Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/q0xB0bywPi7EGP_ps67zSspNyRI.roa
File: q0xB0bywPi7EGP_ps67zSspNyRI.roa (raw, json)
Hash identifier: ZQ0fpxKhgxybkmnVkdCt6sz1eM5cXppLomu6C4z7svo=
Subject key identifier: AB:4C:41:D1:BC:B0:3E:2E:C4:18:FF:E9:B3:AE:F3:4A:CA:4D:C9:12
Certificate issuer: /CN=bde75079618691bae1f47bcbed52314496963891
Certificate serial: 01856E5D529901226DC21BAAF9E2BC5701B1
Authority key identifier: BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/q0xB0bywPi7EGP_ps67zSspNyRI.roa
Signing time: Sun 01 Jan 2023 17:24:47 +0000
ROA not before: Sun 01 Jan 2023 17:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 88.218.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:52:99:01:22:6d:c2:1b:aa:f9:e2:bc:57:01:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde75079618691bae1f47bcbed52314496963891
Validity
Not Before: Jan 1 17:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab4c41d1bcb03e2ec418ffe9b3aef34aca4dc912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6f:33:5d:6a:6f:8f:67:d6:e8:4f:8b:8b:5b:
0c:72:59:57:dc:2f:54:da:04:7b:6b:7b:41:f9:eb:
9b:7f:d9:c0:57:06:01:52:eb:68:72:9c:bf:5e:6e:
10:7b:bb:de:88:8b:cd:7e:6e:68:e9:ae:64:d9:dd:
95:1e:9b:62:c8:9e:4d:fb:3b:9a:42:75:88:32:f3:
31:e5:4d:4f:b2:13:d1:71:87:50:26:71:f3:e3:84:
c1:5d:d7:9f:0c:53:db:05:ac:47:2c:53:03:8b:59:
f1:20:9e:8e:3b:e8:00:cd:66:37:44:cf:80:e9:a0:
ca:b9:37:c0:71:ad:a8:01:60:2d:74:a1:f5:79:90:
1c:88:31:9c:94:e9:31:b8:9d:cf:84:c6:7b:79:47:
00:02:84:11:18:94:67:19:eb:96:b8:73:87:8f:b4:
45:09:70:82:97:68:99:0b:a6:1e:0c:ac:63:82:be:
7a:79:4d:f8:09:98:5e:05:1a:6e:5b:fc:66:76:7d:
ae:90:ae:73:84:aa:3b:29:82:64:b4:4e:38:b9:23:
d7:5e:2c:af:f6:72:9f:7e:c0:3f:56:79:cf:ca:1a:
8e:eb:94:c9:ea:a6:22:4d:f4:f9:21:b9:82:03:f6:
36:28:c9:80:8c:da:7f:cf:3a:e4:a8:ff:ca:65:8c:
4b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4C:41:D1:BC:B0:3E:2E:C4:18:FF:E9:B3:AE:F3:4A:CA:4D:C9:12
X509v3 Authority Key Identifier:
keyid:BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/q0xB0bywPi7EGP_ps67zSspNyRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/vedQeWGGkbrh9HvL7VIxRJaWOJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.172.0/22
Signature Algorithm: sha256WithRSAEncryption
39:85:5a:da:32:97:ca:42:27:80:15:e4:36:37:71:f0:60:e5:
42:df:9e:43:43:ae:20:24:8c:a7:d0:69:27:09:76:d1:b2:e4:
2c:c0:29:16:5c:23:1b:c9:85:ec:ed:08:cb:45:fe:c7:3c:5a:
7d:a9:f3:6d:f1:0d:3f:96:c0:64:29:b2:99:9d:d6:76:8c:95:
db:7e:9f:bd:18:63:d6:bd:81:da:eb:f8:18:00:2b:68:05:df:
21:4a:16:bf:ce:a0:4b:e3:87:9a:7d:02:54:52:bf:01:c9:6e:
c5:0d:22:aa:b1:f0:c4:bf:3f:50:de:bf:fa:74:54:30:5d:0b:
f2:a2:4b:91:2e:cf:0c:42:3c:ef:42:61:1c:b1:1a:28:99:11:
44:42:b4:97:a8:bf:91:27:b7:97:09:cd:e5:5f:72:8e:82:bb:
da:74:a5:cd:38:01:e3:d0:f4:a1:1f:d2:73:d9:b3:a3:15:74:
c1:07:ae:18:07:3e:9a:e9:a6:c5:3c:69:c4:45:03:66:87:c2:
ba:17:b7:bf:94:4e:f8:02:94:d6:5e:9d:81:ad:bf:fa:f6:74:
f6:b4:89:98:56:7e:00:30:63:99:14:1c:4f:4b:03:28:5d:5b:
a2:fd:08:86:d2:1a:1b:e8:3c:0c:47:98:f1:0d:52:fb:ab:25:
21:a5:37:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXVKZASJtwhuq+eK8VwGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTc1MDc5NjE4NjkxYmFlMWY0N2JjYmVkNTIzMTQ0OTY5
NjM4OTEwHhcNMjMwMTAxMTcyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjRjNDFkMWJjYjAzZTJlYzQxOGZmZTliM2FlZjM0YWNhNGRjOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG8zXWpvj2fW6E+Li1sMcllX3C9U
2gR7a3tB+eubf9nAVwYBUutocpy/Xm4Qe7veiIvNfm5o6a5k2d2VHptiyJ5N+zua
QnWIMvMx5U1PshPRcYdQJnHz44TBXdefDFPbBaxHLFMDi1nxIJ6OO+gAzWY3RM+A
6aDKuTfAca2oAWAtdKH1eZAciDGclOkxuJ3PhMZ7eUcAAoQRGJRnGeuWuHOHj7RF
CXCCl2iZC6YeDKxjgr56eU34CZheBRpuW/xmdn2ukK5zhKo7KYJktE44uSPXXiyv
9nKffsA/VnnPyhqO65TJ6qYiTfT5IbmCA/Y2KMmAjNp/zzrkqP/KZYxLRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtMQdG8sD4uxBj/6bOu80rKTckSMB8GA1UdIwQY
MBaAFL3nUHlhhpG64fR7y+1SMUSWljiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVkUWVXR0drYnJoOUh2TDdWSXhSSmFXT0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84ZjIwOTMtMDMxOC00NzZjLTllOWMt
NTNmYzQ5MDU2MjliLzEvcTB4QjBieXdQaTdFR1BfcHM2N3pTc3BOeVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84ZjIwOTMtMDMxOC00NzZjLTllOWMtNTNmYzQ5MDU2Mjli
LzEvdmVkUWVXR0drYnJoOUh2TDdWSXhSSmFXT0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNqsMA0G
CSqGSIb3DQEBCwUAA4IBAQA5hVraMpfKQieAFeQ2N3HwYOVC355DQ64gJIyn0Gkn
CXbRsuQswCkWXCMbyYXs7QjLRf7HPFp9qfNt8Q0/lsBkKbKZndZ2jJXbfp+9GGPW
vYHa6/gYACtoBd8hSha/zqBL44eafQJUUr8ByW7FDSKqsfDEvz9Q3r/6dFQwXQvy
okuRLs8MQjzvQmEcsRoomRFEQrSXqL+RJ7eXCc3lX3KOgrvadKXNOAHj0PShH9Jz
2bOjFXTBB64YBz6a6abFPGnERQNmh8K6F7e/lE74ApTWXp2Brb/69nT2tImYVn4A
MGOZFBxPSwMoXVui/QiG0hob6DwMR5jxDVL7qyUhpTdL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:46 2024 by rpki-client on console-ams.rpki-client.org