Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/tOkClpAeNrjyTncd_Tch_3N44cA.roa
File: tOkClpAeNrjyTncd_Tch_3N44cA.roa (raw, json)
Hash identifier: zE7x7S5EbqosSpbTV59g+FJF+jCCAO++7uCsEBWR9Zc=
Subject key identifier: B4:E9:02:96:90:1E:36:B8:F2:4E:77:1D:FD:37:21:FF:73:78:E1:C0
Certificate issuer: /CN=76b8ec733b9f994d5a858c5e555178e8ae8aa2ed
Certificate serial: 01EA1402
Authority key identifier: 76:B8:EC:73:3B:9F:99:4D:5A:85:8C:5E:55:51:78:E8:AE:8A:A2:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/drjsczufmU1ahYxeVVF46K6Kou0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/tOkClpAeNrjyTncd_Tch_3N44cA.roa
Signing time: Sat 01 Jan 2022 08:58:58 +0000
ROA not before: Sat 01 Jan 2022 08:58:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50873
IP address blocks: 185.79.125.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32117762 (0x1ea1402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76b8ec733b9f994d5a858c5e555178e8ae8aa2ed
Validity
Not Before: Jan 1 08:58:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4e90296901e36b8f24e771dfd3721ff7378e1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:de:bc:12:82:85:1e:a7:84:d1:f6:47:cb:a4:
e5:a6:07:08:de:f9:34:93:aa:d4:c4:2e:6e:a1:35:
cb:09:4e:6b:e1:30:e5:cf:6c:ef:d5:6e:9a:4b:df:
6a:e3:9a:5e:dd:12:61:c7:38:e4:dd:97:2f:c8:da:
c2:89:d4:ea:7a:78:8c:6d:fa:f4:eb:80:7a:de:71:
c7:23:19:79:d7:af:c7:52:b4:33:95:f6:d9:b1:76:
a0:50:11:c6:df:c2:d5:ef:20:59:b2:87:a9:15:8e:
3f:f6:d2:85:fe:1a:5c:86:6c:47:53:cd:f8:30:eb:
41:9c:e7:fc:0d:03:40:45:d6:93:f0:dc:16:a7:a9:
2f:d0:0f:85:3a:4e:60:15:bf:ca:6f:83:8c:79:7f:
c9:76:13:e0:0c:98:51:80:0a:60:87:f4:0f:d7:51:
b4:33:d8:90:43:4c:47:ee:f6:b7:af:39:c2:a6:c9:
ed:07:38:1e:4d:c5:82:e8:96:fe:57:5d:4c:54:aa:
d0:77:0d:b3:ef:92:34:0e:a2:25:3e:43:8a:b3:6f:
51:ad:11:31:e8:2b:62:f6:f7:13:1f:08:00:a6:6f:
a2:41:5e:d2:a8:14:2f:1a:ce:85:d2:a7:d0:65:e8:
40:e2:5c:97:2e:7b:96:d8:05:c2:50:9b:b6:77:de:
fb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E9:02:96:90:1E:36:B8:F2:4E:77:1D:FD:37:21:FF:73:78:E1:C0
X509v3 Authority Key Identifier:
keyid:76:B8:EC:73:3B:9F:99:4D:5A:85:8C:5E:55:51:78:E8:AE:8A:A2:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/drjsczufmU1ahYxeVVF46K6Kou0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/tOkClpAeNrjyTncd_Tch_3N44cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/drjsczufmU1ahYxeVVF46K6Kou0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.125.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:62:47:b4:18:9a:ca:4e:b3:ed:d5:09:1d:58:cc:8e:b1:8e:
