Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/Dq2QXkgg744OgjbuB60t4fjQiaY.roa
File: Dq2QXkgg744OgjbuB60t4fjQiaY.roa (raw, json)
Hash identifier: tLzcXMsi40QgtDz9XPrWOPBOgcTFK7jwWEqUOKhGulg=
Subject key identifier: 0E:AD:90:5E:48:20:EF:8E:0E:82:36:EE:07:AD:2D:E1:F8:D0:89:A6
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 38D77936
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/Dq2QXkgg744OgjbuB60t4fjQiaY.roa
Signing time: Sat 01 Jan 2022 07:55:16 +0000
ROA not before: Sat 01 Jan 2022 07:55:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13127
IP address blocks: 145.83.1.0/24 maxlen: 24
145.83.2.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 953645366 (0x38d77936)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 1 07:55:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ead905e4820ef8e0e8236ee07ad2de1f8d089a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2b:80:8d:cc:b8:a5:96:40:47:9e:fb:e0:a2:
ea:c6:19:8c:bc:49:5c:60:79:ba:1c:1d:7d:23:27:
82:be:03:52:4d:ff:b6:04:2b:87:34:79:31:1f:3c:
12:b9:3c:bc:09:24:b4:95:77:b1:13:23:d6:17:a6:
34:92:50:a8:2a:43:54:5b:7c:81:fa:ca:28:85:85:
54:bf:54:6c:b7:6d:51:8d:a7:2f:56:d2:d0:48:06:
f3:b1:48:de:04:c5:f4:1a:81:f8:43:21:7a:6a:c4:
4a:c4:41:ca:fa:47:21:a9:38:bf:47:12:27:d4:f6:
6e:05:58:f5:00:fd:34:a6:02:f5:9d:a1:27:49:d4:
b3:59:78:36:68:01:05:b8:d6:ac:68:f5:ca:52:06:
c4:8b:6b:94:e4:04:c6:5e:1c:58:92:db:39:6e:24:
25:39:57:b6:21:94:ba:c6:80:34:68:b2:bb:ec:d7:
6c:4a:41:02:24:e7:2d:6c:57:2b:4f:f2:ae:7a:89:
08:7d:80:d8:f3:fd:48:9f:77:98:1c:21:a2:9b:4e:
97:b4:2e:eb:cc:31:8b:3c:15:81:a3:a2:29:7e:9b:
1e:15:8c:92:4e:dd:de:e8:ed:e9:d0:75:31:8b:70:
3f:87:95:6e:33:b7:a1:63:98:87:78:7e:58:0c:f9:
b2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AD:90:5E:48:20:EF:8E:0E:82:36:EE:07:AD:2D:E1:F8:D0:89:A6
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/Dq2QXkgg744OgjbuB60t4fjQiaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.83.1.0-145.83.2.255
Signature Algorithm: sha256WithRSAEncryption
91:2f:00:07:65:5d:bd:18:92:ee:9c:63:3a:ed:66:47:7b:81:
9f:53:d2:58:b6:5b:9e:cd:03:ce:4a:f6:14:93:ef:bb:c6:30:
5a:48:06:30:6a:c6:1e:93:63:56:90:c2:e6:41:09:7c:64:62:
8f:b9:80:0a:88:95:e3:b0:41:62:4a:e6:0f:2b:d1:6a:75:06:
50:09:9e:8b:da:f1:52:98:84:15:22:38:42:4a:22:2f:c3:13:
55:56:3c:10:54:71:d3:42:e9:f3:91:c9:36:12:3b:7d:e8:4e:
42:cb:97:39:32:9f:de:7b:e0:75:4e:fc:75:65:9b:2b:53:d5:
7a:4f:ba:63:d9:2e:f0:29:bf:fd:fa:fd:cc:08:5d:4a:1a:8c:
ff:69:18:89:c5:88:8d:ed:4a:bd:e4:92:63:8d:74:7d:79:ac:
b5:0c:6d:72:72:11:60:f2:c6:a4:9b:9d:38:b1:e5:01:43:16:
1d:b7:d7:d8:9d:24:a6:f1:f9:88:1e:bc:95:d0:52:0f:9f:6c:
40:b2:fb:c3:d0:51:70:b6:b0:a3:c2:70:f4:4d:ee:86:56:7e:
62:0e:93:45:aa:2a:30:fd:16:20:71:05:65:d2:dc:d4:68:c9:
fb:7a:34:c7:69:38:bd:de:87:72:dd:d3:cf:ea:25:57:7c:d1:
02:0b:73:9c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEONd5NjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzczZGIxNzc5NWQyYmYxYjRiNTM0NWM1YjI5MzkwZGJhZjQ1MjNlMB4XDTIyMDEw
MTA3NTUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGVhZDkwNWU0ODIw
ZWY4ZTBlODIzNmVlMDdhZDJkZTFmOGQwODlhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOUrgI3MuKWWQEee++Ci6sYZjLxJXGB5uhwdfSMngr4DUk3/
tgQrhzR5MR88Erk8vAkktJV3sRMj1hemNJJQqCpDVFt8gfrKKIWFVL9UbLdtUY2n
L1bS0EgG87FI3gTF9BqB+EMhemrESsRByvpHIak4v0cSJ9T2bgVY9QD9NKYC9Z2h
J0nUs1l4NmgBBbjWrGj1ylIGxItrlOQExl4cWJLbOW4kJTlXtiGUusaANGiyu+zX
bEpBAiTnLWxXK0/yrnqJCH2A2PP9SJ93mBwhoptOl7Qu68wxizwVgaOiKX6bHhWM
kk7d3ujt6dB1MYtwP4eVbjO3oWOYh3h+WAz5svkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQOrZBeSCDvjg6CNu4HrS3h+NCJpjAfBgNVHSMEGDAWgBQXc9sXeV0r8bS1
NFxbKTkNuvRSPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YzUGJGM2xkS19HMHRUUmNXeWs1RGJyMFVqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8x
L0RxMlFYa2dnNzQ0T2dqYnVCNjB0NGZqUWlhWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Zjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8xL0YzUGJGM2xkS19H
MHRUUmNXeWs1RGJyMFVqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAkVMBAwQAkVMCMA0GCSqGSIb3
DQEBCwUAA4IBAQCRLwAHZV29GJLunGM67WZHe4GfU9JYtluezQPOSvYUk++7xjBa
SAYwasYek2NWkMLmQQl8ZGKPuYAKiJXjsEFiSuYPK9FqdQZQCZ6L2vFSmIQVIjhC
SiIvwxNVVjwQVHHTQunzkck2Ejt96E5Cy5c5Mp/ee+B1Tvx1ZZsrU9V6T7pj2S7w
Kb/9+v3MCF1KGoz/aRiJxYiN7Uq95JJjjXR9eay1DG1ychFg8sakm504seUBQxYd
t9fYnSSm8fmIHryV0FIPn2xAsvvD0FFwtrCjwnD0Te6GVn5iDpNFqiow/RYgcQVl
0tzUaMn7ejTHaTi93ody3dPP6iVXfNECC3Oc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org