Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/7z13YDDwrIX7sh6y7wzokfzGg5A.roa
File: 7z13YDDwrIX7sh6y7wzokfzGg5A.roa (raw, json)
Hash identifier: hZT3VnpShG19fgBfK22W+TPqCY4sWa/VjTA2mfwqxxM=
Subject key identifier: EF:3D:77:60:30:F0:AC:85:FB:B2:1E:B2:EF:0C:E8:91:FC:C6:83:90
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 03D29073
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/7z13YDDwrIX7sh6y7wzokfzGg5A.roa
Signing time: Sat 01 Jan 2022 10:02:17 +0000
ROA not before: Sat 01 Jan 2022 10:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35402
IP address blocks: 212.122.132.0/22 maxlen: 22
212.122.128.0/22 maxlen: 22
212.122.144.0/22 maxlen: 22
212.122.148.0/22 maxlen: 22
2a01:5c8:800::/48 maxlen: 48
2a01:5c8:803::/48 maxlen: 48
2a01:5c8:801::/48 maxlen: 48
2a01:5c8:804::/48 maxlen: 48
2a01:5c8:805::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64131187 (0x3d29073)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 1 10:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef3d776030f0ac85fbb21eb2ef0ce891fcc68390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:63:e9:19:27:33:23:1c:d8:06:ba:7d:93:75:
03:4b:67:a3:f1:47:c3:f4:4f:43:c9:f3:87:c3:6d:
6d:1d:e6:09:03:4e:8c:5d:07:fa:a8:69:f4:2e:3a:
18:77:f2:5f:e3:9c:18:91:f7:4b:8c:9b:25:14:bb:
98:f8:cb:24:95:9f:5e:00:6e:86:c8:d4:cd:84:c5:
eb:52:5e:ee:0f:d6:bf:bd:68:22:c7:1a:aa:43:6e:
24:6b:ba:34:78:5c:99:bb:01:d5:ac:0d:fe:d1:cd:
47:e0:e6:f9:06:98:8a:3b:da:97:13:f6:cf:08:99:
4a:91:1e:39:6c:3c:ba:1d:ed:cc:a2:cd:e8:ea:27:
ba:a9:03:c2:0e:00:7a:57:36:45:c8:31:3b:73:7a:
99:66:10:c7:40:55:93:d4:59:42:c7:50:f4:18:2e:
ed:3c:f1:44:ce:82:0a:e5:5f:53:b2:35:82:4f:af:
4e:12:88:4b:91:e7:66:c9:cd:2c:b2:ca:eb:7a:9d:
47:55:51:87:1b:c4:2c:85:02:0e:7f:1f:df:8e:dc:
17:30:89:69:e2:b3:b8:cf:be:e0:13:ce:06:e5:8f:
a9:73:0c:39:d9:2e:41:e0:89:4f:84:17:ca:9e:cf:
39:af:3f:9f:79:5e:8d:b2:77:09:92:2c:f9:9c:0e:
07:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:3D:77:60:30:F0:AC:85:FB:B2:1E:B2:EF:0C:E8:91:FC:C6:83:90
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/7z13YDDwrIX7sh6y7wzokfzGg5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.122.128.0/21
212.122.144.0/21
IPv6:
2a01:5c8:800::/47
2a01:5c8:803::-2a01:5c8:805:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:5e:a4:7c:09:c4:84:32:ce:3a:7c:60:f8:b5:51:ec:9d:e3:
b5:d6:1c:af:d0:b9:79:17:c5:c4:2a:62:04:54:3d:cf:63:43:
1c:f4:34:be:b0:7d:8f:fd:5c:3f:30:06:ef:a4:97:a1:0f:65:
b5:c1:33:33:53:ce:d8:ef:2a:5a:da:e0:d8:df:27:38:a8:b0:
b7:25:66:85:c7:8e:5c:ad:61:97:19:ac:fe:f8:65:ec:bc:69:
98:34:6a:23:74:ee:06:29:d9:56:98:25:69:3a:fc:db:17:7b:
4d:c7:2f:36:78:79:fc:e3:7e:11:d9:9a:cb:68:8f:5a:9d:9b:
8e:6d:25:22:a1:d5:f6:27:75:51:76:af:6b:b0:58:75:8b:02:
03:23:f4:06:59:85:1a:dc:2d:36:5a:c4:c7:6c:98:73:2c:ee:
59:e5:17:a6:a5:ee:d1:3c:70:cf:d1:ce:5e:46:52:1b:33:da:
2b:99:d7:49:e7:95:df:3f:84:d1:32:ec:56:ab:b1:fb:eb:37:
42:77:f5:d1:41:86:6f:86:eb:c7:a7:80:fe:b8:3c:11:2d:d7:
c8:2a:56:99:ce:97:58:69:4f:76:6d:9b:a2:e1:6b:fa:b8:9d:
91:e7:5e:86:b6:27:59:bd:36:e1:6c:56:f5:78:1c:29:5e:c0:
f1:2c:6d:73
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEA9KQczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDEw
MTEwMDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWYzZDc3NjAzMGYw
YWM4NWZiYjIxZWIyZWYwY2U4OTFmY2M2ODM5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJtj6RknMyMc2Aa6fZN1A0tno/FHw/RPQ8nzh8NtbR3mCQNO
jF0H+qhp9C46GHfyX+OcGJH3S4ybJRS7mPjLJJWfXgBuhsjUzYTF61Je7g/Wv71o
IscaqkNuJGu6NHhcmbsB1awN/tHNR+Dm+QaYijvalxP2zwiZSpEeOWw8uh3tzKLN
6OonuqkDwg4Aelc2RcgxO3N6mWYQx0BVk9RZQsdQ9Bgu7TzxRM6CCuVfU7I1gk+v
ThKIS5HnZsnNLLLK63qdR1VRhxvELIUCDn8f347cFzCJaeKzuM++4BPOBuWPqXMM
OdkuQeCJT4QXyp7POa8/n3lejbJ3CZIs+ZwOB+MCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBTvPXdgMPCshfuyHrLvDOiR/MaDkDAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
Lzd6MTNZRER3cklYN3NoNnk3d3pva2Z6R2c1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwEgQCAAEwDAMEA9R6gAMEA9R6kDAjBAIAAjAdAwcB
KgEFyAgAMBIDBwAqAQXICAMDBwEqAQXICAQwDQYJKoZIhvcNAQELBQADggEBAIVe
pHwJxIQyzjp8YPi1Ueyd47XWHK/QuXkXxcQqYgRUPc9jQxz0NL6wfY/9XD8wBu+k
l6EPZbXBMzNTztjvKlra4NjfJziosLclZoXHjlytYZcZrP74Zey8aZg0aiN07gYp
2VaYJWk6/NsXe03HLzZ4efzjfhHZmstoj1qdm45tJSKh1fYndVF2r2uwWHWLAgMj
9AZZhRrcLTZaxMdsmHMs7lnlF6al7tE8cM/Rzl5GUhsz2iuZ10nnld8/hNEy7Far
sfvrN0J39dFBhm+G68engP64PBEt18gqVpnOl1hpT3Ztm6Lha/q4nZHnXoa2J1m9
NuFsVvV4HClewPEsbXM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:39 2024 by rpki-client on console-ams.rpki-client.org