17:66:73:c7:6b:00:0f:ef:11:69:07:e0:fc:0b:12:91:97:9d:
bd:ac:bc:e7:70:55:f0:43:e0:96:cf:7b:02:81:07:23:eb:10:
82:9d:81:25:bd:2d:35:43:1d:50:cf:d1:d6:09:48:0f:bd:ea:
7a:c1:94:f2:e0:07:04:fb:36:14:e2:b3:0e:77:12:1b:23:7c:
98:f5:81:b6:27:08:f9:65:f0:0b:dd:83:fd:ef:1b:6a:86:01:
ca:15:8b:57:43:00:8a:e0:a0:10:34:45:a8:62:cb:01:c6:7d:
26:c8:04:7c:09:0e:53:53:dd:24:58:b4:d1:95:5f:f2:b5:24:
7f:95:dc:68:04:1e:3a:01:a5:d3:24:eb:7f:4b:a4:cc:60:e3:
a5:56:ca:91:66:2b:08:8b:69:2f:2e:c8:0a:04:7e:4a:b5:98:
e6:db:64:81:f5:90:bd:61:11:a6:54:13:57:83:01:3a:2a:ed:
52:0a:72:a1:ba:1c:87:e9:ff:41:21:8e:34:21:29:45:df:0e:
4e:2d:3c:7c:91:bc:c4:2d:ee:d5:c1:32:f8:9e:4f:12:88:ea:
d5:6f:71:b1:b0:66:82:c6:9e:f2:02:0a:a6:38:ee:1f:53:98:
3c:9e:89:ae
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAeoUAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmI4ZWM3MzNiOWY5OTRkNWE4NThjNWU1NTUxNzhlOGFlOGFhMmVkMB4XDTIyMDEw
MTA4NTg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRlOTAyOTY5MDFl
MzZiOGYyNGU3NzFkZmQzNzIxZmY3Mzc4ZTFjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPHevBKChR6nhNH2R8uk5aYHCN75NJOq1MQubqE1ywlOa+Ew
5c9s79VumkvfauOaXt0SYcc45N2XL8jawonU6np4jG369OuAet5xxyMZedevx1K0
M5X22bF2oFARxt/C1e8gWbKHqRWOP/bShf4aXIZsR1PN+DDrQZzn/A0DQEXWk/Dc
FqepL9APhTpOYBW/ym+DjHl/yXYT4AyYUYAKYIf0D9dRtDPYkENMR+72t685wqbJ
7Qc4Hk3FguiW/lddTFSq0HcNs++SNA6iJT5DirNvUa0RMegrYvb3Ex8IAKZvokFe
0qgULxrOhdKn0GXoQOJcly57ltgFwlCbtnfe+8sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS06QKWkB42uPJOdx39NyH/c3jhwDAfBgNVHSMEGDAWgBR2uOxzO5+ZTVqF
jF5VUXjoroqi7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RyanNjenVmbVUxYWhZeGVWVkY0Nks2S291MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvZWI0YzZlLWEyYjAtNGU1Yi05YWVhLThiN2NmOWI4Njc2NC8x
L3RPa0NscEFlTnJqeVRuY2RfVGNoXzNONDRjQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
ZWI0YzZlLWEyYjAtNGU1Yi05YWVhLThiN2NmOWI4Njc2NC8xL2RyanNjenVmbVUx
YWhZeGVWVkY0Nks2S291MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlPfTANBgkqhkiG9w0BAQsFAAOC
AQEAW2JHtBiayk6z7dUJHVjMjrGOF2Zzx2sAD+8RaQfg/AsSkZedvay853BV8EPg
ls97AoEHI+sQgp2BJb0tNUMdUM/R1glID73qesGU8uAHBPs2FOKzDncSGyN8mPWB
ticI+WXwC92D/e8baoYByhWLV0MAiuCgEDRFqGLLAcZ9JsgEfAkOU1PdJFi00ZVf
8rUkf5XcaAQeOgGl0yTrf0ukzGDjpVbKkWYrCItpLy7ICgR+SrWY5ttkgfWQvWER
plQTV4MBOirtUgpyoboch+n/QSGONCEpRd8OTi08fJG8xC3u1cEy+J5PEojq1W9x
sbBmgsae8gIKpjjuH1OYPJ6Jrg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:43 2023 by rpki-client on console-ams.rpki-client.org