Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/xxjENPQCQLabuFB_fqJpQ3ZKBKI.roa
File: xxjENPQCQLabuFB_fqJpQ3ZKBKI.roa (raw, json)
Hash identifier: WQT56LIzrjCKFeEC4zhXLRlyVDKu/VA970hbi8m69nQ=
Subject key identifier: C7:18:C4:34:F4:02:40:B6:9B:B8:50:7F:7E:A2:69:43:76:4A:04:A2
Certificate issuer: /CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Certificate serial: 1D67
Authority key identifier: FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/xxjENPQCQLabuFB_fqJpQ3ZKBKI.roa
Signing time: Mon 21 Mar 2022 14:15:11 +0000
ROA not before: Mon 21 Mar 2022 14:15:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42300
IP address blocks: 194.15.248.0/24 maxlen: 24
194.15.248.0/22 maxlen: 22
77.240.240.0/22 maxlen: 22
77.240.240.0/24 maxlen: 24
77.240.241.0/24 maxlen: 24
77.240.242.0/24 maxlen: 24
77.240.243.0/24 maxlen: 24
178.236.200.0/22 maxlen: 22
178.236.200.0/24 maxlen: 24
178.236.201.0/24 maxlen: 24
178.236.202.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7527 (0x1d67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Validity
Not Before: Mar 21 14:15:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c718c434f40240b69bb8507f7ea26943764a04a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fc:95:44:97:e0:ed:11:02:4b:f0:e4:d4:96:
cf:7c:d7:18:94:b2:92:93:14:5d:d4:2a:a4:80:2e:
84:6b:b1:9e:7a:d5:7d:65:fb:ce:69:18:80:98:0d:
2c:a5:09:72:82:87:ea:2c:a5:b2:1c:8e:60:5c:29:
c9:26:6d:da:b7:35:b9:18:5b:3b:07:7a:25:f6:b4:
2d:9e:c0:ff:d4:49:1d:c8:6e:40:c6:93:1b:2f:63:
3d:de:d8:dd:e4:5a:24:9c:6e:06:bb:de:5d:1b:ba:
6e:3b:bd:a8:0f:62:8f:f4:b6:c0:c8:8a:99:db:87:
75:31:93:57:ba:d1:4a:e2:49:16:0c:ae:6e:a9:f6:
50:e1:dd:94:4f:6d:f1:de:c5:5e:d9:83:a6:b3:5f:
a0:a0:81:27:48:6a:5d:79:af:2c:61:7f:5d:7d:20:
0d:e1:81:7a:75:a1:47:c8:a6:3e:c6:31:bf:71:33:
bc:09:59:fc:6b:3c:4c:9f:36:8f:8c:6c:c9:43:e9:
b5:4b:d5:44:35:4b:21:4c:cc:0d:04:1c:fa:9c:c7:
d9:a6:28:c6:d4:a2:9a:4d:31:50:44:44:b5:4b:51:
d1:33:59:99:97:6e:fa:4f:e3:bf:5f:9b:fb:a0:54:
05:3f:61:e5:98:71:d0:57:23:7d:70:c2:d9:82:4a:
f2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:18:C4:34:F4:02:40:B6:9B:B8:50:7F:7E:A2:69:43:76:4A:04:A2
X509v3 Authority Key Identifier:
keyid:FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/xxjENPQCQLabuFB_fqJpQ3ZKBKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/_L5iN4u1gK9O1wv6NavIQJRdeAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.240.0/22
