Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/qo20pM20wtqk-XI8BRib4Eu48vE.roa
File: qo20pM20wtqk-XI8BRib4Eu48vE.roa (raw, json)
Hash identifier: pgsdqem/ZJRJoAKVA4DxODS+FcmCknZE75GUSsPyEYE=
Subject key identifier: AA:8D:B4:A4:CD:B4:C2:DA:A4:F9:72:3C:05:18:9B:E0:4B:B8:F2:F1
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 431651F9
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/qo20pM20wtqk-XI8BRib4Eu48vE.roa
Signing time: Tue 24 May 2022 08:40:13 +0000
ROA not before: Tue 24 May 2022 08:40:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48925
IP address blocks: 86.105.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1125536249 (0x431651f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 24 08:40:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa8db4a4cdb4c2daa4f9723c05189be04bb8f2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:96:c6:60:97:39:cc:6b:92:aa:a3:49:b0:f3:
f5:67:99:11:9b:8e:a7:14:d3:10:fb:bd:f1:d9:ad:
a4:34:87:cc:d3:46:a6:b1:96:e2:94:45:e5:bb:f9:
94:0c:d2:62:86:64:a1:8d:19:c6:98:8c:c5:f5:22:
75:e2:96:6b:68:35:4b:bc:a8:cf:b1:7a:53:cb:10:
5a:58:96:54:d9:c6:f2:a0:25:d0:5f:70:ef:1d:2c:
09:ad:dc:41:5f:25:d9:42:4b:51:b4:2b:04:ee:f7:
b7:11:04:eb:c2:3c:3c:8b:46:2b:a4:ae:71:33:d1:
96:25:61:39:0d:c4:45:f8:36:49:f2:cc:31:d9:b7:
87:79:85:37:e4:c5:93:b6:72:d5:f5:c9:23:0b:92:
da:cf:c6:8b:46:7b:0c:9d:0b:a7:7b:dd:a8:ca:0f:
3c:15:35:5c:f1:3c:3f:43:b3:ae:41:c3:60:0d:51:
81:5d:43:d2:70:a0:e5:7d:41:ab:fb:64:10:de:17:
12:01:8d:c9:a8:95:fc:00:d8:87:a2:6e:e0:57:95:
d8:31:2a:a8:41:43:d3:3b:b6:65:e6:aa:39:80:f6:
13:a0:b3:47:23:6c:c8:b2:3c:5e:30:31:04:81:dc:
a9:ee:43:8c:9e:64:41:73:68:5e:91:dc:f3:47:98:
06:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8D:B4:A4:CD:B4:C2:DA:A4:F9:72:3C:05:18:9B:E0:4B:B8:F2:F1
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/qo20pM20wtqk-XI8BRib4Eu48vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.220.0/24
Signature Algorithm: sha256WithRSAEncryption
ed:4c:cd:d7:5e:dd:55:ab:a2:2a:95:42:85:c8:34:fc:fd:df:
71:ec:b6:dc:e4:4e:2f:bc:b4:14:c5:3a:31:dc:71:33:58:00:
52:ad:06:34:c4:2e:71:0b:85:82:c3:42:a8:63:e8:55:d0:09:
96:27:5a:43:bb:a2:1e:db:8e:dd:5c:1b:f7:d5:5a:d2:1d:ce:
2a:d7:c0:cd:30:20:ef:37:aa:2e:b8:73:36:45:ea:86:1f:3f:
8a:80:9e:b1:0e:c2:d5:22:73:db:7f:1f:b1:a4:a8:c7:cb:39:
f7:2a:98:9f:c4:cd:70:21:8a:4a:26:7f:26:be:ef:d8:eb:22:
c0:38:ec:b4:72:f6:61:1d:4c:91:ea:9b:9a:74:34:04:52:43:
09:50:d5:fe:7a:a3:98:7a:28:30:b8:ce:78:fe:eb:87:43:39:
f6:25:5a:24:6d:33:52:54:c3:43:7c:da:9a:94:35:46:14:22:
30:38:29:f1:57:27:c5:22:bb:78:78:ae:41:bc:f2:99:56:dd:
c5:67:a0:15:39:da:d5:46:9a:c9:47:60:14:79:73:f6:3a:e2:
c9:28:c8:ac:47:fc:41:85:c4:06:5f:b2:cf:4f:f6:2c:65:90:
5c:2d:39:92:28:a9:d6:91:b8:ee:e5:13:b0:f7:63:ac:f4:c0:
f4:e9:b1:75
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQxZR+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUy
NDA4NDAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE4ZGI0YTRjZGI0
YzJkYWE0Zjk3MjNjMDUxODliZTA0YmI4ZjJmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuWxmCXOcxrkqqjSbDz9WeZEZuOpxTTEPu98dmtpDSHzNNG
prGW4pRF5bv5lAzSYoZkoY0ZxpiMxfUideKWa2g1S7yoz7F6U8sQWliWVNnG8qAl
0F9w7x0sCa3cQV8l2UJLUbQrBO73txEE68I8PItGK6SucTPRliVhOQ3ERfg2SfLM
Mdm3h3mFN+TFk7Zy1fXJIwuS2s/Gi0Z7DJ0Lp3vdqMoPPBU1XPE8P0OzrkHDYA1R
gV1D0nCg5X1Bq/tkEN4XEgGNyaiV/ADYh6Ju4FeV2DEqqEFD0zu2ZeaqOYD2E6Cz
RyNsyLI8XjAxBIHcqe5DjJ5kQXNoXpHc80eYBnECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSqjbSkzbTC2qT5cjwFGJvgS7jy8TAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9xbzIwcE0yMHd0cWstWEk4QlJpYjRFdTQ4dkUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmncMA0GCSqGSIb3DQEBCwUA
A4IBAQDtTM3XXt1Vq6IqlUKFyDT8/d9x7Lbc5E4vvLQUxTox3HEzWABSrQY0xC5x
C4WCw0KoY+hV0AmWJ1pDu6Ie247dXBv31VrSHc4q18DNMCDvN6ouuHM2ReqGHz+K
gJ6xDsLVInPbfx+xpKjHyzn3KpifxM1wIYpKJn8mvu/Y6yLAOOy0cvZhHUyR6pua
dDQEUkMJUNX+eqOYeigwuM54/uuHQzn2JVokbTNSVMNDfNqalDVGFCIwOCnxVyfF
Irt4eK5BvPKZVt3FZ6AVOdrVRprJR2AUeXP2OuLJKMisR/xBhcQGX7LPT/YsZZBc
LTmSKKnWkbju5ROw92Os9MD06bF1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org