Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/958fef-0d55-4c00-be8a-cc580521d00f/1/0NWgkWBiveMj2quaulXFCTemJBo.roa
File: 0NWgkWBiveMj2quaulXFCTemJBo.roa (raw, json)
Hash identifier: r7lwxxxctXprCEtzW6u2x0G6tCASmtorqQKSNPCDGcg=
Subject key identifier: D0:D5:A0:91:60:62:BD:E3:23:DA:AB:9A:BA:55:C5:09:37:A6:24:1A
Certificate issuer: /CN=87943cb86e3a703813778fab790d65f0da21615a
Certificate serial: 07109BD0
Authority key identifier: 87:94:3C:B8:6E:3A:70:38:13:77:8F:AB:79:0D:65:F0:DA:21:61:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5Q8uG46cDgTd4-reQ1l8NohYVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/958fef-0d55-4c00-be8a-cc580521d00f/1/0NWgkWBiveMj2quaulXFCTemJBo.roa
Signing time: Sat 01 Jan 2022 05:55:33 +0000
ROA not before: Sat 01 Jan 2022 05:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43882
IP address blocks: 79.133.180.0/22 maxlen: 24
79.133.160.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118528976 (0x7109bd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87943cb86e3a703813778fab790d65f0da21615a
Validity
Not Before: Jan 1 05:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0d5a0916062bde323daab9aba55c50937a6241a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:30:1d:43:81:2d:6d:b9:bc:bd:8e:dd:be:
ae:3b:ee:ef:61:24:1e:3a:cd:6a:a1:d6:49:53:3b:
82:a1:80:56:1c:d0:da:e5:ff:48:ad:3c:87:3c:97:
41:11:d3:78:22:1b:87:25:a2:7e:fc:6a:6c:6a:ea:
de:fd:40:65:05:73:1c:36:28:88:5d:cd:73:0e:74:
ab:24:25:3f:b3:25:a4:d9:dd:94:4e:fb:99:03:56:
8b:f3:60:01:20:ab:36:de:80:a4:14:05:b7:92:2e:
8f:df:9b:b2:3e:dc:8b:6e:3b:3e:98:79:0f:e6:43:
f0:cc:74:ee:3c:09:74:4e:ab:d3:86:d5:a7:b8:3a:
7b:d9:0e:05:a6:82:82:22:55:da:23:79:43:a5:ff:
d4:88:4a:d2:83:af:c3:fd:b3:b6:d8:bf:9a:91:de:
df:6a:0e:1e:58:eb:3b:e4:b5:67:61:f0:74:a5:37:
eb:24:23:c3:8b:bc:96:e7:c2:1f:a0:11:cb:fc:27:
3a:08:f3:0a:d8:02:08:32:75:e4:50:71:b3:8d:2d:
28:ef:45:29:52:e5:fd:73:bc:40:87:0b:b0:69:5c:
d9:5c:10:ae:15:a4:9d:1e:2e:cb:da:d1:fb:e9:64:
c6:e6:49:d0:4a:f7:d0:b7:38:6a:dd:41:06:7d:93:
b5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D5:A0:91:60:62:BD:E3:23:DA:AB:9A:BA:55:C5:09:37:A6:24:1A
X509v3 Authority Key Identifier:
keyid:87:94:3C:B8:6E:3A:70:38:13:77:8F:AB:79:0D:65:F0:DA:21:61:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5Q8uG46cDgTd4-reQ1l8NohYVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/958fef-0d55-4c00-be8a-cc580521d00f/1/0NWgkWBiveMj2quaulXFCTemJBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/958fef-0d55-4c00-be8a-cc580521d00f/1/h5Q8uG46cDgTd4-reQ1l8NohYVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.160.0/20
