Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/RaPcIClxltJcIfJ3SkKtok99tsw.roa
File: RaPcIClxltJcIfJ3SkKtok99tsw.roa (raw, json)
Hash identifier: +arFDOXAQt1Em4x3VuEXR8Nwy5bEWyMYGgjKPIdPsVo=
Subject key identifier: 45:A3:DC:20:29:71:96:D2:5C:21:F2:77:4A:42:AD:A2:4F:7D:B6:CC
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A654D65
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/RaPcIClxltJcIfJ3SkKtok99tsw.roa
Signing time: Wed 09 Mar 2022 11:46:54 +0000
ROA not before: Wed 09 Mar 2022 11:46:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 95.111.128.0/20 maxlen: 24
177.222.64.0/19 maxlen: 24
95.111.144.0/20 maxlen: 24
185.149.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174411109 (0xa654d65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 9 11:46:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45a3dc20297196d25c21f2774a42ada24f7db6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:00:5f:eb:18:33:39:2d:7e:17:34:96:22:14:
81:ec:a8:ca:f0:a1:d2:55:dd:04:f8:d8:37:1d:dd:
47:71:c7:85:dc:15:5c:db:3e:94:93:fe:7a:06:6b:
dc:3a:21:9f:68:2b:29:0b:35:05:bc:28:25:06:0b:
1b:41:44:19:ba:76:60:79:58:03:a2:a4:bd:e7:cf:
12:12:14:ac:b4:be:18:84:a7:0c:47:69:ad:12:2c:
82:ac:70:32:62:ab:94:79:8f:a3:6e:c5:25:ab:5b:
9a:e5:d4:86:5e:68:89:78:de:f2:df:4a:71:16:98:
a8:a4:ae:62:fd:56:62:2c:ae:c7:4d:91:44:b4:ca:
9d:74:91:4f:23:00:aa:ad:cc:69:4e:b7:07:df:71:
44:ef:bf:cc:9a:8b:9b:a7:39:53:e2:05:36:fb:40:
66:f5:77:fc:c7:50:b2:44:78:50:2e:ad:55:5d:17:
08:f9:cf:e7:fc:04:d1:c9:f1:ec:c2:9c:98:29:41:
13:ab:66:22:f7:86:37:f2:b1:6c:35:c8:5c:0d:95:
25:b4:7e:18:d6:02:23:b8:2c:11:ed:9f:09:33:ab:
92:7b:4d:23:64:55:fa:49:15:f2:e0:d7:64:b1:4e:
ae:87:93:a1:14:d6:e3:58:3b:ad:99:aa:c6:a2:c7:
ae:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A3:DC:20:29:71:96:D2:5C:21:F2:77:4A:42:AD:A2:4F:7D:B6:CC
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/RaPcIClxltJcIfJ3SkKtok99tsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.128.0/19
177.222.64.0/19
185.149.13.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d6:c0:97:d9:22:6e:02:a5:d9:e0:76:db:41:40:8f:69:8b:
5a:ea:01:d9:ba:83:bc:66:08:9d:49:4c:4e:2e:fa:21:70:60:
12:31:bb:58:25:6a:aa:5b:66:b4:d1:b5:c4:2b:c9:5a:6d:23:
fe:17:30:78:41:9a:2d:df:07:c9:57:4c:73:09:24:7c:2f:33:
12:9b:25:2b:44:e0:32:ab:53:ab:71:23:67:94:70:ce:d5:7f:
47:22:ec:28:08:62:9f:26:c9:ff:a5:09:44:02:a6:bc:44:75:
ec:e3:59:5d:0e:8a:ac:5c:0f:8d:66:89:ff:92:9f:7b:55:18:
0c:57:cb:ce:1d:fb:1d:e0:9b:83:e8:5f:14:34:94:19:9e:90:
65:03:11:d6:cf:06:b1:90:ce:2b:24:7e:0b:cf:ef:3d:5d:b9:
04:d6:b3:63:62:4e:1c:c1:ba:75:df:8d:01:be:65:5f:41:38:
dd:44:ca:da:0e:51:fd:99:a6:2c:cd:6b:f9:82:dc:46:cf:df:
18:07:67:71:77:c5:21:c7:5a:12:c3:3d:79:e6:79:52:c4:36:
a7:ac:65:de:41:cc:cf:e7:21:5a:c4:d7:ea:d2:08:4d:f3:b5:
16:47:94:f4:79:6f:77:00:8e:91:6b:9a:9c:3c:45:b1:86:16:
3a:3f:b3:71
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECmVNZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMw
OTExNDY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDVhM2RjMjAyOTcx
OTZkMjVjMjFmMjc3NGE0MmFkYTI0ZjdkYjZjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEAX+sYMzktfhc0liIUgeyoyvCh0lXdBPjYNx3dR3HHhdwV
XNs+lJP+egZr3Dohn2grKQs1BbwoJQYLG0FEGbp2YHlYA6KkvefPEhIUrLS+GISn
DEdprRIsgqxwMmKrlHmPo27FJatbmuXUhl5oiXje8t9KcRaYqKSuYv1WYiyux02R
RLTKnXSRTyMAqq3MaU63B99xRO+/zJqLm6c5U+IFNvtAZvV3/MdQskR4UC6tVV0X
CPnP5/wE0cnx7MKcmClBE6tmIveGN/KxbDXIXA2VJbR+GNYCI7gsEe2fCTOrkntN
I2RV+kkV8uDXZLFOroeToRTW41g7rZmqxqLHrmUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRFo9wgKXGW0lwh8ndKQq2iT322zDAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1JhUGNJQ2x4bHRKY0lmSjNTa0t0b2s5OXRzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBV9vgAMEBbHeQAMEALmVDTANBgkq
hkiG9w0BAQsFAAOCAQEAX9bAl9kibgKl2eB220FAj2mLWuoB2bqDvGYInUlMTi76
IXBgEjG7WCVqqltmtNG1xCvJWm0j/hcweEGaLd8HyVdMcwkkfC8zEpslK0TgMqtT
q3EjZ5RwztV/RyLsKAhinybJ/6UJRAKmvER17ONZXQ6KrFwPjWaJ/5Kfe1UYDFfL
zh37HeCbg+hfFDSUGZ6QZQMR1s8GsZDOKyR+C8/vPV25BNazY2JOHMG6dd+NAb5l
X0E43UTK2g5R/ZmmLM1r+YLcRs/fGAdncXfFIcdaEsM9eeZ5UsQ2p6xl3kHMz+ch
WsTX6tIITfO1FkeU9HlvdwCOkWuanDxFsYYWOj+zcQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org