Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PrLbRgcYWrl0uw6Miep_0NdMu7Y.roa
File: PrLbRgcYWrl0uw6Miep_0NdMu7Y.roa (raw, json)
Hash identifier: CAM3ScmiT7RK7ywzRo8b4aymv6Ti8t6v/W8Rblb2zG0=
Subject key identifier: 3E:B2:DB:46:07:18:5A:B9:74:BB:0E:8C:89:EA:7F:D0:D7:4C:BB:B6
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD52893AF9AB4488D66699487B172E4
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PrLbRgcYWrl0uw6Miep_0NdMu7Y.roa
Signing time: Mon 02 Jan 2023 00:15:18 +0000
ROA not before: Mon 02 Jan 2023 00:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49852
IP address blocks: 86.106.188.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:28:93:af:9a:b4:48:8d:66:69:94:87:b1:72:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eb2db4607185ab974bb0e8c89ea7fd0d74cbbb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fd:c7:9e:9f:ab:41:c7:6c:f1:01:da:d7:e8:
a3:e6:92:cd:8e:86:50:e0:da:02:9f:0c:d8:10:b7:
4d:7b:18:35:aa:7e:ac:f4:a2:4d:4e:2f:b7:1b:24:
20:07:b0:8a:2f:72:6d:1d:be:12:11:3e:67:54:92:
c9:ae:40:81:7e:f0:d6:a6:bd:81:43:64:7d:91:3c:
81:d4:65:de:11:50:86:0e:50:d6:94:85:9d:94:76:
6c:6d:bb:46:76:8d:f8:26:3d:45:46:9f:fb:5e:b8:
73:d3:c4:7e:95:dd:17:95:d2:5a:0e:59:0a:b3:36:
f4:87:38:dd:80:11:a9:4a:99:5a:2e:10:ac:b8:3c:
97:f3:e0:16:44:32:42:99:f7:0c:c0:87:af:96:77:
b9:e3:6c:96:8f:3f:47:e5:8a:93:3b:4a:09:aa:f1:
76:54:17:82:e7:c6:54:b0:de:a1:7d:65:48:af:69:
7f:f5:10:4c:ac:fe:07:31:7e:52:0a:b1:31:d5:9e:
f3:9d:c9:f7:03:9d:0f:0c:eb:29:ca:e3:5a:96:2d:
2f:43:6c:54:7b:24:8d:f2:f9:0d:4f:ba:d3:87:8c:
30:7f:6c:e9:03:20:db:56:7e:39:ca:2b:f9:e4:d7:
a5:1c:ee:2d:1e:14:9f:d6:74:64:b0:df:d3:3a:27:
96:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B2:DB:46:07:18:5A:B9:74:BB:0E:8C:89:EA:7F:D0:D7:4C:BB:B6
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PrLbRgcYWrl0uw6Miep_0NdMu7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.188.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:3e:02:9c:6e:be:3d:16:51:7e:11:33:fe:fa:d5:62:8f:3c:
02:ef:80:58:18:5b:cd:5d:3e:54:ab:d6:5f:e5:2d:93:70:7a:
44:35:bc:1f:15:35:61:51:97:4d:2c:d4:31:ea:5c:dd:3e:da:
19:7f:ff:a1:92:f6:a4:e0:50:c5:73:6e:c8:1a:4e:6a:50:68:
b4:a2:6c:97:d0:52:ae:47:d6:7b:4d:da:05:44:4d:c8:19:d1:
7b:f3:ed:ff:fe:75:2c:5f:fc:b3:67:59:6a:6c:e4:40:e8:19:
74:38:e5:25:9a:2e:d2:22:42:22:d5:d5:e0:0f:3e:3a:22:8c:
45:7b:c4:92:71:1e:64:80:7f:a1:cd:58:49:26:3d:a5:d6:d7:
02:83:d4:5b:4b:13:c4:87:0b:50:fe:6c:58:00:fa:31:4b:e3:
3a:26:6d:e7:1d:57:31:92:93:05:33:a2:cf:60:ad:8e:4a:d7:
91:2d:0a:b8:da:f2:d0:59:5c:da:34:95:bc:15:49:42:6f:0f:
49:04:82:2f:ae:55:ea:8e:3c:b9:20:51:74:27:c3:cf:96:7b:
2e:b0:fe:73:5f:58:f9:dd:d8:ba:f7:1f:76:25:f6:ac:4a:d6:
40:ae:2b:f4:d9:58:fd:e8:e3:fa:97:20:9b:d4:d5:34:26:b9:
79:b3:83:9f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1SiTr5q0SI1maZSHsXLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWIyZGI0NjA3MTg1YWI5NzRiYjBlOGM4OWVhN2ZkMGQ3NGNiYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv3Hnp+rQcds8QHa1+ij5pLNjoZQ
4NoCnwzYELdNexg1qn6s9KJNTi+3GyQgB7CKL3JtHb4SET5nVJLJrkCBfvDWpr2B
Q2R9kTyB1GXeEVCGDlDWlIWdlHZsbbtGdo34Jj1FRp/7Xrhz08R+ld0XldJaDlkK
szb0hzjdgBGpSplaLhCsuDyX8+AWRDJCmfcMwIevlne542yWjz9H5YqTO0oJqvF2
VBeC58ZUsN6hfWVIr2l/9RBMrP4HMX5SCrEx1Z7zncn3A50PDOspyuNali0vQ2xU
eySN8vkNT7rTh4wwf2zpAyDbVn45yiv55NelHO4tHhSf1nRksN/TOieWcQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD6y20YHGFq5dLsOjInqf9DXTLu2MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1ByTGJSZ2NZV3JsMHV3Nk1pZXBfME5kTXU3WS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJWarww
DQYJKoZIhvcNAQELBQADggEBALs+Apxuvj0WUX4RM/761WKPPALvgFgYW81dPlSr
1l/lLZNwekQ1vB8VNWFRl00s1DHqXN0+2hl//6GS9qTgUMVzbsgaTmpQaLSibJfQ
Uq5H1ntN2gVETcgZ0Xvz7f/+dSxf/LNnWWps5EDoGXQ45SWaLtIiQiLV1eAPPjoi
jEV7xJJxHmSAf6HNWEkmPaXW1wKD1FtLE8SHC1D+bFgA+jFL4zombecdVzGSkwUz
os9grY5K15EtCrja8tBZXNo0lbwVSUJvD0kEgi+uVeqOPLkgUXQnw8+Wey6w/nNf
WPnd2Lr3H3Yl9qxK1kCuK/TZWP3o4/qXIJvU1TQmuXmzg58=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:12 2023 by rpki-client on console-fra.rpki-client.org