Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/vLbIxNHeOvMZ8gHoKrBWZp0xfDs.roa
File: vLbIxNHeOvMZ8gHoKrBWZp0xfDs.roa (raw, json)
Hash identifier: RUABL0LFNReJ83Fq9gqdXMoi104wcIYVSXnfLWq6ZcE=
Subject key identifier: BC:B6:C8:C4:D1:DE:3A:F3:19:F2:01:E8:2A:B0:56:66:9D:31:7C:3B
Certificate issuer: /CN=4777da157768423fcba9217392ec7f483b3b9442
Certificate serial: 018CC4932440E4AE795B1B56BDFF8A6EA378
Authority key identifier: 47:77:DA:15:77:68:42:3F:CB:A9:21:73:92:EC:7F:48:3B:3B:94:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3faFXdoQj_LqSFzkux_SDs7lEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/vLbIxNHeOvMZ8gHoKrBWZp0xfDs.roa
Signing time: Mon 01 Jan 2024 10:30:26 +0000
ROA not before: Mon 01 Jan 2024 10:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8832
IP address blocks: 185.123.176.0/22 maxlen: 22
109.69.168.0/21 maxlen: 21
2a00:1498::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:24:40:e4:ae:79:5b:1b:56:bd:ff:8a:6e:a3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4777da157768423fcba9217392ec7f483b3b9442
Validity
Not Before: Jan 1 10:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcb6c8c4d1de3af319f201e82ab056669d317c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b7:02:8b:0c:d9:88:ea:30:fe:cb:b1:3e:fc:
a1:fe:a3:4f:83:62:64:30:61:90:51:4e:12:1a:e6:
8d:cd:ee:cf:aa:a6:7a:9d:e5:fa:fd:ce:ad:80:ea:
20:f9:e5:29:0c:4c:aa:80:82:53:81:e8:85:df:58:
1a:f3:fa:aa:44:4a:8c:40:d8:cd:5d:4e:90:bc:7e:
ec:58:cb:25:a6:7e:0f:90:3f:cb:42:fa:9e:c1:81:
03:8b:d2:3b:f4:35:19:3d:ce:23:1c:5b:bd:d1:2b:
9c:a1:1e:f9:22:91:4c:1d:07:db:bc:de:e7:67:0f:
62:70:e5:46:a4:16:a5:28:71:fe:3a:1c:65:54:81:
9e:bf:eb:96:99:49:9e:03:90:d0:1e:61:34:ed:11:
83:d4:b2:04:cb:95:55:aa:cb:cf:45:7c:73:52:ac:
d7:d6:21:70:b9:5d:0c:3c:00:f7:10:ff:3e:38:16:
7e:92:25:35:51:d3:1e:60:d8:1f:0e:7f:8a:8a:f3:
43:cd:1b:b0:ae:75:56:23:cb:3a:16:db:d0:6a:a6:
e6:4e:27:a7:7a:5d:a9:37:8e:62:1e:5e:7e:cb:b3:
85:3c:b6:7a:bb:ac:1c:eb:7e:59:97:38:70:26:32:
48:64:cb:24:e7:7b:99:93:2e:07:eb:19:47:a3:f6:
65:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B6:C8:C4:D1:DE:3A:F3:19:F2:01:E8:2A:B0:56:66:9D:31:7C:3B
X509v3 Authority Key Identifier:
keyid:47:77:DA:15:77:68:42:3F:CB:A9:21:73:92:EC:7F:48:3B:3B:94:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3faFXdoQj_LqSFzkux_SDs7lEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/vLbIxNHeOvMZ8gHoKrBWZp0xfDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/R3faFXdoQj_LqSFzkux_SDs7lEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.168.0/21
185.123.176.0/22
IPv6:
2a00:1498::/32
