Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/_qFQvBjn0NQL7e_AvkAAahsXJ_Y.roa
File: _qFQvBjn0NQL7e_AvkAAahsXJ_Y.roa (raw, json)
Hash identifier: YPA+kfkg2VbnPRa51Dt5kVRqWk+xRGIFaULCXrCpd7g=
Subject key identifier: FE:A1:50:BC:18:E7:D0:D4:0B:ED:EF:C0:BE:40:00:6A:1B:17:27:F6
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 04044DD5
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/_qFQvBjn0NQL7e_AvkAAahsXJ_Y.roa
Signing time: Sat 01 Jan 2022 13:54:45 +0000
ROA not before: Sat 01 Jan 2022 13:54:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.169.48.0/24 maxlen: 24
194.169.49.0/24 maxlen: 24
194.165.27.0/24 maxlen: 24
45.153.90.0/24 maxlen: 24
45.153.89.0/24 maxlen: 24
45.153.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67390933 (0x4044dd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 1 13:54:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fea150bc18e7d0d40bedefc0be40006a1b1727f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bd:1e:7f:9c:db:fb:e8:27:f6:b9:2e:60:5e:
70:9a:3c:48:6c:ab:45:ce:7c:b3:b1:9f:53:47:5b:
5b:fc:36:9f:15:2b:88:8d:9e:5f:76:8c:61:6d:f5:
b7:2c:7a:6c:78:90:ed:11:b6:e3:7e:27:76:c1:5f:
7f:78:07:1a:ba:73:ec:bb:19:49:37:25:45:49:1b:
24:fc:21:bf:d9:47:c9:56:d8:5d:09:9e:6b:09:95:
97:10:c0:3e:bf:00:89:2c:16:2f:6c:5b:04:ad:fe:
d2:10:db:08:f1:4e:de:ce:91:88:3d:0c:82:38:17:
ae:28:81:cd:f4:a7:15:7b:17:97:d2:c6:40:c3:2d:
c2:cd:6d:58:d1:d6:d0:96:79:0f:50:01:47:1e:0d:
33:df:10:1c:00:8a:e1:ca:81:e7:c4:87:27:37:4a:
ff:df:a5:e6:ee:b5:fe:8d:f7:f6:b4:03:fa:70:5c:
f7:1a:4d:18:6f:8c:ef:98:5a:90:61:ab:db:68:9e:
ee:d5:50:c4:ad:dc:06:92:b5:f0:02:b0:8a:23:a0:
f3:5c:48:db:5a:c3:6d:67:00:4b:c6:f9:96:38:fc:
57:ba:fd:af:7a:09:de:80:de:02:74:a9:29:37:dc:
03:2a:ce:1e:1c:1b:d8:b4:9e:05:93:fb:88:e7:61:
3f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A1:50:BC:18:E7:D0:D4:0B:ED:EF:C0:BE:40:00:6A:1B:17:27:F6
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/_qFQvBjn0NQL7e_AvkAAahsXJ_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.89.0-45.153.91.255
194.165.27.0/24
194.169.48.0/23
Signature Algorithm: sha256WithRSAEncryption
72:42:87:64:5a:68:5b:73:3f:a3:8f:52:34:02:ef:5d:a3:51:
a3:aa:fc:ef:39:81:20:f1:f2:8e:fc:1f:b4:97:b3:1a:78:94:
fa:e0:2e:53:48:4f:79:a5:8a:39:27:4e:9d:13:32:8e:7a:42:
d4:ad:e5:f8:83:9e:00:a3:15:cb:4f:bb:63:6f:35:8d:72:50:
d6:74:9d:15:42:a1:17:b2:85:4f:de:f1:1f:8b:99:58:b7:87:
00:53:45:13:b2:39:bc:04:26:4d:d4:cf:fa:0b:13:bd:e5:5a:
63:62:1b:e2:87:e8:80:cb:16:d8:ea:b1:3e:3c:4c:01:50:37:
23:1f:bb:c1:f9:cf:78:2e:49:c7:a7:0e:63:e2:ce:ba:f3:09:
1b:be:d0:8b:8d:d2:9e:2d:07:e2:d1:9f:03:1c:0f:10:45:77:
35:45:90:75:f7:5d:33:f1:77:ca:93:75:ec:68:13:3e:17:73:
4c:af:1f:15:eb:7f:3c:46:4c:59:31:8b:10:e7:d9:e7:e4:a4:
d6:49:af:5e:ef:fd:ae:94:69:82:0a:d3:1c:cc:c4:79:57:45:
be:b0:c7:14:a9:19:dd:1b:79:53:19:22:08:b3:ab:28:01:47:
cf:36:be:0b:0b:a5:34:53:d4:ff:89:82:42:36:44:fd:42:b2:
e8:cd:cb:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBARN1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTgyNDdkM2Y4MTQ3MmRiYmEwNmRiZWE5YmQxOWM3ODVkMThiYWJlMB4XDTIyMDEw
MTEzNTQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmVhMTUwYmMxOGU3
ZDBkNDBiZWRlZmMwYmU0MDAwNmExYjE3MjdmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG9Hn+c2/voJ/a5LmBecJo8SGyrRc58s7GfU0dbW/w2nxUr
iI2eX3aMYW31tyx6bHiQ7RG2434ndsFff3gHGrpz7LsZSTclRUkbJPwhv9lHyVbY
XQmeawmVlxDAPr8AiSwWL2xbBK3+0hDbCPFO3s6RiD0MgjgXriiBzfSnFXsXl9LG
QMMtws1tWNHW0JZ5D1ABRx4NM98QHACK4cqB58SHJzdK/9+l5u61/o339rQD+nBc
9xpNGG+M75hakGGr22ie7tVQxK3cBpK18AKwiiOg81xI21rDbWcAS8b5ljj8V7r9
r3oJ3oDeAnSpKTfcAyrOHhwb2LSeBZP7iOdhP+0CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBT+oVC8GOfQ1Avt78C+QABqGxcn9jAfBgNVHSMEGDAWgBTZgkfT+BRy27oG
2+qb0Zx4XRi6vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJZSkgwX2dVY3R1NkJ0dnFtOUdjZUYwWXVyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8x
L19xRlF2QmpuME5RTDdlX0F2a0FBYWhzWEpfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8xLzJZSkgwX2dVY3R1
NkJ0dnFtOUdjZUYwWXVyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQALZlZAwQCLZlYAwQAwqUbAwQB
wqkwMA0GCSqGSIb3DQEBCwUAA4IBAQByQodkWmhbcz+jj1I0Au9do1GjqvzvOYEg
8fKO/B+0l7MaeJT64C5TSE95pYo5J06dEzKOekLUreX4g54AoxXLT7tjbzWNclDW
dJ0VQqEXsoVP3vEfi5lYt4cAU0UTsjm8BCZN1M/6CxO95VpjYhvih+iAyxbY6rE+
PEwBUDcjH7vB+c94LknHpw5j4s668wkbvtCLjdKeLQfi0Z8DHA8QRXc1RZB1910z
8XfKk3XsaBM+F3NMrx8V6388RkxZMYsQ59nn5KTWSa9e7/2ulGmCCtMczMR5V0W+
sMcUqRndG3lTGSIIs6soAUfPNr4LC6U0U9T/iYJCNkT9QrLozctW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:26 2024 by rpki-client on console-fra.rpki-client.org