Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/lJBZ3iGvs0JdjKyL16rnLSXS99Q.roa
File: lJBZ3iGvs0JdjKyL16rnLSXS99Q.roa (raw, json)
Hash identifier: F557iyxxC+ebuN1F4vuOAuFiUEo6LYO3fN7Qlc+3znI=
Subject key identifier: 94:90:59:DE:21:AF:B3:42:5D:8C:AC:8B:D7:AA:E7:2D:25:D2:F7:D4
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FBF3BAE
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/lJBZ3iGvs0JdjKyL16rnLSXS99Q.roa
Signing time: Sat 01 Jan 2022 10:04:54 +0000
ROA not before: Sat 01 Jan 2022 10:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59524
IP address blocks: 145.128.64.0/20 maxlen: 20
145.128.80.0/20 maxlen: 20
145.128.96.0/19 maxlen: 19
145.128.0.0/20 maxlen: 20
145.128.16.0/20 maxlen: 20
91.242.160.0/24 maxlen: 24
145.128.27.0/24 maxlen: 24
145.128.32.0/19 maxlen: 19
2001:67c:104c::/48 maxlen: 48
2001:680:4008::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 801061806 (0x2fbf3bae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=949059de21afb3425d8cac8bd7aae72d25d2f7d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:77:34:54:f0:90:a8:44:65:ee:dc:c5:64:fc:
99:72:d1:b5:ba:57:4f:df:b6:22:61:2c:e4:65:fd:
43:2f:6c:fb:29:b6:23:9e:39:52:d6:41:2a:e6:5b:
ce:67:1b:7c:46:78:92:e0:3e:ff:08:16:06:cc:7f:
fb:2e:ec:56:51:07:b2:b9:d9:dc:41:47:50:62:80:
32:61:38:5c:a8:f7:96:56:7e:85:a3:fd:f4:9e:1c:
8e:5d:84:10:b6:51:ac:69:f5:17:43:49:a2:f3:9d:
24:a4:93:82:76:e0:d4:8a:f4:48:87:40:2e:43:3f:
c4:47:ad:2f:3f:bb:9f:a7:26:cd:a4:da:8b:a5:7b:
0f:67:ff:20:9d:6d:d2:f8:38:02:83:5e:04:6d:c7:
81:e3:08:8b:f1:ff:8a:3c:7d:a0:1d:d1:5c:c2:78:
d0:f4:5f:0c:f0:71:56:91:27:ad:53:1b:70:75:65:
5d:2b:80:54:45:1f:df:cf:dd:b9:e0:44:24:c3:1b:
90:18:40:5e:9d:54:8a:45:ab:61:b5:ab:b7:c0:76:
a2:c0:b4:06:0e:9e:63:26:e2:41:06:7c:fd:5c:4a:
6b:8b:24:0d:a5:bd:65:ff:ec:08:7e:bc:b5:5f:3c:
1a:f7:a4:d7:03:cb:e4:64:01:51:56:12:39:65:69:
8f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:90:59:DE:21:AF:B3:42:5D:8C:AC:8B:D7:AA:E7:2D:25:D2:F7:D4
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/lJBZ3iGvs0JdjKyL16rnLSXS99Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.160.0/24
145.128.0.0/17
IPv6:
2001:67c:104c::/48
2001:680:4008::/48
Signature Algorithm: sha256WithRSAEncryption
73:7c:13:a1:92:b1:df:d0:dc:7c:4e:4a:87:cb:45:e3:23:80:
fe:88:97:26:e6:5c:48:f7:3c:69:dc:d8:d8:08:99:f6:1c:43:
bb:c0:11:30:78:b5:3e:52:14:5d:b3:b4:12:5d:90:4b:e5:e0:
90:4e:77:ca:e7:25:07:28:53:25:04:9e:ec:08:a2:e1:32:22:
ca:5b:1c:ef:b0:51:12:fb:d2:f0:11:0a:e3:bd:cb:d7:89:46:
53:c4:13:30:33:47:bd:ed:16:75:c1:91:9b:27:ef:43:67:0c:
8c:5c:de:bb:00:e6:00:ff:4c:4e:76:2b:af:52:37:b9:b1:33:
eb:23:b0:07:b9:1c:02:2c:0b:cd:f3:95:07:1d:b2:96:4f:39:
90:49:1f:9a:1e:50:1a:c8:d1:56:3a:64:d0:72:6b:aa:bc:b9:
ca:56:26:48:15:f3:0c:22:6e:65:a5:48:a2:d0:b9:23:17:9d:
74:64:64:50:19:11:64:d2:83:de:fb:62:13:7b:87:e6:7a:97:
18:1c:0a:85:8d:ab:f8:cf:71:c5:7b:b8:8d:26:ac:f4:7a:b0:
04:16:08:78:2f:2e:d5:e1:64:42:89:0f:d1:d9:3c:6e:d4:f6:
44:38:71:dc:62:39:0b:43:56:c6:e9:4e:71:cd:6c:90:fd:c4:
0a:7a:81:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEL787rjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ5MDU5ZGUyMWFm
YjM0MjVkOGNhYzhiZDdhYWU3MmQyNWQyZjdkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPV3NFTwkKhEZe7cxWT8mXLRtbpXT9+2ImEs5GX9Qy9s+ym2
I545UtZBKuZbzmcbfEZ4kuA+/wgWBsx/+y7sVlEHsrnZ3EFHUGKAMmE4XKj3llZ+
haP99J4cjl2EELZRrGn1F0NJovOdJKSTgnbg1Ir0SIdALkM/xEetLz+7n6cmzaTa
i6V7D2f/IJ1t0vg4AoNeBG3HgeMIi/H/ijx9oB3RXMJ40PRfDPBxVpEnrVMbcHVl
XSuAVEUf38/dueBEJMMbkBhAXp1UikWrYbWrt8B2osC0Bg6eYybiQQZ8/VxKa4sk
DaW9Zf/sCH68tV88Gvek1wPL5GQBUVYSOWVpjz0CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBSUkFneIa+zQl2MrIvXquctJdL31DAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
L2xKQlozaUd2czBKZGpLeUwxNnJuTFNYUzk5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAFvyoAMEB5GAADAYBAIAAjASAwcA
IAEGfBBMAwcAIAEGgEAIMA0GCSqGSIb3DQEBCwUAA4IBAQBzfBOhkrHf0Nx8TkqH
y0XjI4D+iJcm5lxI9zxp3NjYCJn2HEO7wBEweLU+UhRds7QSXZBL5eCQTnfK5yUH
KFMlBJ7sCKLhMiLKWxzvsFES+9LwEQrjvcvXiUZTxBMwM0e97RZ1wZGbJ+9DZwyM
XN67AOYA/0xOdiuvUje5sTPrI7AHuRwCLAvN85UHHbKWTzmQSR+aHlAayNFWOmTQ
cmuqvLnKViZIFfMMIm5lpUii0LkjF510ZGRQGRFk0oPe+2ITe4fmepcYHAqFjav4
z3HFe7iNJqz0erAEFgh4Ly7V4WRCiQ/R2Txu1PZEOHHcYjkLQ1bG6U5xzWyQ/cQK
eoHC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org