Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/t_FB8apTKaXmyo2ybL5cux5KxXk.roa
File: t_FB8apTKaXmyo2ybL5cux5KxXk.roa (raw, json)
Hash identifier: xNeP/ajxQY06rpXpA0ugfAt6iriJfZJb8heFUcpAwCY=
Subject key identifier: B7:F1:41:F1:AA:53:29:A5:E6:CA:8D:B2:6C:BE:5C:BB:1E:4A:C5:79
Certificate issuer: /CN=e25c1ddccda09099e396622868f4afcc8e8b56bc
Certificate serial: 01856E5D53D32BF29B88EB662EDB5A03E648
Authority key identifier: E2:5C:1D:DC:CD:A0:90:99:E3:96:62:28:68:F4:AF:CC:8E:8B:56:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4lwd3M2gkJnjlmIoaPSvzI6LVrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/t_FB8apTKaXmyo2ybL5cux5KxXk.roa
Signing time: Sun 01 Jan 2023 17:24:48 +0000
ROA not before: Sun 01 Jan 2023 17:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57752
IP address blocks: 185.167.220.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:53:d3:2b:f2:9b:88:eb:66:2e:db:5a:03:e6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e25c1ddccda09099e396622868f4afcc8e8b56bc
Validity
Not Before: Jan 1 17:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7f141f1aa5329a5e6ca8db26cbe5cbb1e4ac579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:74:bc:a9:02:87:1d:e3:07:3e:09:9e:db:4c:
d9:0b:a3:a6:11:c8:46:63:d1:d1:5d:92:17:bd:a9:
b5:17:06:b8:41:31:b2:74:49:83:1a:5f:74:98:32:
ca:a9:04:be:eb:4a:53:3a:57:97:1a:41:7a:ee:17:
6f:04:ec:68:a6:3c:de:5b:35:0d:11:2d:d1:5b:1e:
3b:df:dc:ae:5d:da:ea:c1:82:21:d4:15:27:6a:fe:
fd:e4:53:4e:47:d3:2c:77:d4:67:35:28:3c:3f:08:
1c:08:fc:23:8d:e6:62:50:03:ed:12:56:1e:5e:25:
34:47:e3:06:95:14:da:ee:06:11:14:53:0b:bc:9f:
3e:d4:b7:96:83:e2:12:68:b7:69:bf:54:9c:7c:43:
b9:fd:93:f2:1d:8c:74:db:09:c1:51:f8:3a:30:45:
0e:d1:79:f5:01:e9:72:67:20:59:32:e2:fb:30:c8:
84:32:44:fc:9e:7c:82:7f:34:9e:82:ae:d3:1b:6f:
c0:f4:6d:f4:80:e1:86:8d:82:eb:2f:94:8e:c7:42:
bf:b0:e5:fb:5e:39:f8:38:8e:c7:28:f7:7a:d3:f1:
f4:bb:a1:e2:47:f2:99:41:2e:e6:15:bb:88:4e:87:
f3:b4:b0:45:ae:07:72:96:83:41:f8:62:3b:71:a4:
3e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F1:41:F1:AA:53:29:A5:E6:CA:8D:B2:6C:BE:5C:BB:1E:4A:C5:79
X509v3 Authority Key Identifier:
keyid:E2:5C:1D:DC:CD:A0:90:99:E3:96:62:28:68:F4:AF:CC:8E:8B:56:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4lwd3M2gkJnjlmIoaPSvzI6LVrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/t_FB8apTKaXmyo2ybL5cux5KxXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/4lwd3M2gkJnjlmIoaPSvzI6LVrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.220.0/22
Signature Algorithm: sha256WithRSAEncryption
