Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/9NVcXLEc8AwktFhftERduYVL_Zo.roa
File: 9NVcXLEc8AwktFhftERduYVL_Zo.roa (raw, json)
Hash identifier: ohJwjO5JdLca+nv97SZGvbw+CW2viYbmRUCgHY7ULGk=
Subject key identifier: F4:D5:5C:5C:B1:1C:F0:0C:24:B4:58:5F:B4:44:5D:B9:85:4B:FD:9A
Certificate issuer: /CN=f97f69ed26c2e4687dbab2e6c6cca88d17c4c332
Certificate serial: 1263205E
Authority key identifier: F9:7F:69:ED:26:C2:E4:68:7D:BA:B2:E6:C6:CC:A8:8D:17:C4:C3:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-X9p7SbC5Gh9urLmxsyojRfEwzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/9NVcXLEc8AwktFhftERduYVL_Zo.roa
Signing time: Thu 23 Jun 2022 13:59:45 +0000
ROA not before: Thu 23 Jun 2022 13:59:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47347
IP address blocks: 79.142.32.0/22 maxlen: 22
79.142.32.0/20 maxlen: 20
2a01:7b40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 308486238 (0x1263205e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f97f69ed26c2e4687dbab2e6c6cca88d17c4c332
Validity
Not Before: Jun 23 13:59:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4d55c5cb11cf00c24b4585fb4445db9854bfd9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0b:cf:14:91:e0:93:6e:77:48:65:e2:d2:02:
fd:98:c2:2d:9e:bb:f0:9f:ca:09:b6:79:6d:a7:9c:
be:83:57:e4:5f:02:18:38:87:0d:85:84:da:82:77:
44:31:37:32:5c:aa:e2:75:ec:bc:f4:4b:c8:54:7b:
12:40:26:aa:2b:65:2b:cd:ae:64:13:8e:61:d4:1b:
9f:c9:3d:b7:b4:d9:2c:12:de:a1:0b:f5:55:b1:13:
1b:fd:e7:f4:23:a2:e2:a4:75:1e:ea:05:ed:0b:18:
6d:69:55:80:b0:47:4f:cc:91:97:fd:e3:a1:c3:97:
fe:71:79:a3:04:e9:3f:80:5b:07:8f:d3:7b:27:3b:
4a:2b:eb:89:7b:3d:5f:0e:df:f8:8a:db:e5:0b:22:
d8:cf:b0:b3:73:b9:9d:dd:8a:da:f8:51:cc:7e:9c:
34:54:98:2d:9a:78:86:df:f1:a9:61:12:cd:69:22:
5b:5a:e1:b4:af:aa:9d:0e:af:11:13:d7:ec:67:d5:
eb:0a:48:c8:dd:0a:f0:d8:65:c5:3a:ab:d4:fd:98:
49:32:7f:e8:b8:bb:9f:7d:e8:ff:ba:7d:fd:15:72:
20:aa:02:0d:11:04:f8:a7:e4:93:f5:b1:d7:8c:ed:
d8:d8:5a:c7:dd:25:d5:34:f5:90:5f:68:db:13:94:
9b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D5:5C:5C:B1:1C:F0:0C:24:B4:58:5F:B4:44:5D:B9:85:4B:FD:9A
X509v3 Authority Key Identifier:
keyid:F9:7F:69:ED:26:C2:E4:68:7D:BA:B2:E6:C6:CC:A8:8D:17:C4:C3:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-X9p7SbC5Gh9urLmxsyojRfEwzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/9NVcXLEc8AwktFhftERduYVL_Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/1-X9p7SbC5Gh9urLmxsyojRfEwzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.32.0/20
IPv6:
2a01:7b40::/32
Signature Algorithm: sha256WithRSAEncryption
