Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/v05_A2lWKVBS1N7lKS5vA6jhlw8.roa
File: v05_A2lWKVBS1N7lKS5vA6jhlw8.roa (raw, json)
Hash identifier: zwmzVRj1zUYxwH/iKwq8tTEvoe8Hm5NVT5ltFHexPPo=
Subject key identifier: BF:4E:7F:03:69:56:29:50:52:D4:DE:E5:29:2E:6F:03:A8:E1:97:0F
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 0188428619A5D073B4DCF7CA206EDDCFEC7A
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/v05_A2lWKVBS1N7lKS5vA6jhlw8.roa
Signing time: Mon 22 May 2023 08:14:24 +0000
ROA not before: Mon 22 May 2023 08:14:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48988
IP address blocks: 213.148.0.0/20 maxlen: 20
213.148.16.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:86:19:a5:d0:73:b4:dc:f7:ca:20:6e:dd:cf:ec:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: May 22 08:14:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf4e7f036956295052d4dee5292e6f03a8e1970f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4e:a4:f3:10:40:ec:7f:06:15:e7:9b:52:29:
53:ed:4f:66:2a:c0:8b:2c:8f:ce:69:55:c3:f3:d0:
81:1c:e9:d4:e8:2d:e6:2d:95:84:83:0a:04:2f:c2:
9a:73:ac:4f:00:2e:2a:a0:0e:94:00:56:39:d1:78:
69:68:7f:0a:93:d3:da:45:9a:a3:b9:8f:6a:11:03:
b0:7c:8a:15:61:45:cd:49:13:0c:2f:b2:a4:2d:22:
a4:43:46:ac:09:84:4c:4f:0f:41:08:ca:4d:41:14:
a5:d4:ed:a4:72:e7:9b:08:44:7b:e9:5d:d7:8a:6f:
91:c5:be:a8:3a:10:29:eb:90:9c:db:8f:2d:73:16:
56:24:cc:8b:e0:8c:ba:72:f6:f6:84:a6:7f:4d:81:
a9:2e:89:8b:d0:e9:d4:c9:0e:dc:80:12:2b:7a:9f:
47:f6:e6:46:80:b8:00:b5:d6:19:0b:fb:67:f2:ea:
02:3e:a2:26:ea:16:1e:6e:0c:63:e3:b8:49:1c:7b:
70:8b:f9:d0:6e:a5:46:dc:09:8c:c5:00:ec:77:d8:
d3:76:57:e6:cc:3f:b3:81:f9:59:b3:62:4c:81:65:
b1:9f:76:84:de:2f:82:f4:a5:aa:5d:25:a6:06:9f:
43:07:98:ec:37:01:c6:79:ba:0b:68:3b:3d:de:4d:
ee:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4E:7F:03:69:56:29:50:52:D4:DE:E5:29:2E:6F:03:A8:E1:97:0F
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/v05_A2lWKVBS1N7lKS5vA6jhlw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.148.0.0/19
Signature Algorithm: sha256WithRSAEncryption
22:36:ac:0e:42:5c:02:07:a0:1d:6f:d1:1d:c9:db:59:bb:fe:
a1:6c:ee:4b:5b:e2:ee:84:62:ae:92:af:9e:50:f4:0a:7d:05:
dd:03:21:19:85:8d:65:a3:b4:f3:0f:78:7a:3c:64:14:f9:01:
e3:de:ca:77:06:b0:fc:69:fa:8c:c3:be:ab:ae:d5:bb:55:ef:
b4:89:26:18:28:65:1f:18:2a:f5:e8:5c:3f:44:6c:5f:ec:f8:
e3:26:d0:14:44:84:d8:85:a7:66:b0:2c:9b:7d:4d:30:76:ca:
f3:83:9f:17:b6:53:e4:44:3e:dc:ab:6f:4c:a1:79:4e:8b:4e:
8f:9b:1e:d8:b9:dd:42:49:e2:64:a7:23:ca:94:9d:28:71:92:
5d:e7:5b:e3:42:a8:41:d3:07:eb:0c:a7:2e:39:8e:23:c4:6c:
39:d9:e9:85:dc:a7:48:0f:36:31:1a:42:92:ba:0b:4b:20:d5:
0a:98:a2:ad:73:9b:fb:b0:6f:3c:b8:1b:00:fe:15:2b:d7:21:
77:e7:f9:da:a9:28:3e:7a:27:c7:b6:2e:b4:a7:03:ab:91:ac:
35:7e:c9:d7:56:fb:e8:8c:dc:9b:c0:3f:72:4b:31:cd:79:a2:
4a:64:d9:ca:69:49:8e:47:0b:6f:a3:c7:65:4e:e9:90:c0:85:
71:43:3b:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhChhml0HO03PfKIG7dz+x6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjMwNTIyMDgxNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjRlN2YwMzY5NTYyOTUwNTJkNGRlZTUyOTJlNmYwM2E4ZTE5NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlE6k8xBA7H8GFeebUilT7U9mKsCL
LI/OaVXD89CBHOnU6C3mLZWEgwoEL8Kac6xPAC4qoA6UAFY50XhpaH8Kk9PaRZqj
uY9qEQOwfIoVYUXNSRMML7KkLSKkQ0asCYRMTw9BCMpNQRSl1O2kcuebCER76V3X
im+Rxb6oOhAp65Cc248tcxZWJMyL4Iy6cvb2hKZ/TYGpLomL0OnUyQ7cgBIrep9H
9uZGgLgAtdYZC/tn8uoCPqIm6hYebgxj47hJHHtwi/nQbqVG3AmMxQDsd9jTdlfm
zD+zgflZs2JMgWWxn3aE3i+C9KWqXSWmBp9DB5jsNwHGeboLaDs93k3u7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9OfwNpVilQUtTe5SkubwOo4ZcPMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvdjA1X0EybFdLVkJTMU43bEtTNXZBNmpobHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1ZQAMA0G
CSqGSIb3DQEBCwUAA4IBAQAiNqwOQlwCB6Adb9EdydtZu/6hbO5LW+LuhGKukq+e
UPQKfQXdAyEZhY1lo7TzD3h6PGQU+QHj3sp3BrD8afqMw76rrtW7Ve+0iSYYKGUf
GCr16Fw/RGxf7PjjJtAURITYhadmsCybfU0wdsrzg58XtlPkRD7cq29MoXlOi06P
mx7Yud1CSeJkpyPKlJ0ocZJd51vjQqhB0wfrDKcuOY4jxGw52emF3KdIDzYxGkKS
ugtLINUKmKKtc5v7sG88uBsA/hUr1yF35/naqSg+eifHti60pwOrkaw1fsnXVvvo
jNybwD9ySzHNeaJKZNnKaUmORwtvo8dlTumQwIVxQzvD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:19 2024 by rpki-client on console-ams.rpki-client.org