Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/FkDnSSIR8jWI8b2PmhdGDsRGuQ8.roa
File: FkDnSSIR8jWI8b2PmhdGDsRGuQ8.roa (raw, json)
Hash identifier: T5uWkGM7OYmTWodILqm/uSKENOEi45y71QULK/pkMjM=
Subject key identifier: 16:40:E7:49:22:11:F2:35:88:F1:BD:8F:9A:17:46:0E:C4:46:B9:0F
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 018C684C1B40AE0331315E429A5D32B289F3
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/FkDnSSIR8jWI8b2PmhdGDsRGuQ8.roa
Signing time: Thu 14 Dec 2023 12:27:47 +0000
ROA not before: Thu 14 Dec 2023 12:27:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206509
IP address blocks: 194.46.32.0/19 maxlen: 19
194.46.64.0/19 maxlen: 19
91.85.0.0/16 maxlen: 16
194.46.80.0/20 maxlen: 20
212.104.128.0/19 maxlen: 19
212.108.80.0/21 maxlen: 21
212.108.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:4c:1b:40:ae:03:31:31:5e:42:9a:5d:32:b2:89:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Dec 14 12:27:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1640e7492211f23588f1bd8f9a17460ec446b90f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:75:6a:a3:27:80:8f:09:fa:26:2c:94:c8:e1:
db:4d:fa:cf:fa:6b:ea:f6:30:1d:27:b6:49:28:66:
8f:5d:c2:62:51:ca:59:55:60:93:00:23:06:fc:08:
f8:33:ae:69:60:a6:c1:14:fa:57:9e:0c:45:32:94:
8c:98:22:6a:11:ac:f0:b8:38:56:c3:7d:68:24:c2:
cb:2b:85:10:a7:38:41:fd:17:3a:cc:f2:36:2f:04:
6c:51:93:da:62:cd:b7:2f:29:da:96:18:a1:b2:85:
34:9f:41:92:e2:1a:94:5b:0d:03:9d:1f:b7:9e:fb:
fd:d8:c3:8e:56:cf:1f:68:e7:b3:3d:a8:11:69:49:
03:91:fe:91:c5:85:5d:31:2b:df:39:0e:00:52:c3:
2f:c5:85:77:30:f3:61:6b:e8:77:0f:91:37:ce:f7:
f8:88:39:a4:71:df:db:85:95:7c:35:b7:cc:31:12:
77:39:f5:d8:37:c1:ae:cd:74:b0:2a:b8:01:fc:49:
0a:29:33:f7:52:07:15:2e:b4:67:71:81:de:ac:f5:
7d:2d:77:67:1f:10:24:6c:1d:ca:c8:b9:af:47:ff:
df:64:17:ba:81:ee:82:e4:7b:82:4e:5e:70:ea:57:
3c:13:46:16:fd:69:bd:ae:00:88:4a:c5:53:dc:46:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:40:E7:49:22:11:F2:35:88:F1:BD:8F:9A:17:46:0E:C4:46:B9:0F
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/FkDnSSIR8jWI8b2PmhdGDsRGuQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.85.0.0/16
194.46.32.0-194.46.95.255
212.104.128.0/19
212.108.80.0-212.108.91.255
Signature Algorithm: sha256WithRSAEncryption
04:0d:b1:51:65:8c:98:e2:58:db:53:7c:a6:df:04:16:db:32:
43:d2:c4:d9:ef:05:74:20:de:80:f5:66:5a:c4:2e:e0:e6:7d:
81:3d:3c:41:91:4e:3e:bf:5e:9f:d7:64:57:e6:69:32:5a:4a:
27:54:d3:bc:dc:f1:6b:db:8e:7f:ad:36:31:1b:f6:28:c4:9f:
b0:15:4c:44:27:aa:a9:21:f4:93:b4:33:33:ab:5a:12:41:25:
e0:c4:8d:cf:68:65:24:0b:7d:5d:58:b3:dd:71:03:73:97:be:
d2:0d:2d:e9:63:78:95:97:e2:e7:8b:77:5c:e7:d1:57:01:b1:
52:e0:f3:27:43:74:dd:ea:0e:1c:90:48:7b:4e:b0:8d:a5:f3:
64:89:45:cb:b5:7a:10:2f:0d:93:26:40:9b:d8:ce:57:ca:b6:
13:46:06:66:b1:15:6a:13:28:75:e4:35:eb:ac:62:e6:96:16:
76:9a:4a:d8:26:75:57:6c:cb:b5:86:0e:65:28:4f:56:96:cb:
9d:e0:e2:63:24:86:d3:c7:d8:75:68:30:55:7c:6b:61:77:7b:
67:31:3d:1a:fe:cc:a8:40:51:d1:cf:33:ff:73:78:71:a5:c0:
73:d7:0a:63:b6:ae:fa:fd:54:2b:ef:1a:40:83:99:77:68:f8:
5e:e5:ee:82
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYxoTBtArgMxMV5Cml0ysonzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjMxMjE0MTIyNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjQwZTc0OTIyMTFmMjM1ODhmMWJkOGY5YTE3NDYwZWM0NDZiOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXVqoyeAjwn6JiyUyOHbTfrP+mvq
9jAdJ7ZJKGaPXcJiUcpZVWCTACMG/Aj4M65pYKbBFPpXngxFMpSMmCJqEazwuDhW
w31oJMLLK4UQpzhB/Rc6zPI2LwRsUZPaYs23LynalhihsoU0n0GS4hqUWw0DnR+3
nvv92MOOVs8faOezPagRaUkDkf6RxYVdMSvfOQ4AUsMvxYV3MPNha+h3D5E3zvf4
iDmkcd/bhZV8NbfMMRJ3OfXYN8GuzXSwKrgB/EkKKTP3UgcVLrRncYHerPV9LXdn
HxAkbB3KyLmvR//fZBe6ge6C5HuCTl5w6lc8E0YW/Wm9rgCISsVT3EbC2QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBZA50kiEfI1iPG9j5oXRg7ERrkPMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvRmtEblNTSVI4aldJOGIyUG1oZEdEc1JHdVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMAW1UwDAME
BcIuIAMEBcIuQAMEBdRogDAMAwQE1GxQAwQC1GxYMA0GCSqGSIb3DQEBCwUAA4IB
AQAEDbFRZYyY4ljbU3ym3wQW2zJD0sTZ7wV0IN6A9WZaxC7g5n2BPTxBkU4+v16f
12RX5mkyWkonVNO83PFr245/rTYxG/YoxJ+wFUxEJ6qpIfSTtDMzq1oSQSXgxI3P
aGUkC31dWLPdcQNzl77SDS3pY3iVl+Lni3dc59FXAbFS4PMnQ3Td6g4ckEh7TrCN
pfNkiUXLtXoQLw2TJkCb2M5XyrYTRgZmsRVqEyh15DXrrGLmlhZ2mkrYJnVXbMu1
hg5lKE9Wlsud4OJjJIbTx9h1aDBVfGthd3tnMT0a/syoQFHRzzP/c3hxpcBz1wpj
tq76/VQr7xpAg5l3aPhe5e6C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:37 2024 by rpki-client on console-ams.rpki-client.org