Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/DKviJ6iTuHNbbd0ELdDyAEaMZQQ.roa
File: DKviJ6iTuHNbbd0ELdDyAEaMZQQ.roa (raw, json)
Hash identifier: M+vRNN8mB5jAhItagx0h64KwZ3an+mowLqey+gP2Wr8=
Subject key identifier: 0C:AB:E2:27:A8:93:B8:73:5B:6D:DD:04:2D:D0:F2:00:46:8C:65:04
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 05FF4B0A
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/DKviJ6iTuHNbbd0ELdDyAEaMZQQ.roa
Signing time: Sun 06 Mar 2022 08:19:17 +0000
ROA not before: Sun 06 Mar 2022 08:19:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 87.121.136.0/21 maxlen: 24
176.111.240.0/22 maxlen: 24
185.61.156.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100616970 (0x5ff4b0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Mar 6 08:19:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0cabe227a893b8735b6ddd042dd0f200468c6504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9a:ce:91:87:b7:6a:11:ad:13:d7:55:63:e8:
d0:39:50:26:27:2b:c4:11:fb:41:3a:b8:de:3a:b5:
9f:99:34:d9:40:8e:60:7a:f5:15:8f:a1:da:84:11:
14:b2:49:2b:4f:e8:ba:db:94:b4:d1:eb:72:57:58:
bb:b3:78:b8:7c:a0:c7:e3:f5:ff:d0:ab:6d:8a:0f:
11:25:77:de:36:c3:27:db:dd:c5:87:e4:42:a0:8d:
13:fd:db:0d:08:a6:4b:a7:50:e0:ef:44:23:40:9c:
80:17:41:9d:50:d1:c2:da:d0:c4:e6:8a:89:d0:76:
a9:f2:97:c1:90:c3:fb:79:af:f5:38:20:a7:6e:62:
38:33:70:f1:bd:79:a4:a7:d9:9b:a9:f9:cb:8a:80:
ec:84:b3:1b:65:78:05:dd:53:bf:92:85:91:31:e1:
23:48:18:63:54:24:aa:8b:e7:12:17:9c:d9:a8:09:
3f:fc:40:09:30:69:96:0c:6f:3f:1c:98:2d:8c:1a:
6a:4b:5a:bc:8c:28:4d:f8:ac:9f:d6:09:9c:54:52:
d5:46:f6:ea:4d:af:cb:3f:76:20:20:f3:c2:80:be:
17:89:68:1b:4a:a4:52:9d:0f:ff:c6:49:d5:13:56:
9c:ea:fc:97:12:7b:5a:a1:1a:98:bb:f9:97:71:66:
92:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AB:E2:27:A8:93:B8:73:5B:6D:DD:04:2D:D0:F2:00:46:8C:65:04
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/DKviJ6iTuHNbbd0ELdDyAEaMZQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.136.0/21
176.111.240.0/22
185.61.156.0/22
Signature Algorithm: sha256WithRSAEncryption
25:79:ad:c1:c5:4d:57:1d:ee:f4:73:d2:f9:98:13:80:8b:13:
99:6d:5f:d7:02:04:d6:fe:4b:29:14:68:a5:fa:a5:ec:3a:64:
d5:51:75:de:46:ef:17:9a:9c:11:bd:d6:f8:54:78:9f:6f:28:
66:fe:db:92:76:be:70:94:31:37:8e:4c:8a:cf:87:9a:46:4f:
a3:eb:da:4a:db:ef:36:fc:44:6d:a6:9b:49:16:33:03:e9:9c:
f5:81:3a:68:74:ae:6a:9b:94:f3:9d:b2:be:2c:11:ab:42:bf:
d4:84:71:dc:ab:1d:59:b0:2d:0b:76:1d:3d:ee:16:76:8d:41:
54:c6:85:90:c1:05:7d:b7:d8:0a:ab:03:b2:c4:f0:23:91:d7:
11:79:0e:e2:25:a7:a8:a7:68:60:bd:d5:03:db:8d:a2:6b:82:
06:59:47:35:b1:d9:82:d9:14:16:16:69:ad:e7:26:19:df:ce:
e4:90:ab:15:44:66:7e:1b:6d:e2:e2:3f:a5:5a:f3:6d:9e:58:
a9:b9:f9:ed:a8:d6:c2:f9:0c:c7:4e:4f:77:d3:22:44:f2:ed:
fb:dc:0b:1d:6a:27:74:16:12:f1:f8:29:6b:95:45:e2:d1:5b:
db:81:eb:e7:bb:a1:fd:fa:8c:4e:1c:d7:8f:01:17:2f:6f:71:
a5:76:ca:44
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBf9LCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDMw
NjA4MTkxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNhYmUyMjdhODkz
Yjg3MzViNmRkZDA0MmRkMGYyMDA0NjhjNjUwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeazpGHt2oRrRPXVWPo0DlQJicrxBH7QTq43jq1n5k02UCO
YHr1FY+h2oQRFLJJK0/outuUtNHrcldYu7N4uHygx+P1/9CrbYoPESV33jbDJ9vd
xYfkQqCNE/3bDQimS6dQ4O9EI0CcgBdBnVDRwtrQxOaKidB2qfKXwZDD+3mv9Tgg
p25iODNw8b15pKfZm6n5y4qA7ISzG2V4Bd1Tv5KFkTHhI0gYY1QkqovnEhec2agJ
P/xACTBplgxvPxyYLYwaaktavIwoTfisn9YJnFRS1Ub26k2vyz92ICDzwoC+F4lo
G0qkUp0P/8ZJ1RNWnOr8lxJ7WqEamLv5l3FmkosCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQMq+InqJO4c1tt3QQt0PIARoxlBDAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L0RLdmlKNmlUdUhOYmJkMEVMZER5QUVhTVpRUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1d5iAMEArBv8AMEArk9nDANBgkq
hkiG9w0BAQsFAAOCAQEAJXmtwcVNVx3u9HPS+ZgTgIsTmW1f1wIE1v5LKRRopfql
7Dpk1VF13kbvF5qcEb3W+FR4n28oZv7bkna+cJQxN45Mis+HmkZPo+vaStvvNvxE
baabSRYzA+mc9YE6aHSuapuU852yviwRq0K/1IRx3KsdWbAtC3YdPe4Wdo1BVMaF
kMEFfbfYCqsDssTwI5HXEXkO4iWnqKdoYL3VA9uNomuCBllHNbHZgtkUFhZprecm
Gd/O5JCrFURmfhtt4uI/pVrzbZ5Yqbn57ajWwvkMx05Pd9MiRPLt+9wLHWondBYS
8fgpa5VF4tFb24Hr57uh/fqMThzXjwEXL29xpXbKRA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org