Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/YYdlBU6GTuY0-vNOq30q_uV2rbA.roa
File: YYdlBU6GTuY0-vNOq30q_uV2rbA.roa (raw, json)
Hash identifier: LNEnCAjJsTT6Mesz2U9r6cEMejsxm/jqA0SQjRwn3lQ=
Subject key identifier: 61:87:65:05:4E:86:4E:E6:34:FA:F3:4E:AB:7D:2A:FE:E5:76:AD:B0
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 09BDFBCB
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/YYdlBU6GTuY0-vNOq30q_uV2rbA.roa
Signing time: Sat 01 Jan 2022 14:57:52 +0000
ROA not before: Sat 01 Jan 2022 14:57:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.225.236.0/22 maxlen: 24
146.66.125.0/24 maxlen: 24
77.104.128.0/18 maxlen: 24
146.66.64.0/18 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163445707 (0x9bdfbcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 1 14:57:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=618765054e864ee634faf34eab7d2afee576adb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:31:a7:64:a1:6e:b0:73:95:b0:49:aa:d2:66:
91:1b:17:5d:83:2a:c8:e2:f9:1c:2a:c3:99:48:f6:
05:4e:39:3e:8d:50:12:90:03:08:b2:d9:e7:02:96:
17:79:93:83:65:cc:27:de:ff:71:51:4c:60:dd:f4:
c0:52:49:59:7d:04:b8:cd:8a:c1:90:e7:d0:69:52:
45:ab:a7:47:bf:d3:0a:91:37:46:b6:11:10:88:65:
15:55:c0:f8:a3:3e:ce:bd:e8:b3:a7:34:1f:56:d0:
4e:00:1d:b1:dd:57:4e:81:e0:b5:a3:04:51:34:ce:
7d:6e:41:ed:d7:0c:55:60:08:fe:85:2a:9d:72:02:
2e:e1:73:a0:06:59:60:b5:4e:9d:8e:7b:28:5c:54:
3c:fb:6e:35:d3:aa:cb:6f:21:5f:81:d0:5a:96:28:
b5:38:6d:bd:24:10:6d:0b:83:2a:d9:67:cd:32:e5:
e9:4f:f8:fc:fd:39:0e:c2:dc:91:f0:31:06:bc:dd:
17:1a:1b:db:c2:e5:23:92:60:a0:a7:1c:d2:ef:c7:
f9:be:16:27:a6:5e:b6:d6:6e:81:19:f5:1b:ef:17:
48:9e:1a:b6:3b:9b:2a:4a:03:6e:75:da:50:b1:ba:
93:3c:30:5d:e8:7c:84:50:0e:73:a0:fb:3f:44:95:
18:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:87:65:05:4E:86:4E:E6:34:FA:F3:4E:AB:7D:2A:FE:E5:76:AD:B0
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/YYdlBU6GTuY0-vNOq30q_uV2rbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.128.0/18
146.66.64.0/18
185.225.236.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:f4:c2:eb:96:54:c2:17:04:56:1a:0d:e0:20:95:fa:30:8c:
d8:79:94:fa:3f:f0:02:19:a2:6b:e0:0e:ef:20:06:2e:bb:51:
f4:99:a0:bc:c7:ee:3c:fb:da:53:13:4a:91:c2:10:b0:9f:a5:
40:90:36:eb:8e:1b:3a:17:92:93:38:70:93:08:1b:b3:9b:94:
42:8c:a6:79:e8:13:36:b8:c9:b1:53:6f:3c:d2:bd:1d:03:c7:
a2:e4:3a:a6:c6:b0:ad:c5:b9:e9:e9:e7:ec:a2:b3:9e:21:30:
4d:34:23:8f:88:0e:bc:4e:a8:ec:6c:dc:37:f6:c3:44:ca:a6:
32:d8:62:cf:d0:99:00:76:ba:b5:b4:e4:08:c8:2b:a8:37:18:
04:3f:b6:ba:ba:66:c8:e2:94:94:5b:c6:c0:41:af:ee:a8:27:
d6:59:66:e4:5c:8f:92:1c:b2:84:db:75:3b:ce:cb:53:4c:9f:
0d:7c:43:0d:a2:08:1c:10:a1:0b:c0:e1:96:a8:12:62:d2:56:
7b:4b:39:a0:4b:1d:6d:bd:b4:02:3b:3e:9f:53:d1:53:93:b8:
4e:2c:1f:3b:b4:64:b7:16:97:18:b5:93:da:ad:4f:6b:6d:12:
4a:a8:ea:a4:61:8c:7a:bb:aa:40:66:c5:64:6b:50:fa:1e:90:
02:3f:20:d1
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECb37yzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDg4ZWI3MzBhYjFhNTAxZWEzNmVhMzQ4MmQ3NjQ1NDRlMTQxMTExMB4XDTIyMDEw
MTE0NTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE4NzY1MDU0ZTg2
NGVlNjM0ZmFmMzRlYWI3ZDJhZmVlNTc2YWRiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUxp2ShbrBzlbBJqtJmkRsXXYMqyOL5HCrDmUj2BU45Po1Q
EpADCLLZ5wKWF3mTg2XMJ97/cVFMYN30wFJJWX0EuM2KwZDn0GlSRaunR7/TCpE3
RrYREIhlFVXA+KM+zr3os6c0H1bQTgAdsd1XToHgtaMEUTTOfW5B7dcMVWAI/oUq
nXICLuFzoAZZYLVOnY57KFxUPPtuNdOqy28hX4HQWpYotThtvSQQbQuDKtlnzTLl
6U/4/P05DsLckfAxBrzdFxob28LlI5JgoKcc0u/H+b4WJ6ZettZugRn1G+8XSJ4a
tjubKkoDbnXaULG6kzwwXeh8hFAOc6D7P0SVGP0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRhh2UFToZO5jT6806rfSr+5XatsDAfBgNVHSMEGDAWgBRNiOtzCrGlAeo2
6jSC12RUThQRETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RZanJjd3F4cFFIcU51bzBndGRrVkU0VUVSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8x
L1lZZGxCVTZHVHVZMC12Tk9xMzBxX3VWMnJiQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8xL1RZanJjd3F4cFFI
cU51bzBndGRrVkU0VUVSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBk1ogAMEBpJCQAMEArnh7DANBgkq
hkiG9w0BAQsFAAOCAQEATPTC65ZUwhcEVhoN4CCV+jCM2HmU+j/wAhmia+AO7yAG
LrtR9JmgvMfuPPvaUxNKkcIQsJ+lQJA2644bOheSkzhwkwgbs5uUQoymeegTNrjJ
sVNvPNK9HQPHouQ6psawrcW56enn7KKzniEwTTQjj4gOvE6o7GzcN/bDRMqmMthi
z9CZAHa6tbTkCMgrqDcYBD+2urpmyOKUlFvGwEGv7qgn1llm5FyPkhyyhNt1O87L
U0yfDXxDDaIIHBChC8DhlqgSYtJWe0s5oEsdbb20Ajs+n1PRU5O4TiwfO7RktxaX
GLWT2q1Pa20SSqjqpGGMeruqQGbFZGtQ+h6QAj8g0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:48 2024 by rpki-client on console-fra.rpki-client.org