Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/PeNl4-aPsQ75lDK7MqcxMy1HgFo.roa
File: PeNl4-aPsQ75lDK7MqcxMy1HgFo.roa (raw, json)
Hash identifier: 4eeiSMytTQ24DeDpYDWRy/zXYlmb+/7xwKvr550TkM4=
Subject key identifier: 3D:E3:65:E3:E6:8F:B1:0E:F9:94:32:BB:32:A7:31:33:2D:47:80:5A
Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4
Certificate serial: 01857015111F45A576466B0BBF4645D345EE
Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/PeNl4-aPsQ75lDK7MqcxMy1HgFo.roa
Signing time: Mon 02 Jan 2023 01:25:06 +0000
ROA not before: Mon 02 Jan 2023 01:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58024
IP address blocks: 84.54.44.0/22 maxlen: 22
84.54.47.0/24 maxlen: 24
84.54.45.0/24 maxlen: 24
194.31.132.0/22 maxlen: 22
77.105.166.0/23 maxlen: 23
176.113.112.0/24 maxlen: 24
176.113.112.0/23 maxlen: 23
176.113.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:11:1f:45:a5:76:46:6b:0b:bf:46:45:d3:45:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4
Validity
Not Before: Jan 2 01:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3de365e3e68fb10ef99432bb32a731332d47805a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e1:53:c9:af:fa:b9:dd:62:9a:5c:8b:e4:cb:
ec:d4:f5:f5:96:75:72:dd:0c:4f:95:68:91:b8:f5:
94:05:4a:85:62:96:a8:46:ff:92:63:39:dc:53:ce:
79:05:db:2e:3a:8b:b9:46:3d:22:96:c3:f6:7a:90:
7c:00:40:6a:32:00:cb:62:fd:94:9b:98:af:ec:81:
60:d6:37:4c:f8:89:cf:14:75:ed:dd:55:db:51:2a:
43:8b:6f:00:e6:5b:be:49:30:f1:c5:0e:8d:ec:7a:
35:35:d3:78:89:50:12:2b:54:5e:2f:ea:02:bf:c0:
4f:a5:a0:97:15:fd:c9:a1:a2:2d:f6:a7:52:7f:1b:
15:4e:7c:c3:88:9f:fd:21:7b:1e:94:bd:fd:00:f0:
45:51:19:a4:6f:b2:4b:fa:fe:1d:96:03:07:08:d4:
84:f0:5b:9a:13:7d:d6:0a:91:6f:98:34:38:61:33:
d8:8e:e1:e4:88:4f:e2:fc:df:24:81:51:e5:9a:97:
c6:b0:1a:bd:79:b0:f0:1e:5b:57:04:d1:93:15:01:
54:2e:6c:b5:ba:24:d1:67:47:91:2e:77:45:54:9e:
d8:c8:fa:37:37:45:6f:a1:31:2c:e1:21:2c:26:6d:
0c:97:88:af:e4:b4:7f:94:84:54:32:d8:e8:6f:87:
02:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E3:65:E3:E6:8F:B1:0E:F9:94:32:BB:32:A7:31:33:2D:47:80:5A
X509v3 Authority Key Identifier:
keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/PeNl4-aPsQ75lDK7MqcxMy1HgFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.166.0/23
84.54.44.0/22
176.113.112.0/23
194.31.132.0/22
Signature Algorithm: sha256WithRSAEncryption
63:b5:08:1b:4d:b9:dd:a3:d1:e7:d6:d8:1d:90:81:8b:55:91:
8a:e1:93:a7:53:ac:29:08:b7:d3:d3:47:ca:98:79:49:5b:63:
42:b8:bc:a6:52:02:cb:2a:62:14:24:06:91:7d:20:29:4d:74:
c3:f1:ef:b6:91:b1:50:7d:15:a1:53:74:ed:b2:db:38:2d:b3:
1b:e9:c9:39:d7:1d:df:8a:3e:68:fd:87:e1:24:fd:d5:a2:50:
6d:ed:f3:cb:b5:df:3b:56:a2:84:a6:12:9c:33:b5:9c:42:19:
e2:98:7e:4a:49:79:1b:e8:67:3b:e4:05:c1:67:2c:3e:a7:10:
74:3f:f2:77:93:ea:1c:b0:0d:44:b6:ab:b4:4c:41:66:b6:88:
3c:02:e2:3e:19:c4:73:ec:bd:5f:de:8e:c7:eb:dc:72:f6:91:
c4:5b:cb:9a:3e:60:db:f8:75:5f:3a:7a:6d:22:eb:14:0b:f5:
36:fe:f3:f6:94:38:79:e4:a7:3f:e6:36:df:84:76:f3:db:3c:
53:9e:7d:33:8a:a8:7a:90:95:e9:6f:c9:50:de:c8:ec:d3:09:
7c:2b:6e:8d:e5:19:ab:86:cc:42:1e:b1:6b:3c:40:be:20:55:
a2:01:7e:5d:aa:87:18:26:ff:cb:c5:25:da:62:18:06:fe:f4:
92:f6:d8:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwFREfRaV2RmsLv0ZF00XuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw
MGM5YTQwHhcNMjMwMTAyMDEyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGUzNjVlM2U2OGZiMTBlZjk5NDMyYmIzMmE3MzEzMzJkNDc4MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uFTya/6ud1imlyL5Mvs1PX1lnVy
3QxPlWiRuPWUBUqFYpaoRv+SYzncU855BdsuOou5Rj0ilsP2epB8AEBqMgDLYv2U
m5iv7IFg1jdM+InPFHXt3VXbUSpDi28A5lu+STDxxQ6N7Ho1NdN4iVASK1ReL+oC
v8BPpaCXFf3JoaIt9qdSfxsVTnzDiJ/9IXselL39APBFURmkb7JL+v4dlgMHCNSE
8FuaE33WCpFvmDQ4YTPYjuHkiE/i/N8kgVHlmpfGsBq9ebDwHltXBNGTFQFULmy1
uiTRZ0eRLndFVJ7YyPo3N0VvoTEs4SEsJm0Ml4iv5LR/lIRUMtjob4cCKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD3jZePmj7EO+ZQyuzKnMTMtR4BaMB8GA1UdIwQY
MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt
MTVmYzBiNjhmODQ0LzEvUGVObDQtYVBzUTc1bERLN01xY3hNeTFIZ0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0
LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBTWmmAwQC
VDYsAwQBsHFwAwQCwh+EMA0GCSqGSIb3DQEBCwUAA4IBAQBjtQgbTbndo9Hn1tgd
kIGLVZGK4ZOnU6wpCLfT00fKmHlJW2NCuLymUgLLKmIUJAaRfSApTXTD8e+2kbFQ
fRWhU3Ttsts4LbMb6ck51x3fij5o/YfhJP3VolBt7fPLtd87VqKEphKcM7WcQhni
mH5KSXkb6Gc75AXBZyw+pxB0P/J3k+ocsA1Etqu0TEFmtog8AuI+GcRz7L1f3o7H
69xy9pHEW8uaPmDb+HVfOnptIusUC/U2/vP2lDh55Kc/5jbfhHbz2zxTnn0ziqh6
kJXpb8lQ3sjs0wl8K26N5RmrhsxCHrFrPEC+IFWiAX5dqocYJv/LxSXaYhgG/vSS
9tjm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:41 2023 by rpki-client on console-ams.rpki-client.org