Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/wBVhoXDJUSfEM1gCvx_YRX4e5Rg.roa
File: wBVhoXDJUSfEM1gCvx_YRX4e5Rg.roa (raw, json)
Hash identifier: JZ8D3HHFwi9iZNnfTD2oY544qCVmIyU3payr4/heL+c=
Subject key identifier: C0:15:61:A1:70:C9:51:27:C4:33:58:02:BF:1F:D8:45:7E:1E:E5:18
Certificate issuer: /CN=942588b91da9cca81b49e603a988e2b1eabddc98
Certificate serial: 0185E81476BF0D19D4DB7336C83D855C6F60
Authority key identifier: 94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/wBVhoXDJUSfEM1gCvx_YRX4e5Rg.roa
Signing time: Wed 25 Jan 2023 08:38:53 +0000
ROA not before: Wed 25 Jan 2023 08:38:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34661
IP address blocks: 45.149.24.0/22 maxlen: 22
89.28.206.0/23 maxlen: 23
89.28.200.0/21 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:14:76:bf:0d:19:d4:db:73:36:c8:3d:85:5c:6f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942588b91da9cca81b49e603a988e2b1eabddc98
Validity
Not Before: Jan 25 08:38:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c01561a170c95127c4335802bf1fd8457e1ee518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c2:6f:06:9f:c1:8f:5f:e4:a7:1c:00:33:e5:
1a:3d:5c:89:57:51:3e:25:3a:24:11:ff:13:b7:bc:
a5:bd:9a:b1:e6:4e:f1:1b:0f:9b:68:68:6f:09:17:
68:1e:ec:95:df:80:4c:c3:46:a8:e6:8f:a5:ba:1f:
2b:27:95:01:2a:b0:49:d8:65:26:a2:ae:48:1c:8e:
24:bd:ec:dc:6f:41:dc:dc:ea:0e:5e:d8:a1:28:ec:
17:b4:b2:15:68:85:e4:fc:a5:58:95:a7:71:83:c6:
73:53:d3:0b:a0:72:1b:c8:01:41:0e:18:80:74:5f:
3a:35:50:d2:50:3d:f5:cf:85:64:96:f2:0a:fd:1b:
ac:02:2c:ef:9d:73:a5:bf:20:f8:0c:e6:f6:b7:79:
b8:e8:20:66:60:29:1f:b0:f1:7c:9f:20:ad:88:45:
5a:01:05:bb:ab:71:47:65:a3:1e:71:8e:0a:b7:d2:
91:8f:87:15:9b:9e:94:fb:f1:26:5b:69:da:9c:ca:
94:22:ed:f9:5d:95:f2:08:88:4b:cb:f3:c1:e1:eb:
de:d5:52:5b:22:e2:cd:23:33:36:ff:40:57:e1:dc:
ac:11:b6:00:8c:94:e2:3a:fc:9f:47:ee:a3:d9:4c:
51:ba:75:dc:08:92:11:d5:53:5d:3f:9f:d8:2f:5e:
d1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:15:61:A1:70:C9:51:27:C4:33:58:02:BF:1F:D8:45:7E:1E:E5:18
X509v3 Authority Key Identifier:
keyid:94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/wBVhoXDJUSfEM1gCvx_YRX4e5Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.24.0/22
89.28.200.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:95:cc:22:a0:d4:a5:8e:90:fd:14:df:ff:34:0d:51:1e:2b:
0e:32:95:d4:2d:ac:4f:9f:48:6d:1a:64:9b:6c:01:57:1e:b8:
41:35:fe:43:fe:55:80:23:24:ef:08:57:5b:b9:f0:fc:d3:7b:
e6:ab:e3:ec:ba:16:6f:ab:1c:fe:15:97:3b:1c:bd:dc:20:60:
ce:09:64:9c:15:6a:8d:1c:fd:cd:82:71:a7:bf:08:94:3c:02:
91:e2:be:bc:ac:b0:a8:f5:54:fa:99:d3:d1:48:c0:bd:12:cd:
f2:ff:a0:b6:fb:11:d7:7a:26:e2:f7:a2:ac:c6:68:c5:dd:50:
d1:fd:db:48:be:60:c6:9e:83:c0:d5:72:19:c5:e8:a1:f2:85:
49:10:fd:80:e5:55:28:8d:68:78:a3:6f:6d:7a:dc:f6:d7:cc:
97:77:ea:39:1a:3a:38:ee:91:b7:29:41:8c:ba:1f:25:2e:cf:
7b:3b:3e:9d:eb:cc:04:5a:c8:7e:44:c5:4a:06:f7:97:6d:81:
6d:89:39:64:9b:c8:99:49:12:75:77:9c:ac:3c:6b:48:02:e1:
c3:6f:63:55:17:70:3b:ca:7a:2d:6b:10:80:db:83:b8:57:b0:
f5:9c:8d:7f:8f:ea:1f:98:82:87:ce:c5:d2:47:0d:13:16:ae:
ba:c4:df:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXoFHa/DRnU23M2yD2FXG9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjU4OGI5MWRhOWNjYTgxYjQ5ZTYwM2E5ODhlMmIxZWFi
ZGRjOTgwHhcNMjMwMTI1MDgzODUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDE1NjFhMTcwYzk1MTI3YzQzMzU4MDJiZjFmZDg0NTdlMWVlNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8JvBp/Bj1/kpxwAM+UaPVyJV1E+
JTokEf8Tt7ylvZqx5k7xGw+baGhvCRdoHuyV34BMw0ao5o+luh8rJ5UBKrBJ2GUm
oq5IHI4kvezcb0Hc3OoOXtihKOwXtLIVaIXk/KVYladxg8ZzU9MLoHIbyAFBDhiA
dF86NVDSUD31z4VklvIK/RusAizvnXOlvyD4DOb2t3m46CBmYCkfsPF8nyCtiEVa
AQW7q3FHZaMecY4Kt9KRj4cVm56U+/EmW2nanMqUIu35XZXyCIhLy/PB4eve1VJb
IuLNIzM2/0BX4dysEbYAjJTiOvyfR+6j2UxRunXcCJIR1VNdP5/YL17R/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMAVYaFwyVEnxDNYAr8f2EV+HuUYMB8GA1UdIwQY
MBaAFJQliLkdqcyoG0nmA6mI4rHqvdyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQt
NjVkYWFkNjMyOTU3LzEvd0JWaG9YREpVU2ZFTTFnQ3Z4X1lSWDRlNVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQtNjVkYWFkNjMyOTU3
LzEvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZUYAwQD
WRzIMA0GCSqGSIb3DQEBCwUAA4IBAQA9lcwioNSljpD9FN//NA1RHisOMpXULaxP
n0htGmSbbAFXHrhBNf5D/lWAIyTvCFdbufD803vmq+PsuhZvqxz+FZc7HL3cIGDO
CWScFWqNHP3NgnGnvwiUPAKR4r68rLCo9VT6mdPRSMC9Es3y/6C2+xHXeibi96Ks
xmjF3VDR/dtIvmDGnoPA1XIZxeih8oVJEP2A5VUojWh4o29tetz218yXd+o5Gjo4
7pG3KUGMuh8lLs97Oz6d68wEWsh+RMVKBveXbYFtiTlkm8iZSRJ1d5ysPGtIAuHD
b2NVF3A7ynotaxCA24O4V7D1nI1/j+ofmIKHzsXSRw0TFq66xN+B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:22 2024 by rpki-client on console-fra.rpki-client.org