Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1k1nrleDF9qtle9wjeA4trB8CLA.roa
File: 1k1nrleDF9qtle9wjeA4trB8CLA.roa (raw, json)
Hash identifier: PrPARDiq1GuZVdrJ25w+VNlquCfBmvecwOPS2NsSTmA=
Subject key identifier: D6:4D:67:AE:57:83:17:DA:AD:95:EF:70:8D:E0:38:B6:B0:7C:08:B0
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018972C0383488F980490BDE8B376A3711E9
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1k1nrleDF9qtle9wjeA4trB8CLA.roa
Signing time: Thu 20 Jul 2023 10:02:27 +0000
ROA not before: Thu 20 Jul 2023 10:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45027
IP address blocks: 217.171.146.0/24 maxlen: 24
31.129.30.0/24 maxlen: 24
77.83.117.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:c0:38:34:88:f9:80:49:0b:de:8b:37:6a:37:11:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 20 10:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d64d67ae578317daad95ef708de038b6b07c08b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2d:b3:4a:ad:21:23:6a:9c:39:f3:74:26:16:
b4:30:85:de:cb:88:1d:dc:21:fb:7c:86:53:f3:79:
c7:51:aa:c6:86:18:2b:a6:f3:2f:4b:12:02:fc:01:
3c:c1:c1:c1:df:61:27:98:b9:5f:ae:8a:c2:9d:ce:
91:e7:22:22:c1:02:62:e3:93:c9:81:15:a2:cf:32:
f1:ba:7e:ff:38:0e:b9:a8:4e:ca:48:c2:20:03:29:
73:1b:a2:28:b4:2b:a6:64:29:34:dc:46:16:3e:4e:
0b:44:8f:79:72:2e:32:a4:70:10:37:1c:a0:31:7c:
fa:f0:68:a2:20:b4:ed:8a:c4:95:6a:04:04:de:ea:
9c:ca:7e:30:03:fe:71:3a:30:ee:32:28:fb:de:14:
45:9e:dc:6e:4f:09:6d:60:e9:fc:b2:20:e7:05:b8:
2d:b9:34:d2:eb:5e:df:f9:49:eb:22:6b:c1:e6:e2:
5b:23:bf:69:fd:34:4f:19:c5:ac:85:a6:76:11:ba:
ab:f4:3e:ef:67:20:c2:ca:1f:b0:db:80:a2:dc:ed:
77:03:ed:5f:3c:f1:b8:8b:fc:90:51:ef:c1:99:fc:
af:ca:6b:5d:8f:2b:d1:ef:cf:85:45:16:ab:76:7e:
19:37:f5:26:8e:05:a2:b5:45:93:01:94:4f:cf:7b:
f9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4D:67:AE:57:83:17:DA:AD:95:EF:70:8D:E0:38:B6:B0:7C:08:B0
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1k1nrleDF9qtle9wjeA4trB8CLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.30.0/24
77.83.117.0/24
217.171.146.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:66:22:15:92:00:2f:05:8e:91:9b:8d:db:a3:0d:ae:11:b1:
b9:b5:df:b5:de:f4:14:14:52:27:b2:1b:a7:54:d2:78:f0:b3:
76:6f:d3:24:4e:45:3c:6b:0c:16:85:40:3b:c0:cc:23:6a:ce:
08:d7:1c:4c:83:0f:7d:14:c0:21:1f:85:13:27:98:67:b1:df:
42:21:43:e8:b0:c9:f6:45:bd:24:30:4c:71:4d:d3:e3:1d:01:
eb:82:72:13:4b:d8:ed:3c:47:4e:c2:1b:ac:01:a3:05:21:6a:
5e:bd:92:41:37:48:a6:50:ad:db:37:42:e2:7f:40:9c:dc:5c:
eb:3b:5e:6d:60:64:41:eb:b8:e5:0d:07:92:d6:83:52:ea:2e:
97:4f:46:df:be:a6:99:85:77:70:00:45:6a:10:93:73:53:59:
e7:78:0d:66:1e:16:aa:e2:dc:bd:c5:2a:ac:66:18:e4:c0:8b:
7f:20:96:ae:32:35:4c:69:a0:5a:2b:c2:db:09:72:20:bb:e1:
8e:a4:5b:9f:48:ad:b1:fd:f9:c8:5e:45:92:e7:ba:fb:9d:5b:
2a:19:8a:a3:f4:32:d7:e9:c0:c3:dc:3b:4b:da:77:f5:25:57:
6a:e3:cc:b7:91:b6:c7:c1:64:d5:68:eb:ff:b0:e5:ad:85:75:
a9:11:0f:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlywDg0iPmASQveizdqNxHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzIwMTAwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRkNjdhZTU3ODMxN2RhYWQ5NWVmNzA4ZGUwMzhiNmIwN2MwOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC2zSq0hI2qcOfN0Jha0MIXey4gd
3CH7fIZT83nHUarGhhgrpvMvSxIC/AE8wcHB32EnmLlfrorCnc6R5yIiwQJi45PJ
gRWizzLxun7/OA65qE7KSMIgAylzG6IotCumZCk03EYWPk4LRI95ci4ypHAQNxyg
MXz68GiiILTtisSVagQE3uqcyn4wA/5xOjDuMij73hRFntxuTwltYOn8siDnBbgt
uTTS617f+UnrImvB5uJbI79p/TRPGcWshaZ2Ebqr9D7vZyDCyh+w24Ci3O13A+1f
PPG4i/yQUe/BmfyvymtdjyvR78+FRRardn4ZN/UmjgWitUWTAZRPz3v5owIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNZNZ65XgxfarZXvcI3gOLawfAiwMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMWsxbnJsZURGOXF0bGU5d2plQTR0ckI4Q0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH4EeAwQA
TVN1AwQA2auSMA0GCSqGSIb3DQEBCwUAA4IBAQCdZiIVkgAvBY6Rm43bow2uEbG5
td+13vQUFFInshunVNJ48LN2b9MkTkU8awwWhUA7wMwjas4I1xxMgw99FMAhH4UT
J5hnsd9CIUPosMn2Rb0kMExxTdPjHQHrgnITS9jtPEdOwhusAaMFIWpevZJBN0im
UK3bN0Lif0Cc3FzrO15tYGRB67jlDQeS1oNS6i6XT0bfvqaZhXdwAEVqEJNzU1nn
eA1mHhaq4ty9xSqsZhjkwIt/IJauMjVMaaBaK8LbCXIgu+GOpFufSK2x/fnIXkWS
57r7nVsqGYqj9DLX6cDD3DtL2nf1JVdq48y3kbbHwWTVaOv/sOWthXWpEQ8r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org