79.133.180.0/22
Signature Algorithm: sha256WithRSAEncryption
59:42:94:80:b6:b6:79:2a:bb:f9:0c:f3:dc:b5:23:97:59:83:
14:ea:3b:04:71:84:ee:d5:3b:15:0d:ce:57:2c:92:f7:82:5c:
aa:55:04:33:bb:b1:b2:a0:34:9a:47:6e:53:2e:23:d4:9d:c6:
9b:39:b7:89:0d:6a:18:ff:12:24:a6:8a:01:bd:6e:bb:40:50:
af:84:be:73:ba:30:3d:7a:92:5f:6a:5b:50:4d:dc:5e:79:db:
63:bb:e7:41:f4:b2:5d:2f:08:5d:5a:91:b3:3c:e4:b4:36:a2:
93:06:f7:cb:32:9e:e6:13:25:19:7e:04:de:35:d6:34:12:a5:
90:25:77:f0:2a:b5:80:f4:73:34:40:b2:21:fb:d7:e5:a2:eb:
fd:16:2e:bf:3f:1d:b4:d4:f9:bc:79:de:3c:ee:5c:03:a3:2a:
4a:fb:53:88:bd:d7:f6:df:7c:cf:bc:65:13:e4:a6:c2:a4:3d:
9a:33:54:dd:66:48:71:fa:0f:02:3a:4b:40:ea:f6:59:08:ab:
f0:80:4c:52:1e:12:5c:9d:0f:40:82:ff:1a:10:de:e7:19:69:
18:fa:75:34:dc:cd:86:76:a5:1f:8a:8b:63:eb:62:fa:d5:bb:
4f:f4:23:a6:f7:2b:66:cc:5d:e0:f6:68:ce:06:e3:42:1c:d8:
ce:5c:ef:01
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBxCb0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Nzk0M2NiODZlM2E3MDM4MTM3NzhmYWI3OTBkNjVmMGRhMjE2MTVhMB4XDTIyMDEw
MTA1NTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBkNWEwOTE2MDYy
YmRlMzIzZGFhYjlhYmE1NWM1MDkzN2E2MjQxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC8MB1DgS1tuby9jt2+rjvu72EkHjrNaqHWSVM7gqGAVhzQ
2uX/SK08hzyXQRHTeCIbhyWifvxqbGrq3v1AZQVzHDYoiF3Ncw50qyQlP7MlpNnd
lE77mQNWi/NgASCrNt6ApBQFt5Iuj9+bsj7ci247Pph5D+ZD8Mx07jwJdE6r04bV
p7g6e9kOBaaCgiJV2iN5Q6X/1IhK0oOvw/2ztti/mpHe32oOHljrO+S1Z2HwdKU3
6yQjw4u8lufCH6ARy/wnOgjzCtgCCDJ15FBxs40tKO9FKVLl/XO8QIcLsGlc2VwQ
rhWknR4uy9rR++lkxuZJ0Er30Lc4at1BBn2TtSECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTQ1aCRYGK94yPaq5q6VcUJN6YkGjAfBgNVHSMEGDAWgBSHlDy4bjpwOBN3
j6t5DWXw2iFhWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g1UTh1RzQ2Y0RnVGQ0LXJlUTFsOE5vaFlWby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvOTU4ZmVmLTBkNTUtNGMwMC1iZThhLWNjNTgwNTIxZDAwZi8x
LzBOV2drV0JpdmVNajJxdWF1bFhGQ1RlbUpCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
OTU4ZmVmLTBkNTUtNGMwMC1iZThhLWNjNTgwNTIxZDAwZi8xL2g1UTh1RzQ2Y0Rn
VGQ0LXJlUTFsOE5vaFlWby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBE+FoAMEAk+FtDANBgkqhkiG9w0B
AQsFAAOCAQEAWUKUgLa2eSq7+Qzz3LUjl1mDFOo7BHGE7tU7FQ3OVyyS94JcqlUE
M7uxsqA0mkduUy4j1J3Gmzm3iQ1qGP8SJKaKAb1uu0BQr4S+c7owPXqSX2pbUE3c
XnnbY7vnQfSyXS8IXVqRszzktDaikwb3yzKe5hMlGX4E3jXWNBKlkCV38Cq1gPRz
NECyIfvX5aLr/RYuvz8dtNT5vHnePO5cA6MqSvtTiL3X9t98z7xlE+SmwqQ9mjNU
3WZIcfoPAjpLQOr2WQir8IBMUh4SXJ0PQIL/GhDe5xlpGPp1NNzNhnalH4qLY+ti
+tW7T/QjpvcrZsxd4PZozgbjQhzYzlzvAQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:39 2025 by rpki-client