Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/W4ZKJL6GL-Oh0_gISs-1uWYzW3M.roa
File: W4ZKJL6GL-Oh0_gISs-1uWYzW3M.roa (raw, json)
Hash identifier: 3WkhUKp6dVx178qGfp/VIsONvB01YLHJplQH4pA3ygw=
Subject key identifier: 5B:86:4A:24:BE:86:2F:E3:A1:D3:F8:08:4A:CF:B5:B9:66:33:5B:73
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FB7F90C
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/W4ZKJL6GL-Oh0_gISs-1uWYzW3M.roa
Signing time: Sat 01 Jan 2022 10:04:48 +0000
ROA not before: Sat 01 Jan 2022 10:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12480
IP address blocks: 194.121.203.0/24 maxlen: 24
194.120.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800585996 (0x2fb7f90c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b864a24be862fe3a1d3f8084acfb5b966335b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e2:78:50:b0:2b:cc:12:d7:e1:7b:f3:ae:af:
58:33:3a:51:86:bf:fe:f5:4c:8b:41:46:b5:0d:2a:
36:e0:33:3e:e1:7a:51:98:7d:38:d8:ef:64:e9:46:
1f:20:cc:39:e1:05:54:bc:6e:56:f3:19:d6:c8:9f:
02:4e:8d:d3:7d:d4:4a:68:fd:89:f3:1c:60:2d:22:
5e:99:99:90:dd:cb:a0:50:20:cf:44:55:cb:db:59:
f4:e5:3b:53:39:ab:6f:48:c4:d6:eb:be:1d:5b:f6:
29:f6:64:98:7c:2d:6b:e2:26:14:75:69:8c:81:b5:
64:cc:6e:7f:10:ea:c2:f4:c7:22:ce:ba:1f:97:c0:
6e:63:4b:f9:10:06:e2:48:f8:80:40:b7:8b:58:bd:
28:59:d6:0d:0f:6d:f5:de:a7:88:fe:09:5e:94:54:
68:91:d1:26:c2:18:6a:47:a2:1d:bf:1c:b2:ad:f1:
58:21:73:1a:7f:7b:aa:de:1e:06:6a:47:c9:99:88:
65:7e:11:c9:69:5f:f8:c5:89:92:b0:3d:65:d0:80:
04:7b:41:84:83:1c:30:86:e2:aa:1c:93:a1:4b:10:
bc:57:e7:05:b7:47:f2:ef:c3:2b:e2:1a:00:1d:9a:
10:ed:5a:d6:6b:6c:6c:e6:f7:e3:5c:b9:3f:af:6b:
dd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:86:4A:24:BE:86:2F:E3:A1:D3:F8:08:4A:CF:B5:B9:66:33:5B:73
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/W4ZKJL6GL-Oh0_gISs-1uWYzW3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.43.0/24
194.121.203.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:8d:32:c7:b4:7e:d5:84:58:0c:8e:f6:48:1c:1a:f5:ba:d8:
53:17:82:3e:f6:d3:a0:c3:99:41:70:4b:c7:32:63:e7:a2:71:
f3:12:b7:6a:29:25:c5:b6:17:00:8c:3e:90:f2:c0:16:56:b0:
e2:9d:fa:6d:bd:8a:0a:f2:fc:78:1e:3b:d9:f6:12:1c:ef:20:
01:cc:82:24:24:e6:5f:ed:db:d0:30:84:d6:a0:cc:0f:83:c0:
54:e8:96:82:9c:d4:57:cd:d2:80:c2:2d:0a:a5:09:c8:f9:15:
11:5f:56:bc:1b:f3:31:52:02:75:65:fa:81:db:ce:ca:8d:bd:
61:ad:12:34:fe:fd:6a:db:26:ea:3f:3f:08:a5:92:f0:34:b7:
5e:f2:7f:e2:6d:0d:a7:af:9a:30:15:8c:13:80:45:b7:7b:49:
ba:65:a7:e3:7d:8a:1e:3b:f8:02:81:0f:36:f3:1e:3b:4b:db:
7a:36:bb:42:d2:67:ea:67:d9:66:3a:ce:8a:8c:cb:75:81:1a:
bb:12:f5:b4:ac:bc:cf:3c:f3:3b:55:29:30:14:8e:2f:94:fe:
bf:91:98:a0:bb:b8:26:11:fb:42:68:ff:33:15:34:e2:14:c0:
76:d7:71:34:9c:1b:8f:c7:77:70:1e:cc:17:68:7e:f3:61:04:
ae:4c:58:f2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEL7f5DDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWI4NjRhMjRiZTg2
MmZlM2ExZDNmODA4NGFjZmI1Yjk2NjMzNWI3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbieFCwK8wS1+F7866vWDM6UYa//vVMi0FGtQ0qNuAzPuF6
UZh9ONjvZOlGHyDMOeEFVLxuVvMZ1sifAk6N033USmj9ifMcYC0iXpmZkN3LoFAg
z0RVy9tZ9OU7Uzmrb0jE1uu+HVv2KfZkmHwta+ImFHVpjIG1ZMxufxDqwvTHIs66
H5fAbmNL+RAG4kj4gEC3i1i9KFnWDQ9t9d6niP4JXpRUaJHRJsIYakeiHb8csq3x
WCFzGn97qt4eBmpHyZmIZX4RyWlf+MWJkrA9ZdCABHtBhIMcMIbiqhyToUsQvFfn
BbdH8u/DK+IaAB2aEO1a1mtsbOb341y5P69r3UMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRbhkokvoYv46HT+AhKz7W5ZjNbczAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
L1c0WktKTDZHTC1PaDBfZ0lTcy0xdVdZelczTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMJ4KwMEAMJ5yzANBgkqhkiG9w0B
AQsFAAOCAQEALI0yx7R+1YRYDI72SBwa9brYUxeCPvbToMOZQXBLxzJj56Jx8xK3
aiklxbYXAIw+kPLAFlaw4p36bb2KCvL8eB472fYSHO8gAcyCJCTmX+3b0DCE1qDM
D4PAVOiWgpzUV83SgMItCqUJyPkVEV9WvBvzMVICdWX6gdvOyo29Ya0SNP79atsm
6j8/CKWS8DS3XvJ/4m0Np6+aMBWME4BFt3tJumWn432KHjv4AoEPNvMeO0vbeja7
QtJn6mfZZjrOiozLdYEauxL1tKy8zzzzO1UpMBSOL5T+v5GYoLu4JhH7Qmj/MxU0
4hTAdtdxNJwbj8d3cB7MF2h+82EErkxY8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org