Signature Algorithm: sha256WithRSAEncryption
84:91:39:3a:18:f9:2d:63:4b:7f:5c:46:90:17:57:36:94:63:
71:15:0c:83:70:21:83:59:5d:c3:05:fc:cd:b5:11:f5:7e:f4:
7b:58:c6:e9:24:b1:46:a2:c3:cb:12:6b:c6:a2:93:f5:4c:81:
8b:f3:9e:ed:a7:31:88:70:86:18:86:7f:09:e0:0b:bb:90:8e:
93:38:67:c7:f9:d9:5b:f3:95:1a:42:8e:e9:a7:1a:f2:d3:84:
b1:b8:04:d3:1b:c2:d1:d7:b5:ce:47:44:f7:dd:29:33:a7:38:
01:09:9c:24:39:f3:b6:bf:bf:ff:f0:4e:8a:62:3e:d2:8f:fd:
94:08:56:81:40:a9:ba:f1:99:4c:64:87:27:8c:a0:74:09:54:
7e:6f:06:12:c7:e7:c2:9f:67:65:1b:00:cc:8c:76:3e:71:e9:
37:ac:a3:8e:26:7b:5f:88:9c:42:b9:e9:49:8d:a3:c7:c3:64:
f7:a3:50:e3:e7:f8:5c:6d:8b:ed:90:ab:86:ff:46:ac:bb:9b:
0b:22:7c:63:48:da:47:a0:10:21:c6:07:f0:56:5e:e6:41:e6:
66:35:1e:a8:13:d5:ee:2b:a3:3e:b9:9c:86:bd:c7:05:1b:d9:
ce:cb:a2:a7:1b:94:38:63:58:e4:4f:ec:0d:53:12:fc:25:5b:
f5:8f:77:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkyRA5K55WxtWvf+KbqN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzdkYTE1Nzc2ODQyM2ZjYmE5MjE3MzkyZWM3ZjQ4M2Iz
Yjk0NDIwHhcNMjQwMTAxMTAzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2I2YzhjNGQxZGUzYWYzMTlmMjAxZTgyYWIwNTY2NjlkMzE3YzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbcCiwzZiOow/suxPvyh/qNPg2Jk
MGGQUU4SGuaNze7PqqZ6neX6/c6tgOog+eUpDEyqgIJTgeiF31ga8/qqREqMQNjN
XU6QvH7sWMslpn4PkD/LQvqewYEDi9I79DUZPc4jHFu90SucoR75IpFMHQfbvN7n
Zw9icOVGpBalKHH+OhxlVIGev+uWmUmeA5DQHmE07RGD1LIEy5VVqsvPRXxzUqzX
1iFwuV0MPAD3EP8+OBZ+kiU1UdMeYNgfDn+KivNDzRuwrnVWI8s6FtvQaqbmTien
el2pN45iHl5+y7OFPLZ6u6wc635ZlzhwJjJIZMsk53uZky4H6xlHo/ZlNQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLy2yMTR3jrzGfIB6CqwVmadMXw7MB8GA1UdIwQY
MBaAFEd32hV3aEI/y6khc5Lsf0g7O5RCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNmYUZYZG9Ral9McVNGemt1eF9TRHM3bEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iMjFhMzgtZGI2Mi00NDM4LWJhOWMt
ZjU3Zjg2ZGY0ZjE2LzEvdkxiSXhOSGVPdk1aOGdIb0tyQldacDB4ZkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iMjFhMzgtZGI2Mi00NDM4LWJhOWMtZjU3Zjg2ZGY0ZjE2
LzEvUjNmYUZYZG9Ral9McVNGemt1eF9TRHM3bEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbUWoAwQC
uXuwMA0EAgACMAcDBQAqABSYMA0GCSqGSIb3DQEBCwUAA4IBAQCEkTk6GPktY0t/
XEaQF1c2lGNxFQyDcCGDWV3DBfzNtRH1fvR7WMbpJLFGosPLEmvGopP1TIGL857t
pzGIcIYYhn8J4Au7kI6TOGfH+dlb85UaQo7ppxry04SxuATTG8LR17XOR0T33Skz
pzgBCZwkOfO2v7//8E6KYj7Sj/2UCFaBQKm68ZlMZIcnjKB0CVR+bwYSx+fCn2dl
GwDMjHY+cek3rKOOJntfiJxCuelJjaPHw2T3o1Dj5/hcbYvtkKuG/0asu5sLInxj
SNpHoBAhxgfwVl7mQeZmNR6oE9XuK6M+uZyGvccFG9nOy6KnG5Q4Y1jkT+wNUxL8
JVv1j3eF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:34 2024 by rpki-client on console-fra.rpki-client.org