20:74:c3:a5:b3:2b:c1:a4:6b:12:ca:61:cb:6e:30:62:df:88:
3b:a3:79:49:52:56:59:87:3b:65:89:0f:1a:d5:f4:fd:5a:47:
10:59:67:eb:bd:14:05:3e:5f:79:72:16:9b:89:cb:b3:fc:16:
2c:f3:c2:cf:9a:d5:f5:49:34:48:00:98:00:73:41:91:30:20:
3e:8c:86:f4:a3:e9:e3:97:8e:53:3f:7b:23:81:47:f8:40:28:
ad:ca:0e:cc:b2:6d:b4:33:a2:24:01:5a:dd:bd:99:5e:9f:44:
ce:ee:00:f3:78:d3:7a:73:59:cb:43:5a:e1:e5:96:7b:19:43:
9c:5d:49:56:66:91:d5:1e:4b:ad:3f:be:e3:10:f6:65:85:73:
27:b7:d9:1b:37:e2:bc:76:79:d9:15:d9:dd:10:a5:c8:1e:e0:
0d:53:56:93:b2:61:4a:87:81:59:d2:39:ae:61:0d:b0:dd:74:
90:5d:c2:a4:fa:35:b4:b2:5c:67:9e:0c:97:bd:16:93:df:46:
fb:c8:2c:5c:0a:e5:d0:15:8e:91:b9:02:0c:d0:12:ef:98:b3:
32:53:3d:08:05:10:a6:87:56:95:2e:9a:71:ff:c2:9c:fc:4d:
df:59:84:18:db:6a:40:01:93:81:fa:44:c8:85:25:bd:06:6f:
00:59:9a:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXVPTK/KbiOtmLttaA+ZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNWMxZGRjY2RhMDkwOTllMzk2NjIyODY4ZjRhZmNjOGU4
YjU2YmMwHhcNMjMwMTAxMTcyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2YxNDFmMWFhNTMyOWE1ZTZjYThkYjI2Y2JlNWNiYjFlNGFjNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23S8qQKHHeMHPgme20zZC6OmEchG
Y9HRXZIXvam1Fwa4QTGydEmDGl90mDLKqQS+60pTOleXGkF67hdvBOxopjzeWzUN
ES3RWx4739yuXdrqwYIh1BUnav795FNOR9Msd9RnNSg8PwgcCPwjjeZiUAPtElYe
XiU0R+MGlRTa7gYRFFMLvJ8+1LeWg+ISaLdpv1ScfEO5/ZPyHYx02wnBUfg6MEUO
0Xn1AelyZyBZMuL7MMiEMkT8nnyCfzSegq7TG2/A9G30gOGGjYLrL5SOx0K/sOX7
Xjn4OI7HKPd60/H0u6HiR/KZQS7mFbuITofztLBFrgdyloNB+GI7caQ+SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLfxQfGqUyml5sqNsmy+XLseSsV5MB8GA1UdIwQY
MBaAFOJcHdzNoJCZ45ZiKGj0r8yOi1a8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGx3ZDNNMmdrSm5qbG1Jb2FQU3Z6STZMVnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8zN2I1ODUtMGUzZC00YmY2LWI5ZmUt
ZGI4ZTlhZWY5ZmIwLzEvdF9GQjhhcFRLYVhteW8yeWJMNWN1eDVLeFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8zN2I1ODUtMGUzZC00YmY2LWI5ZmUtZGI4ZTlhZWY5ZmIw
LzEvNGx3ZDNNMmdrSm5qbG1Jb2FQU3Z6STZMVnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuafcMA0G
CSqGSIb3DQEBCwUAA4IBAQAgdMOlsyvBpGsSymHLbjBi34g7o3lJUlZZhztliQ8a
1fT9WkcQWWfrvRQFPl95chabicuz/BYs88LPmtX1STRIAJgAc0GRMCA+jIb0o+nj
l45TP3sjgUf4QCityg7Msm20M6IkAVrdvZlen0TO7gDzeNN6c1nLQ1rh5ZZ7GUOc
XUlWZpHVHkutP77jEPZlhXMnt9kbN+K8dnnZFdndEKXIHuANU1aTsmFKh4FZ0jmu
YQ2w3XSQXcKk+jW0slxnngyXvRaT30b7yCxcCuXQFY6RuQIM0BLvmLMyUz0IBRCm
h1aVLppx/8Kc/E3fWYQY22pAAZOB+kTIhSW9Bm8AWZqK
-----END CERTIFICATE-----
Generated at Mon Oct 30 08:44:21 2023 by rpki-client on console-ams.rpki-client.org