AE:E5:7C:91:29:0C:4E:E0:33:F0
Certificate issuer: /CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Certificate serial: 0A4C5EDF
Authority key identifier: C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/juIxoJ5HwEwIv67lfJEpDE7gM_A.roa
Signing time: Sat 01 Jan 2022 05:57:58 +0000
ROA not before: Sat 01 Jan 2022 05:57:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41608
IP address blocks: 195.149.119.0/24 maxlen: 24
195.170.165.0/24 maxlen: 24
195.170.167.0/24 maxlen: 24
195.170.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172777183 (0xa4c5edf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Validity
Not Before: Jan 1 05:57:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ee231a09e47c04c08bfaee57c91290c4ee033f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:86:e9:31:ce:89:6e:44:fb:d3:a4:68:9c:ad:
11:81:86:9f:54:7c:b1:06:77:99:07:76:95:12:db:
97:45:f2:c0:be:a4:9c:2f:37:11:ec:f5:2d:19:21:
da:f2:de:67:2d:b4:de:07:81:f0:83:fb:7f:dc:94:
65:55:26:2c:ae:a9:db:59:ae:f6:f5:81:10:47:04:
6d:98:e6:34:0e:fc:26:ce:6e:85:19:7c:60:4a:74:
f6:63:95:d9:27:ba:34:4f:49:d1:91:27:da:50:3f:
3c:fd:8c:92:e4:40:15:c0:d7:18:3c:1b:e0:45:65:
8e:38:be:ab:4e:46:10:d2:18:9a:d1:0f:7d:82:70:
a5:0c:f4:36:26:bb:ed:dd:01:66:5a:c6:b3:f9:13:
3f:0a:64:af:72:13:a8:12:ed:1a:bb:11:1c:00:87:
1b:a0:94:d5:7f:51:91:2e:92:5a:c1:82:7c:52:d7:
4f:85:2d:c8:3a:2b:cb:e5:3d:65:4a:13:ea:c3:cf:
69:0a:34:0d:3e:11:aa:28:b5:8a:15:49:2b:9f:b6:
07:ac:2e:e4:3d:9d:10:31:8f:ed:26:37:11:c4:5d:
f7:fa:5e:4a:04:54:cb:9c:58:6c:4c:6f:e8:aa:8e:
e7:c3:e4:61:80:d5:8f:62:f6:b9:2f:00:81:98:23:
e1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E2:31:A0:9E:47:C0:4C:08:BF:AE:E5:7C:91:29:0C:4E:E0:33:F0
X509v3 Authority Key Identifier:
keyid:C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/juIxoJ5HwEwIv67lfJEpDE7gM_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/wlWYnVecS16t6FL5f2Lpvyz73jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.119.0/24
195.170.165.0/24
195.170.167.0/24
195.170.172.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:80:bb:06:71:d2:06:24:ce:83:c1:cc:95:b6:c2:82:36:5b:
b3:e9:ea:52:e1:88:a4:23:f6:91:7e:ef:cf:dd:44:cd:75:d9:
07:72:b4:bb:4e:e8:40:25:99:22:90:8e:33:79:a6:d4:b8:7b:
26:7e:1e:a8:65:77:a2:70:f0:81:97:41:3b:8d:cd:1f:e8:0d:
89:58:1e:3c:9a:b4:de:3d:54:98:61:f3:15:39:d8:34:bb:d9:
65:f2:c6:d1:1a:db:0c:04:16:31:c0:d5:f9:b0:ff:59:58:42:
78:68:1d:c3:ef:73:08:0c:6a:e3:fe:12:08:ad:95:e6:9a:c9:
61:36:23:d7:21:86:05:ea:c3:b3:32:ab:e7:34:42:d4:ea:86:
c2:f8:0e:bb:a1:78:3d:b8:90:5e:b1:f1:4c:f6:b7:8f:4b:1a:
93:ad:c3:02:fc:7e:94:91:7d:fa:18:ae:eb:8c:11:d9:99:09:
36:80:bd:dd:77:fd:71:dc:08:6d:72:9e:54:14:41:39:46:c1:
bf:aa:79:5a:04:f2:07:2c:64:f9:d1:32:33:c1:8e:0a:db:2f:
1c:7b:81:30:eb:50:2a:89:d8:17:e9:7c:b7:25:a6:76:62:8f:
ef:94:5f:d6:44:a6:06:31:a3:02:27:cd:2e:22:78:3c:cc:80:
d3:9b:d0:fe
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECkxe3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjU1OTg5ZDU3OWM0YjVlYWRlODUyZjk3ZjYyZTliZjJjZmJkZTNjMB4XDTIyMDEw
MTA1NTc1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVlMjMxYTA5ZTQ3
YzA0YzA4YmZhZWU1N2M5MTI5MGM0ZWUwMzNmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmG6THOiW5E+9OkaJytEYGGn1R8sQZ3mQd2lRLbl0XywL6k
nC83Eez1LRkh2vLeZy203geB8IP7f9yUZVUmLK6p21mu9vWBEEcEbZjmNA78Js5u
hRl8YEp09mOV2Se6NE9J0ZEn2lA/PP2MkuRAFcDXGDwb4EVljji+q05GENIYmtEP
fYJwpQz0Nia77d0BZlrGs/kTPwpkr3ITqBLtGrsRHACHG6CU1X9RkS6SWsGCfFLX
T4UtyDory+U9ZUoT6sPPaQo0DT4Rqii1ihVJK5+2B6wu5D2dEDGP7SY3EcRd9/pe
SgRUy5xYbExv6KqO58PkYYDVj2L2uS8AgZgj4WECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSO4jGgnkfATAi/ruV8kSkMTuAz8DAfBgNVHSMEGDAWgBTCVZidV5xLXq3o
Uvl/Yum/LPvePDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dsV1luVmVjUzE2dDZGTDVmMkxwdnl6NzNqdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvNzIwMzk0LWNmNzEtNDBhMy1hNTM4LWVkMDFlZDdjMTI5Yi8x
L2p1SXhvSjVId0V3SXY2N2xmSkVwREU3Z01fQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
NzIwMzk0LWNmNzEtNDBhMy1hNTM4LWVkMDFlZDdjMTI5Yi8xL3dsV1luVmVjUzE2
dDZGTDVmMkxwdnl6NzNqdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMOVdwMEAMOqpQMEAMOqpwMEAMOq
rDANBgkqhkiG9w0BAQsFAAOCAQEAfYC7BnHSBiTOg8HMlbbCgjZbs+nqUuGIpCP2
kX7vz91EzXXZB3K0u07oQCWZIpCOM3mm1Lh7Jn4eqGV3onDwgZdBO43NH+gNiVge
PJq03j1UmGHzFTnYNLvZZfLG0RrbDAQWMcDV+bD/WVhCeGgdw+9zCAxq4/4SCK2V
5prJYTYj1yGGBerDszKr5zRC1OqGwvgOu6F4PbiQXrHxTPa3j0sak63DAvx+lJF9
+hiu64wR2ZkJNoC93Xf9cdwIbXKeVBRBOUbBv6p5WgTyByxk+dEyM8GOCtsvHHuB
MOtQKonYF+l8tyWmdmKP75Rf1kSmBjGjAifNLiJ4PMyA05vQ/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:11 2024 by rpki-client on console-fra.rpki-client.org