Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/AtJ3pP0E-KRgo8Bag_RqGl66vxw.roa
File: AtJ3pP0E-KRgo8Bag_RqGl66vxw.roa (raw, json)
Hash identifier: hGDvQOpt+H+sITsGwORDnIZXwYLyd8MwXARkn6bWLYI=
Subject key identifier: 02:D2:77:A4:FD:04:F8:A4:60:A3:C0:5A:83:F4:6A:1A:5E:BA:BF:1C
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 432A6D8F
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/AtJ3pP0E-KRgo8Bag_RqGl66vxw.roa
Signing time: Wed 25 May 2022 15:06:14 +0000
ROA not before: Wed 25 May 2022 15:06:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39312
IP address blocks: 188.241.244.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1126854031 (0x432a6d8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 25 15:06:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02d277a4fd04f8a460a3c05a83f46a1a5ebabf1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:da:42:3c:ce:5f:0f:22:29:24:37:83:1f:50:
b4:f1:1d:16:f9:48:eb:2f:5b:5a:96:93:ad:0d:13:
38:a6:7c:6f:0a:26:ee:ce:c4:55:2d:02:db:6c:58:
a4:53:8c:8f:aa:28:38:0f:58:df:32:b5:79:88:5d:
b7:f2:3f:dc:fc:ce:76:3f:03:ee:fc:a1:65:72:13:
4e:09:5d:18:88:37:c1:23:10:f8:23:cd:7d:01:48:
c7:a9:e5:77:2d:92:1c:df:6e:11:f5:89:05:c3:dd:
91:22:49:2b:4f:35:db:80:bf:02:f1:71:47:06:fe:
b6:d3:a8:3c:5c:81:7a:f8:03:9f:8f:37:05:23:59:
7a:17:c6:d2:44:3b:43:4d:ec:ae:36:78:52:b1:da:
9a:70:36:3d:89:fc:13:1e:41:79:09:29:77:b6:2b:
c2:cf:2e:b3:13:97:79:5f:a6:a0:69:9d:55:f0:48:
40:10:1f:70:e0:81:7a:00:9f:bf:9c:d1:ec:9f:08:
5f:c2:0e:97:2d:24:16:4e:70:04:85:d1:97:2f:bd:
93:f6:92:bb:9c:42:17:ea:65:a0:a5:64:01:8f:6c:
1d:83:c7:68:8c:f4:af:dc:98:39:4d:d6:1b:ee:6e:
78:00:5e:ab:1d:e5:13:d2:c1:09:d4:e3:dc:1d:7a:
b4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D2:77:A4:FD:04:F8:A4:60:A3:C0:5A:83:F4:6A:1A:5E:BA:BF:1C
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/AtJ3pP0E-KRgo8Bag_RqGl66vxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.244.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:e3:e2:4c:13:f5:4a:52:1a:9e:f9:38:4c:21:b9:90:c7:45:
dc:b9:71:83:1f:c5:72:90:61:c0:42:53:e7:4d:54:a1:ab:98:
66:62:87:81:f3:cd:d8:6d:44:2b:bc:df:bd:a9:53:71:68:28:
5d:5a:bd:03:fe:20:e1:8d:a6:46:fc:70:48:cf:92:6b:6f:15:
49:cd:d8:5c:a3:47:42:70:5f:a5:0e:d5:59:2a:4e:3a:8f:9a:
1e:90:ac:9b:23:2c:0d:0b:8e:86:5e:4d:74:d3:0b:01:1d:b4:
b4:e1:30:dc:3a:1d:ab:19:74:10:5c:e6:c4:ce:8c:de:b3:51:
bd:6e:61:3d:61:4c:fb:bf:dd:17:6e:02:33:e0:41:3f:c5:e0:
48:b5:e0:a2:21:f5:c8:57:aa:5b:72:f3:86:77:61:0d:80:01:
c2:34:87:8c:02:46:dd:67:f6:1a:a9:33:03:9b:1c:63:68:22:
a0:90:e9:b5:e3:cb:48:c9:59:a3:30:7e:b9:28:f1:f8:ea:ab:
30:2f:b3:25:87:ac:ff:08:c7:49:3b:a6:5c:0e:c5:c2:97:fe:
d5:1b:c1:17:e1:98:67:39:84:a0:45:32:21:ef:df:6c:13:cd:
55:f4:68:d5:1e:81:01:b2:4a:a3:67:81:f6:3e:ef:90:0f:f6:
73:63:65:a3
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQyptjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUy
NTE1MDYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJkMjc3YTRmZDA0
ZjhhNDYwYTNjMDVhODNmNDZhMWE1ZWJhYmYxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfaQjzOXw8iKSQ3gx9QtPEdFvlI6y9bWpaTrQ0TOKZ8bwom
7s7EVS0C22xYpFOMj6ooOA9Y3zK1eYhdt/I/3PzOdj8D7vyhZXITTgldGIg3wSMQ
+CPNfQFIx6nldy2SHN9uEfWJBcPdkSJJK08124C/AvFxRwb+ttOoPFyBevgDn483
BSNZehfG0kQ7Q03srjZ4UrHamnA2PYn8Ex5BeQkpd7Yrws8usxOXeV+moGmdVfBI
QBAfcOCBegCfv5zR7J8IX8IOly0kFk5wBIXRly+9k/aSu5xCF+ploKVkAY9sHYPH
aIz0r9yYOU3WG+5ueABeqx3lE9LBCdTj3B16tDECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQC0nek/QT4pGCjwFqD9GoaXrq/HDAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9BdEozcFAwRS1LUmdvOEJhZ19ScUdsNjZ2eHcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvPH0MA0GCSqGSIb3DQEBCwUA
A4IBAQBc4+JME/VKUhqe+ThMIbmQx0XcuXGDH8VykGHAQlPnTVShq5hmYoeB883Y
bUQrvN+9qVNxaChdWr0D/iDhjaZG/HBIz5JrbxVJzdhco0dCcF+lDtVZKk46j5oe
kKybIywNC46GXk100wsBHbS04TDcOh2rGXQQXObEzozes1G9bmE9YUz7v90XbgIz
4EE/xeBIteCiIfXIV6pbcvOGd2ENgAHCNIeMAkbdZ/YaqTMDmxxjaCKgkOm148tI
yVmjMH65KPH46qswL7Mlh6z/CMdJO6ZcDsXCl/7VG8EX4ZhnOYSgRTIh799sE81V
9GjVHoEBskqjZ4H2Pu+QD/ZzY2Wj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:40 2025 by rpki-client