Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/poZSlPdec4wb6hqPnok2ugIWk6k.roa
File: poZSlPdec4wb6hqPnok2ugIWk6k.roa (raw, json)
Hash identifier: caQSlaSyE0jXDIuTYQAqSLTdEZXFXstvMhQTPPAsy90=
Subject key identifier: A6:86:52:94:F7:5E:73:8C:1B:EA:1A:8F:9E:89:36:BA:02:16:93:A9
Certificate issuer: /CN=1ae9db29aa9308e1751b03d0d6999bb868805886
Certificate serial: 0DF8DC64
Authority key identifier: 1A:E9:DB:29:AA:93:08:E1:75:1B:03:D0:D6:99:9B:B8:68:80:58:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/poZSlPdec4wb6hqPnok2ugIWk6k.roa
Signing time: Thu 17 Feb 2022 13:41:09 +0000
ROA not before: Thu 17 Feb 2022 13:41:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209653
IP address blocks: 87.121.16.0/23 maxlen: 24
87.120.160.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234413156 (0xdf8dc64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ae9db29aa9308e1751b03d0d6999bb868805886
Validity
Not Before: Feb 17 13:41:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6865294f75e738c1bea1a8f9e8936ba021693a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:85:42:89:70:86:74:15:21:4a:02:b8:3a:d0:
e0:7b:1b:52:32:3b:b2:9a:b5:fb:1c:6d:a9:d0:59:
d2:ae:d1:de:49:4e:6b:06:00:9e:8d:05:7f:87:ff:
58:69:b5:9d:d7:df:a5:38:31:59:9d:10:67:ed:7f:
de:dc:78:14:df:6b:a9:e3:dc:48:93:6d:43:4d:04:
b4:34:b3:93:bc:ae:2d:20:73:f5:08:52:45:46:e7:
53:81:25:01:35:22:5f:b8:16:76:2f:17:28:90:0f:
39:27:9a:f0:da:77:1d:8d:f6:76:b9:9c:25:c7:c5:
00:7f:e4:ca:13:6e:4d:c8:23:78:32:9b:bc:09:85:
1a:75:8a:f7:29:55:38:1f:54:a1:c1:7f:26:df:23:
94:7e:a5:b5:45:26:13:90:03:7f:d3:0c:42:59:96:
1e:6b:7d:a4:6d:a0:c0:e9:ec:ef:a2:73:44:be:8a:
e0:da:0a:58:2e:f2:c0:82:c2:cc:58:97:29:2c:8c:
4a:1e:2f:4e:ca:76:8a:64:9c:cb:56:ef:a2:b4:27:
f0:16:8d:ab:93:c5:8b:34:6d:0b:f1:a4:d6:a1:27:
37:2d:a2:f4:a6:cb:06:c7:3d:c4:f8:fa:ff:e8:fe:
86:fd:4f:a2:50:fe:19:ba:dc:63:74:94:4d:b6:4b:
48:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:86:52:94:F7:5E:73:8C:1B:EA:1A:8F:9E:89:36:BA:02:16:93:A9
X509v3 Authority Key Identifier:
keyid:1A:E9:DB:29:AA:93:08:E1:75:1B:03:D0:D6:99:9B:B8:68:80:58:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/poZSlPdec4wb6hqPnok2ugIWk6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/GunbKaqTCOF1GwPQ1pmbuGiAWIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.160.0/23
87.121.16.0/23
Signature Algorithm: sha256WithRSAEncryption
d3:a5:08:cb:cc:72:4b:04:3e:41:cc:dd:27:d2:e5:fd:ef:18:
