Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/jQUkIFTC--W3YjCmiP_gzYb0wxw.roa
File: jQUkIFTC--W3YjCmiP_gzYb0wxw.roa (raw, json)
Hash identifier: FjpU4aZBHG00tWiD9cm2lN1w/N1V7vXVFP7Z0/j7WIs=
Subject key identifier: 8D:05:24:20:54:C2:FB:E5:B7:62:30:A6:88:FF:E0:CD:86:F4:C3:1C
Certificate issuer: /CN=91d8c32a703972aaea093a01f8dedf57f9675575
Certificate serial: 09946BD1
Authority key identifier: 91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/jQUkIFTC--W3YjCmiP_gzYb0wxw.roa
Signing time: Sat 01 Jan 2022 09:56:31 +0000
ROA not before: Sat 01 Jan 2022 09:56:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24730
IP address blocks: 81.23.224.0/20 maxlen: 20
81.173.4.0/24 maxlen: 24
81.173.124.0/24 maxlen: 24
185.236.176.0/22 maxlen: 22
81.173.34.0/23 maxlen: 23
2001:15b8::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160721873 (0x9946bd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d8c32a703972aaea093a01f8dedf57f9675575
Validity
Not Before: Jan 1 09:56:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d05242054c2fbe5b76230a688ffe0cd86f4c31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dd:33:b0:b3:c5:45:1c:4c:f0:94:34:e0:b9:
00:0f:cf:44:3f:29:9a:6d:db:e6:cc:2b:9b:02:a9:
fd:8d:c5:b4:b8:58:1f:3b:14:ec:94:dc:e4:52:f8:
23:2e:2b:a3:04:f9:f9:50:9e:92:2d:1d:81:bc:95:
a6:70:98:02:49:3b:a8:2a:95:0a:df:82:8c:4b:cb:
52:72:54:cb:88:5a:a4:f9:c6:09:31:59:70:08:74:
5a:72:2d:34:aa:26:df:2e:7b:c6:26:60:36:50:49:
ba:2e:60:ef:cd:60:cb:fb:d4:13:ba:79:a9:b5:9c:
12:20:22:19:eb:54:c0:01:95:8a:02:d5:a2:29:d5:
e0:fa:2c:c9:19:6e:90:f7:c3:ec:99:5e:14:27:9c:
a6:4d:18:e3:25:4c:94:cf:7d:75:d6:fb:bd:a9:d1:
68:5c:b0:88:40:fa:2b:c1:b2:58:80:e2:4b:5a:ab:
f4:fe:70:bc:e1:54:5d:bc:97:eb:35:3f:28:96:68:
a1:b1:6d:a7:0c:3c:22:e2:13:1e:cf:f4:bb:8a:58:
88:15:cf:eb:8c:a4:b5:aa:91:6e:b8:48:37:29:d8:
77:fa:da:97:e5:42:22:05:24:0c:70:c2:cd:33:fd:
4f:32:49:d5:60:cc:45:6f:5f:4d:47:92:e1:2a:bc:
1b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:05:24:20:54:C2:FB:E5:B7:62:30:A6:88:FF:E0:CD:86:F4:C3:1C
X509v3 Authority Key Identifier:
keyid:91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/jQUkIFTC--W3YjCmiP_gzYb0wxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/kdjDKnA5cqrqCToB-N7fV_lnVXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.224.0/20
81.173.4.0/24
81.173.34.0/23
81.173.124.0/24
185.236.176.0/22
IPv6:
2001:15b8::/32
Signature Algorithm: sha256WithRSAEncryption
22:04:99:63:34:80:b0:b7:35:c9:fb:4f:1b:92:ee:99:f3:04:
