Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-C_fuoVH7alYfJo5fIvW3Yu_ato.roa
File: 1-C_fuoVH7alYfJo5fIvW3Yu_ato.roa (raw, json)
Hash identifier: HIc02CnyBqtL3qc0puiKaIT8uHId2Ot9vP15bzJZg8E=
Subject key identifier: F8:2F:DF:BA:85:47:ED:A9:58:7C:9A:39:7C:8B:D6:DD:8B:BF:6A:DA
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 1468878A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-C_fuoVH7alYfJo5fIvW3Yu_ato.roa
Signing time: Sat 02 Apr 2022 04:29:43 +0000
ROA not before: Sat 02 Apr 2022 04:29:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 85.8.164.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342394762 (0x1468878a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 2 04:29:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f82fdfba8547eda9587c9a397c8bd6dd8bbf6ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f8:a0:90:e3:f0:e7:0c:63:38:db:f3:6b:11:
a3:04:40:7d:84:c9:ca:4d:20:5e:64:23:70:f9:1c:
4f:88:6b:d7:85:5d:20:30:01:71:c5:b8:fa:db:e3:
70:15:d7:05:f3:d9:3c:77:64:92:b0:67:30:24:3c:
d3:67:9d:d5:ad:84:c7:ac:18:bf:28:01:e5:6b:cb:
32:7d:f2:5a:ed:23:69:25:ec:21:8d:22:91:79:11:
ef:f6:f7:29:97:29:6a:0d:79:66:d1:b7:28:56:d6:
8c:a0:07:9c:dc:8f:30:9c:d8:8a:f1:5d:f6:f0:7d:
de:29:bb:48:d6:51:d8:2d:90:72:40:5f:0a:3e:55:
6a:b5:0a:cf:a8:b7:72:21:0d:d3:d7:36:0b:75:be:
52:02:b3:e1:02:d3:6a:6a:98:de:27:fb:5f:2e:82:
e5:3e:ab:bc:88:20:49:62:d6:19:74:22:0a:2d:cc:
87:e4:3e:51:60:1d:10:c8:b6:e4:9a:c3:c6:6e:63:
ed:7d:76:a7:82:77:6d:e1:7c:b7:fe:6f:58:fb:d2:
69:0f:86:8d:e0:b2:c7:b4:f8:0e:22:01:a4:58:dd:
27:d0:ca:e6:c6:df:0c:8c:87:3f:cf:7e:2c:d6:a8:
70:78:31:e3:1b:a4:a5:bc:45:dd:1b:0d:ca:aa:0d:
79:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2F:DF:BA:85:47:ED:A9:58:7C:9A:39:7C:8B:D6:DD:8B:BF:6A:DA
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-C_fuoVH7alYfJo5fIvW3Yu_ato.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.164.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:4e:3c:a7:c0:f9:82:c7:69:3d:08:3e:c6:b3:d9:52:11:85:
2c:62:71:c5:06:6a:74:a1:34:4c:49:5d:81:b8:f4:ba:9a:43:
96:78:92:7d:f1:74:65:98:4b:30:b6:eb:36:3e:b3:6f:62:28:
c6:7f:b5:54:1a:45:df:f0:0b:76:fc:80:a0:59:b6:a7:23:0f:
52:bd:fe:2c:13:8c:d2:de:98:de:a3:df:35:d2:40:bc:44:7e:
4b:23:1a:db:c7:c9:45:82:e1:99:be:e1:97:b6:1e:49:88:e5:
58:87:0b:fa:7c:3c:13:82:f3:96:1d:09:4e:2d:67:61:fc:46:
19:dd:09:39:c0:c5:45:02:a1:e8:9c:41:4b:c7:ea:50:1d:24:
dd:5b:c9:4e:f6:63:12:9f:b0:92:40:4b:9e:eb:f5:8c:6a:aa:
06:cc:36:a5:d8:65:26:2e:dd:7c:e0:e0:da:a9:b1:e9:d7:df:
55:32:e4:a7:f8:1b:72:0b:6b:b2:04:c4:1d:55:f7:3e:e1:53:
28:77:3e:09:1b:a3:f3:b3:15:32:04:91:b6:ec:ed:eb:e9:8a:
8e:0c:eb:6b:24:f3:65:4a:2a:d6:9c:fa:48:ae:81:d6:d6:46:
84:0b:a2:0a:8c:dc:4a:66:e7:b6:10:bb:f7:ba:ea:a3:b9:77:
85:53:31:18
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEFGiHijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDQw
MjA0Mjk0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjgyZmRmYmE4NTQ3
ZWRhOTU4N2M5YTM5N2M4YmQ2ZGQ4YmJmNmFkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAML4oJDj8OcMYzjb82sRowRAfYTJyk0gXmQjcPkcT4hr14Vd
IDABccW4+tvjcBXXBfPZPHdkkrBnMCQ802ed1a2Ex6wYvygB5WvLMn3yWu0jaSXs
IY0ikXkR7/b3KZcpag15ZtG3KFbWjKAHnNyPMJzYivFd9vB93im7SNZR2C2QckBf
Cj5VarUKz6i3ciEN09c2C3W+UgKz4QLTamqY3if7Xy6C5T6rvIggSWLWGXQiCi3M
h+Q+UWAdEMi25JrDxm5j7X12p4J3beF8t/5vWPvSaQ+GjeCyx7T4DiIBpFjdJ9DK
5sbfDIyHP89+LNaocHgx4xukpbxF3RsNyqoNeUECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT4L9+6hUftqVh8mjl8i9bdi79q2jAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
LzEtQ19mdW9WSDdhbFlmSm81Zkl2VzNZdV9hdG8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcw
LzQwNWJiZC01OTEzLTRlOTUtOGU3NS1mZTA2NTkxNzZhNTYvMS9Lc1Bhb2JGSVVQ
TG1IRmtySVpHUldsNWxwSGcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJVCKQwDQYJKoZIhvcNAQELBQAD
ggEBAKhOPKfA+YLHaT0IPsaz2VIRhSxiccUGanShNExJXYG49LqaQ5Z4kn3xdGWY
SzC26zY+s29iKMZ/tVQaRd/wC3b8gKBZtqcjD1K9/iwTjNLemN6j3zXSQLxEfksj
GtvHyUWC4Zm+4Ze2HkmI5ViHC/p8PBOC85YdCU4tZ2H8RhndCTnAxUUCoeicQUvH
6lAdJN1byU72YxKfsJJAS57r9YxqqgbMNqXYZSYu3Xzg4NqpsenX31Uy5Kf4G3IL
a7IExB1V9z7hUyh3Pgkbo/OzFTIEkbbs7evpio4M62sk82VKKtac+kiugdbWRoQL
ogqM3Epm57YQu/e66qO5d4VTMRg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:42 2023 by rpki-client on console-fra.rpki-client.org