Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/2f339b-f19f-452f-88be-29ffc4443901/1/Wtv9FwyHB8jn2T_UntID0cL8eUM.roa
File: Wtv9FwyHB8jn2T_UntID0cL8eUM.roa (raw, json)
Hash identifier: aBZ+wYxovRlCFPw/WPYvxmJkQKo1XvbgrVK7oUZGKDI=
Subject key identifier: 5A:DB:FD:17:0C:87:07:C8:E7:D9:3F:D4:9E:D2:03:D1:C2:FC:79:43
Certificate issuer: /CN=75535bade37a3d6fc380442a285e157b984ca91d
Certificate serial: 17127942
Authority key identifier: 75:53:5B:AD:E3:7A:3D:6F:C3:80:44:2A:28:5E:15:7B:98:4C:A9:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dVNbreN6PW_DgEQqKF4Ve5hMqR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/2f339b-f19f-452f-88be-29ffc4443901/1/Wtv9FwyHB8jn2T_UntID0cL8eUM.roa
Signing time: Sat 01 Jan 2022 12:06:45 +0000
ROA not before: Sat 01 Jan 2022 12:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41690
IP address blocks: 188.65.120.0/21 maxlen: 24
146.0.64.0/21 maxlen: 24
195.8.214.0/23 maxlen: 24
185.223.156.0/22 maxlen: 24
2a03:d1c0::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 387086658 (0x17127942)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75535bade37a3d6fc380442a285e157b984ca91d
Validity
Not Before: Jan 1 12:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5adbfd170c8707c8e7d93fd49ed203d1c2fc7943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e4:76:84:5d:ba:a9:96:58:d8:58:aa:e6:e8:
6f:eb:68:9e:fc:2b:ed:e0:42:75:94:b4:1d:da:9f:
ef:09:c5:ba:4b:d8:db:06:5d:20:86:25:22:09:a9:
8b:8b:ae:66:82:6a:5f:17:0d:55:b5:ce:a5:92:f5:
fa:cf:6e:70:1d:31:23:65:9a:4e:dc:67:fd:8e:ed:
20:d1:38:46:20:7e:ef:62:ee:d9:50:93:20:2c:4c:
ee:c4:bc:73:59:c1:a8:61:ac:f8:9e:78:81:47:1e:
fd:c9:95:c9:89:68:e5:7c:6e:df:91:25:10:75:5d:
1a:ee:2e:58:3c:d2:f9:85:10:ca:c5:d4:8b:24:6b:
8e:31:f1:04:13:f7:62:ef:a7:2a:94:23:1b:d4:9b:
dd:f8:54:45:55:67:a4:be:47:ec:71:3f:ef:3a:f9:
45:43:16:4d:54:14:f8:27:5f:62:30:2f:70:21:81:
d0:32:5e:3b:c6:5f:7d:29:5e:9e:7f:4a:08:9a:6a:
09:2d:5c:5f:34:62:81:9c:b6:cc:2d:0e:9d:ce:bf:
1c:d1:55:01:72:c0:94:95:6a:4d:e7:41:29:cc:2c:
f2:91:93:08:e2:0d:90:de:d6:d0:aa:05:18:1d:1c:
e9:e3:a0:e0:a0:b3:b8:89:b4:e1:52:88:62:ab:b1:
41:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:DB:FD:17:0C:87:07:C8:E7:D9:3F:D4:9E:D2:03:D1:C2:FC:79:43
X509v3 Authority Key Identifier:
keyid:75:53:5B:AD:E3:7A:3D:6F:C3:80:44:2A:28:5E:15:7B:98:4C:A9:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVNbreN6PW_DgEQqKF4Ve5hMqR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2f339b-f19f-452f-88be-29ffc4443901/1/Wtv9FwyHB8jn2T_UntID0cL8eUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2f339b-f19f-452f-88be-29ffc4443901/1/dVNbreN6PW_DgEQqKF4Ve5hMqR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.64.0/21
