Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Qxu_oJwU0g4WndxkqF6JtjgqDko.roa
File: Qxu_oJwU0g4WndxkqF6JtjgqDko.roa (raw, json)
Hash identifier: O2IdCSxh5ggGbbizFylQzqIj1BEcILp267bvUl4a/9w=
Subject key identifier: 43:1B:BF:A0:9C:14:D2:0E:16:9D:DC:64:A8:5E:89:B6:38:2A:0E:4A
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 062812EE
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Qxu_oJwU0g4WndxkqF6JtjgqDko.roa
Signing time: Mon 21 Mar 2022 10:36:12 +0000
ROA not before: Mon 21 Mar 2022 10:36:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 87.121.136.0/21 maxlen: 24
185.61.156.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103289582 (0x62812ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Mar 21 10:36:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=431bbfa09c14d20e169ddc64a85e89b6382a0e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a0:79:fd:56:f9:68:0b:c1:e0:7d:b9:8d:33:
7f:69:12:ea:56:15:6b:e4:d3:3d:a6:bc:4b:ab:b4:
01:8f:91:90:67:9c:6a:41:ce:26:b6:de:bc:b7:86:
94:c1:c5:97:30:eb:ef:dd:c2:7a:1b:ed:8c:37:99:
87:3d:31:02:cb:00:69:d3:26:25:a1:2c:62:ec:98:
ab:0a:88:a2:2c:89:28:98:b9:4e:9e:3e:d2:d5:f4:
39:41:29:40:f8:be:71:ac:0c:63:ab:05:b9:75:bf:
9b:4b:c7:f8:e0:22:5e:7d:c6:14:1d:ac:82:89:7f:
95:a0:f5:0f:8f:de:08:e0:9f:ad:87:5d:8d:98:21:
0f:5d:6f:8b:86:4d:ba:d9:82:e0:16:e3:73:30:04:
8c:d2:64:d2:a9:1f:e7:d1:36:75:a9:11:8a:84:2d:
55:5a:47:db:db:bc:74:71:33:ef:5d:69:b4:bc:43:
9e:2e:12:44:8b:6f:f9:25:0a:d0:91:e2:2d:98:07:
f9:94:20:41:e0:fa:b5:ae:a9:2f:27:b2:05:21:c1:
0d:76:7f:e1:5e:bd:14:7a:12:76:c4:fe:98:ca:93:
70:67:91:4e:ac:13:b9:44:49:8e:10:2b:a6:24:6f:
1c:1c:72:f8:4a:eb:03:7d:e1:dc:cd:fa:70:85:9a:
95:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:1B:BF:A0:9C:14:D2:0E:16:9D:DC:64:A8:5E:89:B6:38:2A:0E:4A
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Qxu_oJwU0g4WndxkqF6JtjgqDko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.136.0/21
185.61.156.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:4b:c8:4e:b8:f7:41:96:61:16:5e:58:c9:ff:cc:c8:c5:57:
44:56:6d:5f:54:90:3f:d7:1f:a8:dc:2b:77:24:db:e9:60:d7:
69:ae:eb:03:f8:fc:8a:6c:7c:a8:19:e0:15:03:5b:20:81:bf:
a6:2c:79:e9:a8:66:51:2f:d8:9b:c5:eb:46:c7:ad:df:b1:33:
32:b0:3f:08:19:cd:b7:09:7f:e4:a3:88:5e:04:a3:3e:03:19:
8f:0c:b6:13:b3:97:d6:91:ae:e3:9c:19:15:13:71:1c:ba:b2:
c9:40:64:11:d0:2d:1a:b1:e6:d2:0b:07:d0:bd:e3:e8:a3:b8:
ca:fd:64:18:7b:0b:c6:dc:08:ce:52:2b:0b:16:b7:bc:55:0e:
6a:8e:8a:cb:6a:92:da:07:d7:f7:15:83:9b:c2:9e:c8:7f:09:
fe:18:28:64:db:ba:7b:62:a1:1e:17:39:39:8e:18:0a:20:a7:
77:67:db:67:1b:6b:36:26:ef:4a:d2:b7:57:7e:6a:7c:31:af:
ff:b8:87:d5:a2:ff:4d:a6:35:09:a7:3b:c8:44:e5:fd:29:3f:
cb:e8:7d:e9:b6:64:2c:56:a9:9d:a5:5d:ec:c7:48:a3:d8:75:
f2:9b:b3:8d:d7:2e:31:92:44:13:83:1c:f6:81:a3:31:8e:c9:
eb:f8:c6:a7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBigS7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDMy
MTEwMzYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDMxYmJmYTA5YzE0
ZDIwZTE2OWRkYzY0YTg1ZTg5YjYzODJhMGU0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI6gef1W+WgLweB9uY0zf2kS6lYVa+TTPaa8S6u0AY+RkGec
akHOJrbevLeGlMHFlzDr793CehvtjDeZhz0xAssAadMmJaEsYuyYqwqIoiyJKJi5
Tp4+0tX0OUEpQPi+cawMY6sFuXW/m0vH+OAiXn3GFB2sgol/laD1D4/eCOCfrYdd
jZghD11vi4ZNutmC4BbjczAEjNJk0qkf59E2dakRioQtVVpH29u8dHEz711ptLxD
ni4SRItv+SUK0JHiLZgH+ZQgQeD6ta6pLyeyBSHBDXZ/4V69FHoSdsT+mMqTcGeR
TqwTuURJjhArpiRvHBxy+ErrA33h3M36cIWalW0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRDG7+gnBTSDhad3GSoXom2OCoOSjAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L1F4dV9vSndVMGc0V25keGtxRjZKdGpncURrby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1d5iAMEArk9nDANBgkqhkiG9w0B
AQsFAAOCAQEAXUvITrj3QZZhFl5Yyf/MyMVXRFZtX1SQP9cfqNwrdyTb6WDXaa7r
A/j8imx8qBngFQNbIIG/pix56ahmUS/Ym8XrRset37EzMrA/CBnNtwl/5KOIXgSj
PgMZjwy2E7OX1pGu45wZFRNxHLqyyUBkEdAtGrHm0gsH0L3j6KO4yv1kGHsLxtwI
zlIrCxa3vFUOao6Ky2qS2gfX9xWDm8KeyH8J/hgoZNu6e2KhHhc5OY4YCiCnd2fb
ZxtrNibvStK3V35qfDGv/7iH1aL/TaY1Cac7yETl/Sk/y+h96bZkLFapnaVd7MdI
o9h18puzjdcuMZJEE4Mc9oGjMY7J6/jGpw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-fra.rpki-client.org