60:82:87:a7:81:b8:76:b1:e0:7f:18:5e:32:03:a8:e7:97:9c:
58:8f:89:4e:28:ad:a0:c5:25:ac:07:65:1d:83:4f:5a:e7:da:
7f:1c:fb:74:a9:f2:77:d1:5e:eb:94:45:bc:85:15:da:21:86:
42:d9:7c:4f:1d:32:67:99:a9:29:22:f1:8e:2f:8a:ea:2c:ac:
a1:4c:f0:bb:03:a0:f7:20:05:ea:dc:7d:d1:af:31:f4:12:c8:
a1:66:9c:3a:28:fe:e7:7c:d9:9d:92:c7:04:eb:3c:82:ca:e0:
c7:1c:b4:30:50:89:21:93:5c:fa:63:2b:42:cc:0f:f0:49:f2:
56:58:34:f4:fa:a8:6e:e8:60:bd:33:42:6f:c7:69:df:ec:f6:
0c:da:dc:cb:89:10:e6:d5:50:4a:34:e5:a4:72:36:f0:b8:ab:
47:71:ee:f9:1a:a1:d6:6b:56:35:fa:4a:86:3b:77:61:e1:d9:
4f:90:3f:2f:ca:42:43:af:f3:4a:bc:24:7c:77:c8:39:bb:3a:
8f:66:92:a8:d9:54:d1:cb:b8:45:b5:ce:c7:69:38:21:cb:98:
8b:6c:a9:fc:aa:f5:5a:75:01:b7:a9:a8:af:fa:cd:76:96:3a:
eb:3f:bc:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECZRr0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWQ4YzMyYTcwMzk3MmFhZWEwOTNhMDFmOGRlZGY1N2Y5Njc1NTc1MB4XDTIyMDEw
MTA5NTYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQwNTI0MjA1NGMy
ZmJlNWI3NjIzMGE2ODhmZmUwY2Q4NmY0YzMxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHdM7CzxUUcTPCUNOC5AA/PRD8pmm3b5swrmwKp/Y3FtLhY
HzsU7JTc5FL4Iy4rowT5+VCeki0dgbyVpnCYAkk7qCqVCt+CjEvLUnJUy4hapPnG
CTFZcAh0WnItNKom3y57xiZgNlBJui5g781gy/vUE7p5qbWcEiAiGetUwAGVigLV
oinV4PosyRlukPfD7JleFCecpk0Y4yVMlM99ddb7vanRaFywiED6K8GyWIDiS1qr
9P5wvOFUXbyX6zU/KJZoobFtpww8IuITHs/0u4pYiBXP64yktaqRbrhINynYd/ra
l+VCIgUkDHDCzTP9TzJJ1WDMRW9fTUeS4Sq8G1sCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSNBSQgVML75bdiMKaI/+DNhvTDHDAfBgNVHSMEGDAWgBSR2MMqcDlyquoJ
OgH43t9X+WdVdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tkakRLbkE1Y3FycUNUb0ItTjdmVl9sblZYVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvNGU4MTZkLWQ4ZWMtNDM3Yy05ODZhLTNjMTI3ODFlMjAyZC8x
L2pRVWtJRlRDLS1XM1lqQ21pUF9nelliMHd4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
NGU4MTZkLWQ4ZWMtNDM3Yy05ODZhLTNjMTI3ODFlMjAyZC8xL2tkakRLbkE1Y3Fy
cUNUb0ItTjdmVl9sblZYVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBFEX4AMEAFGtBAMEAVGtIgMEAFGt
fAMEArnssDANBAIAAjAHAwUAIAEVuDANBgkqhkiG9w0BAQsFAAOCAQEAIgSZYzSA
sLc1yftPG5LumfMEYIKHp4G4drHgfxheMgOo55ecWI+JTiitoMUlrAdlHYNPWufa
fxz7dKnyd9Fe65RFvIUV2iGGQtl8Tx0yZ5mpKSLxji+K6iysoUzwuwOg9yAF6tx9
0a8x9BLIoWacOij+53zZnZLHBOs8gsrgxxy0MFCJIZNc+mMrQswP8EnyVlg09Pqo
buhgvTNCb8dp3+z2DNrcy4kQ5tVQSjTlpHI28LirR3Hu+Rqh1mtWNfpKhjt3YeHZ
T5A/L8pCQ6/zSrwkfHfIObs6j2aSqNlU0cu4RbXOx2k4IcuYi2yp/Kr1WnUBt6mo
r/rNdpY66z+8hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org