Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/iQqNVewkDbltm4-3G9GOtUBvn8E.roa
File: iQqNVewkDbltm4-3G9GOtUBvn8E.roa (raw, json)
Hash identifier: piym9q2v+7s4elkDAuLj15FtQBh53eSE5Ep1tPKpy7I=
Subject key identifier: 89:0A:8D:55:EC:24:0D:B9:6D:9B:8F:B7:1B:D1:8E:B5:40:6F:9F:C1
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0182561304AB8DC769B7A657CA7B58371B15
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/iQqNVewkDbltm4-3G9GOtUBvn8E.roa
Signing time: Sun 31 Jul 2022 21:04:23 +0000
ROA not before: Sun 31 Jul 2022 21:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57271
IP address blocks: 85.202.87.0/24 maxlen: 24
85.235.82.0/24 maxlen: 24
81.16.141.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:56:13:04:ab:8d:c7:69:b7:a6:57:ca:7b:58:37:1b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 31 21:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=890a8d55ec240db96d9b8fb71bd18eb5406f9fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:49:87:c6:12:83:95:35:84:5d:b4:00:73:df:
dd:4f:13:d0:47:ea:93:70:cb:26:3e:0c:a0:d6:69:
70:99:04:5a:52:86:cd:41:86:77:77:f0:82:dd:db:
3c:bc:b2:b7:30:65:f2:4c:8e:9c:ab:de:ce:4f:e7:
83:73:8a:0d:dc:99:ec:22:89:16:56:7f:d7:94:c0:
d3:e9:17:48:55:02:07:ed:34:ed:70:55:48:00:48:
03:64:36:97:a0:0d:bf:71:ae:3f:be:a4:75:fc:65:
1e:eb:19:8a:2e:6e:3e:af:4e:a5:9b:fc:b0:11:3e:
1b:a4:f3:ee:bf:af:b8:86:7a:72:0d:59:7b:25:8b:
fa:14:09:bf:40:20:e1:fb:c4:75:97:1c:99:ac:f5:
ed:99:a7:b1:2b:78:1b:e5:d4:c6:27:22:b2:29:17:
4c:64:2f:1e:96:33:aa:01:1c:56:13:72:9c:7d:4e:
4b:f3:86:93:ce:af:2b:59:39:b0:00:60:de:02:bc:
b2:71:d4:17:f5:0b:a8:ef:ad:87:83:7c:5a:53:f4:
2c:ee:81:10:e6:ff:b4:60:69:aa:68:f9:51:17:91:
fa:a7:6f:9b:d2:5d:b7:93:74:30:5e:71:c7:83:bc:
9c:bc:f6:3e:54:b2:30:1a:88:0f:32:37:eb:78:0c:
b2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0A:8D:55:EC:24:0D:B9:6D:9B:8F:B7:1B:D1:8E:B5:40:6F:9F:C1
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/iQqNVewkDbltm4-3G9GOtUBvn8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.141.0/24
85.202.87.0/24
85.235.82.0/24
Signature Algorithm: sha256WithRSAEncryption
75:fc:ef:1c:10:41:8b:48:1d:2f:bf:29:d5:df:e9:17:bc:ad:
d0:ac:5f:e0:0b:d8:2f:bb:c0:0b:f7:2b:5a:9f:9b:ee:37:c2:
17:86:be:fd:8d:76:32:a3:50:ba:14:f7:42:ec:58:de:59:a7:
69:5d:fe:fb:0f:d0:af:be:93:d2:28:1a:c7:02:64:72:96:8c:
c0:d0:03:fc:66:7e:1b:ac:e9:61:75:59:8d:5c:11:04:f5:3d:
9e:4d:d4:27:9f:00:8f:50:8a:5a:5b:15:49:06:64:2e:15:95:
68:0c:64:d1:0f:8e:fc:3d:9c:41:24:32:36:78:10:cd:63:57:
b9:c8:c9:5e:fc:08:5a:12:64:70:bf:f9:07:fa:c3:6e:a6:a2:
92:fe:d5:93:47:be:d9:ed:6b:55:a6:eb:4c:b3:ea:1e:59:39:
ee:18:e5:0f:8a:12:90:1d:7a:40:10:42:4d:7c:44:e9:e2:11:
bd:3e:d3:5a:ae:23:7a:61:7f:05:ad:44:fa:19:a1:d4:5b:5d:
a3:ef:4d:bf:cc:9b:03:e5:5f:c3:01:ba:8b:f5:f5:3b:5a:15:
f8:ae:ff:df:f5:20:65:66:46:14:2d:9e:df:69:07:94:ea:22:
e4:1d:e9:5b:be:00:7a:09:51:dc:f8:0c:3a:15:de:2f:69:e4:
5d:d2:50:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJWEwSrjcdpt6ZXyntYNxsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwNzMxMjEwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBhOGQ1NWVjMjQwZGI5NmQ5YjhmYjcxYmQxOGViNTQwNmY5ZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10mHxhKDlTWEXbQAc9/dTxPQR+qT
cMsmPgyg1mlwmQRaUobNQYZ3d/CC3ds8vLK3MGXyTI6cq97OT+eDc4oN3JnsIokW
Vn/XlMDT6RdIVQIH7TTtcFVIAEgDZDaXoA2/ca4/vqR1/GUe6xmKLm4+r06lm/yw
ET4bpPPuv6+4hnpyDVl7JYv6FAm/QCDh+8R1lxyZrPXtmaexK3gb5dTGJyKyKRdM
ZC8eljOqARxWE3KcfU5L84aTzq8rWTmwAGDeAryycdQX9Quo762Hg3xaU/Qs7oEQ
5v+0YGmqaPlRF5H6p2+b0l23k3QwXnHHg7ycvPY+VLIwGogPMjfreAyy0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIkKjVXsJA25bZuPtxvRjrVAb5/BMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvaVFxTlZld2tEYmx0bTQtM0c5R090VUJ2bjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURCNAwQA
VcpXAwQAVetSMA0GCSqGSIb3DQEBCwUAA4IBAQB1/O8cEEGLSB0vvynV3+kXvK3Q
rF/gC9gvu8AL9ytan5vuN8IXhr79jXYyo1C6FPdC7FjeWadpXf77D9CvvpPSKBrH
AmRylozA0AP8Zn4brOlhdVmNXBEE9T2eTdQnnwCPUIpaWxVJBmQuFZVoDGTRD478
PZxBJDI2eBDNY1e5yMle/AhaEmRwv/kH+sNupqKS/tWTR77Z7WtVputMs+oeWTnu
GOUPihKQHXpAEEJNfETp4hG9PtNariN6YX8FrUT6GaHUW12j702/zJsD5V/DAbqL
9fU7WhX4rv/f9SBlZkYULZ7faQeU6iLkHelbvgB6CVHc+Aw6Fd4vaeRd0lAM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org