aa:dc:b6:4d:0c:0a:c9:ed:b0:d8:94:61:14:26:4b:b3:f6:e4:
e0:81:32:b9:51:ad:9a:d4:2f:e8:83:b1:ac:3c:5d:fa:8f:62:
02:2f:53:be:39:b0:b8:c9:b2:63:a6:86:24:eb:e9:5a:09:77:
63:ca:8d:e9:3a:3e:3f:69:d4:6f:72:63:70:95:2d:18:41:dd:
8d:05:91:16:65:23:d4:48:b0:63:ee:81:a3:44:79:88:13:cd:
84:ce:55:c2:b7:16:85:b4:a6:32:2a:8a:af:21:9e:12:32:16:
29:a2:a7:05:64:5f:d1:52:55:01:79:67:48:98:71:76:ea:bf:
23:83:f6:f9:a0:14:1e:02:2c:c8:f3:80:2f:29:ba:5e:19:7d:
7a:7d:87:aa:18:5c:ee:b3:9e:8e:58:d1:0c:56:84:36:b9:b1:
81:8f:2c:ff:8f:3d:58:29:89:40:59:95:ce:80:67:a1:34:51:
e2:6d:ef:e7:09:61:8f:11:7b:7e:e8:d9:1a:c8:9e:08:0d:6a:
4c:a1:2e:7d:53:56:4e:d3:6e:6a:51:c7:c4:ce:fa:97:38:ec:
0e:0a:92:ab:d3:2c:9a:50:f4:04:f3:25:04:f1:43:91:8d:8c:
19:9d:88:2a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDfjcZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWU5ZGIyOWFhOTMwOGUxNzUxYjAzZDBkNjk5OWJiODY4ODA1ODg2MB4XDTIyMDIx
NzEzNDEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY4NjUyOTRmNzVl
NzM4YzFiZWExYThmOWU4OTM2YmEwMjE2OTNhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2FQolwhnQVIUoCuDrQ4HsbUjI7spq1+xxtqdBZ0q7R3klO
awYAno0Ff4f/WGm1ndffpTgxWZ0QZ+1/3tx4FN9rqePcSJNtQ00EtDSzk7yuLSBz
9QhSRUbnU4ElATUiX7gWdi8XKJAPOSea8Np3HY32drmcJcfFAH/kyhNuTcgjeDKb
vAmFGnWK9ylVOB9UocF/Jt8jlH6ltUUmE5ADf9MMQlmWHmt9pG2gwOns76JzRL6K
4NoKWC7ywILCzFiXKSyMSh4vTsp2imScy1bvorQn8BaNq5PFizRtC/Gk1qEnNy2i
9KbLBsc9xPj6/+j+hv1PolD+GbrcY3SUTbZLSJcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSmhlKU915zjBvqGo+eiTa6AhaTqTAfBgNVHSMEGDAWgBQa6dspqpMI4XUb
A9DWmZu4aIBYhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d1bmJLYXFUQ09GMUd3UFExcG1idUdpQVdJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvZWI3ODM1LWQzNjQtNGUyOC05YTgyLWVkOTIzMWZiYWVkMS8x
L3BvWlNsUGRlYzR3YjZocVBub2sydWdJV2s2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
ZWI3ODM1LWQzNjQtNGUyOC05YTgyLWVkOTIzMWZiYWVkMS8xL0d1bmJLYXFUQ09G
MUd3UFExcG1idUdpQVdJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVd4oAMEAVd5EDANBgkqhkiG9w0B
AQsFAAOCAQEA06UIy8xySwQ+QczdJ9Ll/e8Yqty2TQwKye2w2JRhFCZLs/bk4IEy
uVGtmtQv6IOxrDxd+o9iAi9TvjmwuMmyY6aGJOvpWgl3Y8qN6To+P2nUb3JjcJUt
GEHdjQWRFmUj1EiwY+6Bo0R5iBPNhM5VwrcWhbSmMiqKryGeEjIWKaKnBWRf0VJV
AXlnSJhxduq/I4P2+aAUHgIsyPOALym6Xhl9en2Hqhhc7rOejljRDFaENrmxgY8s
/489WCmJQFmVzoBnoTRR4m3v5wlhjxF7fujZGsieCA1qTKEufVNWTtNualHHxM76
lzjsDgqSq9MsmlD0BPMlBPFDkY2MGZ2IKg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:11 2025 by rpki-client