5b:3c:e5:f3:9e:e9:74:fc:8c:7c:ef:62:80:0e:80:dc:05:21:
8c:85:34:c3:90:79:af:4d:3e:13:38:d4:b3:1c:2e:5f:0f:ef:
86:29:9d:68:7b:47:da:a9:76:bc:ed:d7:ce:0a:6f:2e:8b:e4:
65:a9:c2:0b:a1:38:7a:d2:c9:2f:d7:c2:f5:a3:b5:bd:30:af:
01:44:90:6c:11:92:52:f5:95:b1:90:62:4f:eb:7f:b8:36:f3:
36:19:40:5c:16:09:24:f2:c5:f2:69:c1:cd:32:a5:ed:91:af:
84:a9:f5:ac:1e:4a:10:3c:c6:3a:0b:d9:ed:40:26:4d:e5:4b:
f6:4a:6c:6b:91:9f:f2:47:57:e0:38:dc:ab:66:98:d9:ec:48:
50:3f:0c:2f:0b:74:b4:fb:72:11:a7:31:c2:1c:a0:82:a9:ef:
b8:bf:7b:6f:01:25:68:fe:c3:b8:4b:ba:4c:58:5c:fe:91:5f:
ee:40:85:2c:a3:ad:5e:1a:8a:e4:77:e0:ef:06:86:b2:cd:f0:
36:51:82:ec:5f:6e:ba:9a:6a:2f:42:25:0e:85:d0:df:01:90:
50:ee:56:5e:63:2f:52:3c:c1:c6:2e:52:f2:b3:de:1b:1b:87:
22:aa:92:bc:b9:ad:e7:e1:98:2c:fd:d3:be:85:1d:27:98:77:
03:b9:25:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEmMgXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTdmNjllZDI2YzJlNDY4N2RiYWIyZTZjNmNjYTg4ZDE3YzRjMzMyMB4XDTIyMDYy
MzEzNTk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRkNTVjNWNiMTFj
ZjAwYzI0YjQ1ODVmYjQ0NDVkYjk4NTRiZmQ5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoLzxSR4JNud0hl4tIC/ZjCLZ678J/KCbZ5baecvoNX5F8C
GDiHDYWE2oJ3RDE3Mlyq4nXsvPRLyFR7EkAmqitlK82uZBOOYdQbn8k9t7TZLBLe
oQv1VbETG/3n9COi4qR1HuoF7QsYbWlVgLBHT8yRl/3jocOX/nF5owTpP4BbB4/T
eyc7SivriXs9Xw7f+Irb5Qsi2M+ws3O5nd2K2vhRzH6cNFSYLZp4ht/xqWESzWki
W1rhtK+qnQ6vERPX7GfV6wpIyN0K8NhlxTqr1P2YSTJ/6Li7n33o/7p9/RVyIKoC
DREE+Kfkk/Wx14zt2Nhax90l1TT1kF9o2xOUm50CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT01VxcsRzwDCS0WF+0RF25hUv9mjAfBgNVHSMEGDAWgBT5f2ntJsLkaH26
subGzKiNF8TDMjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtWDlwN1NiQzVHaDl1ckxteHN5b2pSZkV3ekkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzY2LzMyNDQxZS01ZTliLTRhMzItOGNjNC0xZWI3NWJiNjgyMzMv
MS85TlZjWExFYzhBd2t0RmhmdEVSZHVZVkxfWm8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY2
LzMyNDQxZS01ZTliLTRhMzItOGNjNC0xZWI3NWJiNjgyMzMvMS8xLVg5cDdTYkM1
R2g5dXJMbXhzeW9qUmZFd3pJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQET44gMA0EAgACMAcDBQAqAXtA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbPOXznul0/Ix872KADoDcBSGMhTTDkHmvTT4T
ONSzHC5fD++GKZ1oe0faqXa87dfOCm8ui+RlqcILoTh60skv18L1o7W9MK8BRJBs
EZJS9ZWxkGJP63+4NvM2GUBcFgkk8sXyacHNMqXtka+EqfWsHkoQPMY6C9ntQCZN
5Uv2SmxrkZ/yR1fgONyrZpjZ7EhQPwwvC3S0+3IRpzHCHKCCqe+4v3tvASVo/sO4
S7pMWFz+kV/uQIUso61eGorkd+DvBoayzfA2UYLsX266mmovQiUOhdDfAZBQ7lZe
Yy9SPMHGLlLys94bG4ciqpK8ua3n4Zgs/dO+hR0nmHcDuSU/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:05 2024 by rpki-client on console-fra.rpki-client.org