Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/qwKWsW328xDG4W32hOgTPEkscRY.roa
File: qwKWsW328xDG4W32hOgTPEkscRY.roa (raw, json)
Hash identifier: xqDaJhvrxwCq9tQzCGjOaJtsbwnRgpxx9nL0gqjlUOk=
Subject key identifier: AB:02:96:B1:6D:F6:F3:10:C6:E1:6D:F6:84:E8:13:3C:49:2C:71:16
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 049C2C63
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/qwKWsW328xDG4W32hOgTPEkscRY.roa
Signing time: Thu 03 Feb 2022 17:15:21 +0000
ROA not before: Thu 03 Feb 2022 17:15:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210212
IP address blocks: 85.187.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77343843 (0x49c2c63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Feb 3 17:15:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab0296b16df6f310c6e16df684e8133c492c7116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:06:ff:b8:bb:df:9c:87:01:c1:ce:3c:b4:18:
92:58:de:ec:1a:04:1f:78:86:66:45:0d:47:12:1d:
d3:b1:6d:a6:bd:b5:21:9d:78:9e:5e:c1:5a:22:eb:
13:4d:e2:39:d6:13:ed:12:aa:64:76:09:85:f4:3d:
1f:c6:9d:a6:b3:7f:85:7c:d7:d3:ee:5c:93:04:8a:
33:8c:a6:a7:51:e7:b8:6e:a2:e4:ef:18:3d:66:11:
cf:82:5f:39:66:77:4b:70:8a:09:38:7d:82:bc:fc:
1b:58:79:a2:1c:89:ce:cb:a7:ee:30:32:b7:1b:55:
04:93:e3:91:71:e7:c0:71:f6:61:bd:98:0c:b7:4d:
02:49:74:36:ad:38:75:a6:74:b9:d7:e0:b7:69:a0:
03:6e:f5:b1:01:7b:4d:90:e6:89:fc:7f:94:23:d4:
21:ac:b0:92:c8:c1:35:e9:02:e7:e2:81:ce:9e:f7:
bc:0d:c6:37:83:cd:50:19:c4:96:89:1e:19:eb:fc:
ab:ff:c0:b3:5c:eb:35:dd:41:46:70:2c:ba:b4:19:
2b:22:90:27:a1:a5:15:da:7a:6f:97:e0:36:50:40:
a1:d3:a7:0a:4c:fd:f2:78:d5:cf:16:4a:13:61:79:
fa:d0:64:57:d3:be:e7:26:ba:2a:0b:85:c7:6d:d7:
ae:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:02:96:B1:6D:F6:F3:10:C6:E1:6D:F6:84:E8:13:3C:49:2C:71:16
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/qwKWsW328xDG4W32hOgTPEkscRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.214.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b0:de:6a:68:9a:cb:36:19:02:2d:aa:e3:a5:e4:81:f3:aa:
e4:e3:da:5c:0c:be:3d:31:4f:58:51:48:69:26:f0:a3:80:23:
e2:3e:c6:cd:7d:fc:f6:c6:e6:08:eb:5d:96:0b:d4:b0:11:07:
55:aa:31:97:c1:87:df:e0:a5:9e:7a:4e:91:2d:56:2c:bd:2d:
c0:5f:46:b1:4c:76:12:7c:77:c1:ac:57:1e:a6:54:d9:fb:b6:
f5:b5:dd:43:25:71:db:0c:a6:f1:ab:0d:1f:9f:cb:3e:b6:d6:
97:ec:ad:8a:13:b1:66:e8:46:7e:f7:74:6b:f5:13:50:de:80:
11:15:80:97:06:65:04:08:66:53:fd:9f:e1:b8:60:c6:55:0b:
3c:f5:48:9c:91:ac:0d:0a:bf:0e:44:3a:b4:57:ee:24:a4:c2:
ab:2f:40:c0:62:c8:63:59:65:83:b3:d4:13:a0:ee:04:b3:b4:
9e:7e:5f:d5:24:bd:35:a5:80:79:0e:c3:82:42:a6:92:4f:83:
75:ab:ef:0d:44:1b:f1:ae:55:81:0e:6b:3b:47:de:7c:fb:ed:
13:a1:b0:18:03:ff:fe:fb:e1:b4:60:33:95:b0:bb:e9:1a:12:
8c:f9:51:d0:bc:f7:87:92:10:8c:58:f6:dc:b2:8c:7d:2d:a7:
32:a7:c1:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBJwsYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDdiNGJjYWJlYjI5NjA1ZWE1MTFkZTk3M2U0Njc1YzRiOGEyOWRmMB4XDTIyMDIw
MzE3MTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWIwMjk2YjE2ZGY2
ZjMxMGM2ZTE2ZGY2ODRlODEzM2M0OTJjNzExNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0G/7i735yHAcHOPLQYklje7BoEH3iGZkUNRxId07Ftpr21
IZ14nl7BWiLrE03iOdYT7RKqZHYJhfQ9H8adprN/hXzX0+5ckwSKM4ymp1HnuG6i
5O8YPWYRz4JfOWZ3S3CKCTh9grz8G1h5ohyJzsun7jAytxtVBJPjkXHnwHH2Yb2Y
DLdNAkl0Nq04daZ0udfgt2mgA271sQF7TZDmifx/lCPUIaywksjBNekC5+KBzp73
vA3GN4PNUBnElokeGev8q//As1zrNd1BRnAsurQZKyKQJ6GlFdp6b5fgNlBAodOn
Ckz98njVzxZKE2F5+tBkV9O+5ya6KguFx23Xrp8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrApaxbfbzEMbhbfaE6BM8SSxxFjAfBgNVHSMEGDAWgBR9e0vKvrKWBepR
Helz5GdcS4op3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZYdEx5cjZ5bGdYcVVSM3BjLVJuWEV1S0tkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0NC8x
L3F3S1dzVzMyOHhERzRXMzJoT2dUUEVrc2NSWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
ODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0NC8xL2ZYdEx5cjZ5bGdY
cVVSM3BjLVJuWEV1S0tkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFW71jANBgkqhkiG9w0BAQsFAAOC
AQEAHrDeamiayzYZAi2q46XkgfOq5OPaXAy+PTFPWFFIaSbwo4Aj4j7GzX389sbm
COtdlgvUsBEHVaoxl8GH3+ClnnpOkS1WLL0twF9GsUx2Enx3waxXHqZU2fu29bXd
QyVx2wym8asNH5/LPrbWl+ytihOxZuhGfvd0a/UTUN6AERWAlwZlBAhmU/2f4bhg
xlULPPVInJGsDQq/DkQ6tFfuJKTCqy9AwGLIY1llg7PUE6DuBLO0nn5f1SS9NaWA
eQ7DgkKmkk+DdavvDUQb8a5VgQ5rO0fefPvtE6GwGAP//vvhtGAzlbC76RoSjPlR
0Lz3h5IQjFj23LKMfS2nMqfBqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org