Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/voFdh-CGy9feSmispg6T89OAYmA.roa
File: voFdh-CGy9feSmispg6T89OAYmA.roa (raw, json)
Hash identifier: A+5C7to4r+a4bqAn//RyourbQB1rjmFhDCiW8Q8Uwx0=
Subject key identifier: BE:81:5D:87:E0:86:CB:D7:DE:4A:68:AC:A6:0E:93:F3:D3:80:62:60
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 0189BAB2D4E4699500FA0011EE1001114541
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/voFdh-CGy9feSmispg6T89OAYmA.roa
Signing time: Thu 03 Aug 2023 09:20:29 +0000
ROA not before: Thu 03 Aug 2023 09:20:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200598
IP address blocks: 37.156.226.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
46.102.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:b2:d4:e4:69:95:00:fa:00:11:ee:10:01:11:45:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Aug 3 09:20:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be815d87e086cbd7de4a68aca60e93f3d3806260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a7:47:e4:c0:e4:4c:b5:80:98:72:80:fe:31:
a1:29:1c:a9:10:dc:6d:cb:64:2e:52:07:0c:e2:ce:
15:c0:c6:ba:de:75:15:36:31:bb:9b:03:32:9e:51:
06:c4:82:30:13:8f:34:fb:4b:dc:16:3c:4b:99:a6:
f0:36:de:d1:c4:3f:71:01:7b:40:f6:61:2b:11:a5:
b2:1a:d8:02:e9:d5:34:05:8b:bd:2a:b4:98:af:cf:
95:82:38:12:f2:13:73:44:03:d9:ad:9f:3a:6b:ae:
ee:b2:da:e4:c7:0a:68:63:80:4e:df:a2:21:54:ee:
b7:03:9b:ec:f9:a4:97:79:95:14:bd:d5:90:4e:3c:
4f:fb:9a:f7:50:d0:7e:5f:b4:c4:38:96:cd:f5:a0:
d8:13:27:05:22:38:92:cb:67:e4:af:46:8f:17:79:
59:d7:99:38:ac:fc:de:c2:4c:72:c5:d0:42:d0:45:
eb:41:e0:b8:69:ca:33:98:4f:d1:d7:31:93:5c:1b:
eb:79:ae:fc:0f:de:b9:52:ae:83:d2:5a:05:78:d4:
b7:be:04:31:91:1c:72:94:b9:e8:ff:2d:41:ae:22:
39:aa:c1:d7:e6:b7:a5:95:db:0e:6f:37:19:12:c7:
a1:0c:22:5b:7d:4b:14:ba:8e:9a:f8:94:62:72:a9:
ee:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:81:5D:87:E0:86:CB:D7:DE:4A:68:AC:A6:0E:93:F3:D3:80:62:60
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/voFdh-CGy9feSmispg6T89OAYmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.226.0/24
46.102.116.0/24
87.121.136.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:4f:d8:60:db:23:ef:6d:7a:91:18:3d:9d:e3:56:66:2a:a1:
ed:07:45:91:59:46:84:6b:c5:12:4d:fe:2c:12:a5:2e:35:b6:
43:fd:17:ff:98:dd:cf:a8:89:0e:b6:29:c5:dd:2d:f1:2b:6a:
c9:79:b6:5c:2f:08:29:77:c8:45:83:73:b3:22:71:17:e5:cd:
75:85:2f:6d:f2:20:17:65:4a:62:90:12:bd:9c:ef:c3:e0:d3:
1b:9c:73:9e:0f:dc:61:7b:66:c6:27:72:84:f4:2e:50:31:9a:
ff:3a:d9:1c:b2:bc:79:17:cd:25:ad:56:69:70:cf:66:37:9b:
8d:16:45:bf:b3:84:9d:72:28:dd:ae:a4:8a:29:cc:36:59:d2:
3c:f1:34:47:a0:6c:9f:03:10:f8:0c:cb:24:c9:ae:7e:5f:b2:
6a:06:22:3a:cd:ef:d2:ef:74:94:60:c6:45:15:59:72:20:bb:
cc:2b:17:dc:ed:d5:81:8c:8e:a6:03:02:e5:fe:c0:79:74:28:
4e:14:74:8c:f1:2e:f8:38:5c:02:ba:f9:35:21:9b:25:88:09:
48:a4:62:b3:f1:55:18:8f:0c:13:64:3f:53:6b:e2:54:27:10:
e2:c6:28:f7:67:bf:5f:3c:22:a4:66:df:57:3a:3d:ed:73:32:
22:07:fd:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm6stTkaZUA+gAR7hABEUVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OWE3NWRlYmQ2NTM1OWE0NTMxN2YyMDNmMTFhMzIxZTE0
YjJmMmMwHhcNMjMwODAzMDkyMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTgxNWQ4N2UwODZjYmQ3ZGU0YTY4YWNhNjBlOTNmM2QzODA2MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6dH5MDkTLWAmHKA/jGhKRypENxt
y2QuUgcM4s4VwMa63nUVNjG7mwMynlEGxIIwE480+0vcFjxLmabwNt7RxD9xAXtA
9mErEaWyGtgC6dU0BYu9KrSYr8+VgjgS8hNzRAPZrZ86a67ustrkxwpoY4BO36Ih
VO63A5vs+aSXeZUUvdWQTjxP+5r3UNB+X7TEOJbN9aDYEycFIjiSy2fkr0aPF3lZ
15k4rPzewkxyxdBC0EXrQeC4acozmE/R1zGTXBvrea78D965Uq6D0loFeNS3vgQx
kRxylLno/y1BriI5qsHX5relldsObzcZEsehDCJbfUsUuo6a+JRicqnudwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL6BXYfghsvX3kporKYOk/PTgGJgMB8GA1UdIwQY
MBaAFGeadd69ZTWaRTF/ID8RoyHhSy8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVwMTNyMWxOWnBGTVg4Z1B4R2pJZUZMTHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS83YTM5YjEtMWQxYy00OTE5LWIxOWMt
M2VlYmU3MTk2OTcyLzEvdm9GZGgtQ0d5OWZlU21pc3BnNlQ4OU9BWW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS83YTM5YjEtMWQxYy00OTE5LWIxOWMtM2VlYmU3MTk2OTcy
LzEvWjVwMTNyMWxOWnBGTVg4Z1B4R2pJZUZMTHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJZziAwQA
LmZ0AwQDV3mIMA0GCSqGSIb3DQEBCwUAA4IBAQBLT9hg2yPvbXqRGD2d41ZmKqHt
B0WRWUaEa8USTf4sEqUuNbZD/Rf/mN3PqIkOtinF3S3xK2rJebZcLwgpd8hFg3Oz
InEX5c11hS9t8iAXZUpikBK9nO/D4NMbnHOeD9xhe2bGJ3KE9C5QMZr/Otkcsrx5
F80lrVZpcM9mN5uNFkW/s4SdcijdrqSKKcw2WdI88TRHoGyfAxD4DMskya5+X7Jq
BiI6ze/S73SUYMZFFVlyILvMKxfc7dWBjI6mAwLl/sB5dChOFHSM8S74OFwCuvk1
IZsliAlIpGKz8VUYjwwTZD9Ta+JUJxDixij3Z79fPCKkZt9XOj3tczIiB/3A
-----END CERTIFICATE-----
Generated at Wed Oct 11 11:54:30 2023 by rpki-client on console-fra.rpki-client.org