185.223.156.0/22
188.65.120.0/21
195.8.214.0/23
IPv6:
2a03:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:a9:c8:02:bd:c4:af:2e:8a:45:76:68:9f:88:1b:8a:66:5f:
0d:01:00:22:d4:ba:73:fc:22:c2:e7:bb:90:e6:2d:a0:e6:59:
4d:aa:38:db:01:4f:5e:cf:06:db:06:29:e4:90:ff:75:d6:90:
2c:92:04:06:f6:65:3f:55:07:7f:d8:8a:09:b0:00:7b:90:4b:
0a:07:ec:75:89:a9:3d:55:b4:9b:20:5b:30:29:8a:eb:ac:f1:
78:a3:f5:06:4f:66:43:8e:ae:f9:24:4a:30:a7:36:1d:75:95:
8d:9b:f3:46:6d:cf:30:05:cf:0b:c3:8f:e2:e2:52:e1:c4:47:
9e:e2:6b:4b:fc:17:45:45:9d:60:cd:be:37:25:8f:12:15:d4:
f2:3d:82:27:28:f7:69:e0:a2:41:83:da:1c:3e:6d:6a:91:b5:
94:a5:31:54:5e:9d:4b:e5:8b:f0:b6:0b:3f:db:9d:d6:82:e2:
d8:e3:57:3d:1a:5c:64:44:7d:77:3a:7c:67:58:61:e8:9a:73:
77:b2:bc:78:02:2f:65:95:d3:60:4e:2b:3f:75:d7:63:27:8c:
61:22:ad:e2:14:22:8e:a0:d3:f9:0d:83:d3:85:95:a6:05:47:
70:eb:a7:54:69:7a:22:32:ba:d0:93:3a:3f:4c:d6:22:75:8a:
25:04:63:6f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEFxJ5QjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTUzNWJhZGUzN2EzZDZmYzM4MDQ0MmEyODVlMTU3Yjk4NGNhOTFkMB4XDTIyMDEw
MTEyMDY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWFkYmZkMTcwYzg3
MDdjOGU3ZDkzZmQ0OWVkMjAzZDFjMmZjNzk0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXkdoRduqmWWNhYqubob+tonvwr7eBCdZS0Hdqf7wnFukvY
2wZdIIYlIgmpi4uuZoJqXxcNVbXOpZL1+s9ucB0xI2WaTtxn/Y7tINE4RiB+72Lu
2VCTICxM7sS8c1nBqGGs+J54gUce/cmVyYlo5Xxu35ElEHVdGu4uWDzS+YUQysXU
iyRrjjHxBBP3Yu+nKpQjG9Sb3fhURVVnpL5H7HE/7zr5RUMWTVQU+CdfYjAvcCGB
0DJeO8ZffSlenn9KCJpqCS1cXzRigZy2zC0Onc6/HNFVAXLAlJVqTedBKcws8pGT
COINkN7W0KoFGB0c6eOg4KCzuIm04VKIYquxQV0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRa2/0XDIcHyOfZP9Se0gPRwvx5QzAfBgNVHSMEGDAWgBR1U1ut43o9b8OA
RCooXhV7mEypHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RWTmJyZU42UFdfRGdFUXFLRjRWZTVoTXFSMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMmYzMzliLWYxOWYtNDUyZi04OGJlLTI5ZmZjNDQ0MzkwMS8x
L1d0djlGd3lIQjhqbjJUX1VudElEMGNMOGVVTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MmYzMzliLWYxOWYtNDUyZi04OGJlLTI5ZmZjNDQ0MzkwMS8xL2RWTmJyZU42UFdf
RGdFUXFLRjRWZTVoTXFSMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA5IAQAMEArnfnAMEA7xBeAMEAcMI
1jANBAIAAjAHAwUDKgPRwDANBgkqhkiG9w0BAQsFAAOCAQEAnanIAr3Ery6KRXZo
n4gbimZfDQEAItS6c/wiwue7kOYtoOZZTao42wFPXs8G2wYp5JD/ddaQLJIEBvZl
P1UHf9iKCbAAe5BLCgfsdYmpPVW0myBbMCmK66zxeKP1Bk9mQ46u+SRKMKc2HXWV
jZvzRm3PMAXPC8OP4uJS4cRHnuJrS/wXRUWdYM2+NyWPEhXU8j2CJyj3aeCiQYPa
HD5tapG1lKUxVF6dS+WL8LYLP9ud1oLi2ONXPRpcZER9dzp8Z1hh6Jpzd7K8eAIv
ZZXTYE4rP3XXYyeMYSKt4hQijqDT+Q2D04WVpgVHcOunVGl6IjK60JM6P0zWInWK
JQRjbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:39 2024 by rpki-client on console-ams.rpki-client.org