Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/Ak_daAkOuPStMfzlilNtEspVPU4.roa
File: Ak_daAkOuPStMfzlilNtEspVPU4.roa (raw, json)
Hash identifier: Lp4YF6hX7K6Dn6Uo6Q7GBWboFP9osEj4jLtKN6jqB0w=
Subject key identifier: 02:4F:DD:68:09:0E:B8:F4:AD:31:FC:E5:8A:53:6D:12:CA:55:3D:4E
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 338D4380
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/Ak_daAkOuPStMfzlilNtEspVPU4.roa
Signing time: Sat 01 Jan 2022 04:52:46 +0000
ROA not before: Sat 01 Jan 2022 04:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3209
IP address blocks: 84.119.0.0/16 maxlen: 16
84.118.0.0/16 maxlen: 16
84.118.0.0/15 maxlen: 15
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 864895872 (0x338d4380)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Jan 1 04:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=024fdd68090eb8f4ad31fce58a536d12ca553d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:01:5d:f9:b0:5c:48:83:69:3b:99:fc:96:
8a:57:be:9c:e0:bd:3e:d1:85:87:7d:df:6a:3b:d6:
bb:2e:88:e2:62:5d:d0:91:d6:ce:3c:9b:74:01:52:
0b:02:eb:96:a4:ae:56:33:d7:37:8b:ba:0e:a7:97:
d4:07:1a:9a:76:c0:af:2b:92:81:6a:a9:f5:76:9a:
7f:9b:17:56:2f:cc:3e:29:29:9f:66:50:c3:67:70:
61:1a:6d:c9:f8:d7:72:57:8a:3e:8f:c4:50:d5:78:
01:53:1a:ab:fb:cc:1b:44:ad:d4:66:8f:9b:67:cd:
0f:fe:50:8b:ce:9b:9b:44:fe:f1:45:33:14:8b:61:
71:c6:34:d3:9e:ca:f3:47:bf:c5:56:1f:ff:c6:76:
a5:08:49:99:99:5e:ae:cb:dc:ff:09:b3:0c:1f:ce:
1a:11:29:a7:98:ac:47:7b:d7:e9:2a:d9:56:fa:73:
fa:5a:a3:f5:32:ff:69:70:ec:10:b9:21:c7:34:6a:
cb:0c:11:4e:2e:a5:bd:69:db:c3:63:7c:b1:16:4b:
df:32:ce:cd:3d:50:45:e8:35:4b:f6:44:f4:92:38:
d2:d7:5d:cf:16:2e:38:09:a5:1e:52:97:db:62:4f:
82:bf:94:03:54:c5:3b:da:ab:11:7d:6a:22:ac:38:
80:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:4F:DD:68:09:0E:B8:F4:AD:31:FC:E5:8A:53:6D:12:CA:55:3D:4E
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/Ak_daAkOuPStMfzlilNtEspVPU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
38:82:eb:39:b5:2c:e3:35:76:d9:05:cf:12:ab:97:5b:6a:32:
d3:18:2c:81:97:2b:51:4f:74:ad:dd:70:40:25:be:4f:25:01:
f3:36:84:e1:85:87:94:17:22:95:12:95:76:d1:ab:12:e5:12:
7d:d8:0a:b3:d1:55:d1:95:53:5d:84:9e:c6:8a:18:53:e5:7e:
65:5b:91:6d:31:24:0a:42:d1:f7:aa:3b:25:9e:fd:9a:96:62:
3e:d3:c5:6c:c0:8b:59:0e:ba:61:9c:7f:e4:85:33:db:02:ea:
aa:13:5c:a3:08:fb:58:a2:80:ff:ea:e4:1d:9c:be:e7:f7:a8:
32:3d:84:43:33:10:27:b8:bf:1c:87:e9:8d:6b:fc:7b:e9:ca:
34:bd:7a:4f:08:15:e5:82:20:37:a0:65:c9:53:19:2b:43:98:
b9:36:71:97:59:a5:70:ff:34:b4:8f:38:21:fd:6e:83:cb:5a:
71:83:70:8d:70:09:50:f7:94:8d:74:8a:d7:ae:e1:2b:e7:29:
40:f9:ba:1f:81:b8:af:3a:4e:07:da:3b:ae:ee:a3:85:99:44:
1a:32:d5:c5:f1:16:79:ad:ab:09:23:36:3f:bc:59:4b:d2:a0:
18:16:e5:01:e6:c7:27:6e:e6:5f:ce:d6:59:10:2e:d9:4f:27:
c6:33:ac:c2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEM41DgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGYyNWU2YTY4OTNmNDY2ZDI2OTVlOTA2NzBjMDQ3NDQzNjQzNzAxMB4XDTIyMDEw
MTA0NTI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI0ZmRkNjgwOTBl
YjhmNGFkMzFmY2U1OGE1MzZkMTJjYTU1M2Q0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIcAV35sFxIg2k7mfyWile+nOC9PtGFh33fajvWuy6I4mJd
0JHWzjybdAFSCwLrlqSuVjPXN4u6DqeX1AcamnbAryuSgWqp9Xaaf5sXVi/MPikp
n2ZQw2dwYRptyfjXcleKPo/EUNV4AVMaq/vMG0St1GaPm2fND/5Qi86bm0T+8UUz
FIthccY0057K80e/xVYf/8Z2pQhJmZlersvc/wmzDB/OGhEpp5isR3vX6SrZVvpz
+lqj9TL/aXDsELkhxzRqywwRTi6lvWnbw2N8sRZL3zLOzT1QReg1S/ZE9JI40tdd
zxYuOAmlHlKX22JPgr+UA1TFO9qrEX1qIqw4gKECAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQCT91oCQ649K0x/OWKU20SylU9TjAfBgNVHSMEGDAWgBSQ8l5qaJP0ZtJp
XpBnDAR0Q2Q3ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tQSmVhbWlUOUdiU2FWNlFad3dFZEVOa053RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMDRiMTYyLTcwOTktNDA0ZC04MzkxLTNiMGI0YjhhMjk4My8x
L0FrX2RhQWtPdVBTdE1memxpbE50RXNwVlBVNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MDRiMTYyLTcwOTktNDA0ZC04MzkxLTNiMGI0YjhhMjk4My8xL2tQSmVhbWlUOUdi
U2FWNlFad3dFZEVOa053RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVR2MA0GCSqGSIb3DQEBCwUAA4IB
AQA4gus5tSzjNXbZBc8Sq5dbajLTGCyBlytRT3St3XBAJb5PJQHzNoThhYeUFyKV
EpV20asS5RJ92Aqz0VXRlVNdhJ7GihhT5X5lW5FtMSQKQtH3qjslnv2almI+08Vs
wItZDrphnH/khTPbAuqqE1yjCPtYooD/6uQdnL7n96gyPYRDMxAnuL8ch+mNa/x7
6co0vXpPCBXlgiA3oGXJUxkrQ5i5NnGXWaVw/zS0jzgh/W6Dy1pxg3CNcAlQ95SN
dIrXruEr5ylA+bofgbivOk4H2juu7qOFmUQaMtXF8RZ5rasJIzY/vFlL0qAYFuUB
5scnbuZfztZZEC7ZTyfGM6zC
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:12 2025 by rpki-client