178.236.200.0/22
194.15.248.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:a3:93:6a:ab:bd:ed:53:34:04:60:33:61:dd:1e:17:8a:bb:
77:2e:5c:f2:8f:c4:1e:8f:c1:8e:c5:15:f2:34:61:1c:ff:7c:
c6:1b:fc:c0:9e:cf:5d:ac:32:c8:05:b1:26:fc:92:77:11:34:
cb:f9:ef:25:e9:aa:16:f3:34:f1:d4:e2:22:94:f3:fe:39:5f:
cc:b1:b9:65:a5:d7:58:3f:44:c6:c4:66:5e:62:98:4e:97:31:
9f:24:c3:bf:e5:c0:f3:f7:cc:8f:24:17:a1:59:bc:8c:87:f8:
19:a5:dc:c7:8d:53:69:2d:ed:ba:93:c5:93:09:e5:63:0e:1a:
e5:b4:9c:da:6a:d6:6c:a7:60:42:8e:b8:91:dc:01:70:9c:b2:
a8:bc:d6:79:47:e8:d6:7c:6c:d1:22:89:a2:09:b4:24:2c:93:
01:0f:0b:fc:5d:98:75:4b:4e:55:c1:28:c9:e1:05:11:47:a5:
2a:15:ad:d6:07:a2:98:8a:2e:32:c3:d0:89:8e:7b:c0:16:97:
b3:d2:b4:53:5c:3e:54:07:82:93:88:e4:f9:1c:f0:3a:0d:e1:
6e:69:66:d5:d0:cf:0a:4d:23:df:f7:19:5e:15:a2:32:12:1f:
93:d1:a7:c6:bd:75:90:31:7f:28:2a:9a:de:7a:42:89:5a:ed:
9f:6b:36:68
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgICHWcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZmNi
ZTYyMzc4YmI1ODBhZjRlZDcwYmZhMzVhYmM4NDA5NDVkNzgwMzAeFw0yMjAzMjEx
NDE1MTFaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGM3MThjNDM0ZjQwMjQw
YjY5YmI4NTA3ZjdlYTI2OTQzNzY0YTA0YTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4/JVEl+DtEQJL8OTUls981xiUspKTFF3UKqSALoRrsZ561X1l
+85pGICYDSylCXKCh+ospbIcjmBcKckmbdq3NbkYWzsHeiX2tC2ewP/USR3IbkDG
kxsvYz3e2N3kWiScbga73l0bum47vagPYo/0tsDIipnbh3Uxk1e60UriSRYMrm6p
9lDh3ZRPbfHexV7Zg6azX6CggSdIal15ryxhf119IA3hgXp1oUfIpj7GMb9xM7wJ
WfxrPEyfNo+MbMlD6bVL1UQ1SyFMzA0EHPqcx9mmKMbUoppNMVBERLVLUdEzWZmX
bvpP479fm/ugVAU/YeWYcdBXI31wwtmCSvJhAgMBAAGjggIVMIICETAdBgNVHQ4E
FgQUxxjENPQCQLabuFB/fqJpQ3ZKBKIwHwYDVR0jBBgwFoAU/L5iN4u1gK9O1wv6
NavIQJRdeAMwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9f
TDVpTjR1MWdLOU8xd3Y2TmF2SVFKUmRlQU0uY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2I4L2I4ZDI5Yy0zMzMzLTQ5M2MtOTczOS1kZjU2ZWM2NzBkZTcvMS94
eGpFTlBRQ1FMYWJ1RkJfZnFKcFEzWktCS0kucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I4L2I4
ZDI5Yy0zMzMzLTQ5M2MtOTczOS1kZjU2ZWM2NzBkZTcvMS9fTDVpTjR1MWdLOU8x
d3Y2TmF2SVFKUmRlQU0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYI
KwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAJN8PADBAKy7MgDBALCD/gwDQYJKoZI
hvcNAQELBQADggEBAL+jk2qrve1TNARgM2HdHheKu3cuXPKPxB6PwY7FFfI0YRz/
fMYb/MCez12sMsgFsSb8kncRNMv57yXpqhbzNPHU4iKU8/45X8yxuWWl11g/RMbE
Zl5imE6XMZ8kw7/lwPP3zI8kF6FZvIyH+Bml3MeNU2kt7bqTxZMJ5WMOGuW0nNpq
1mynYEKOuJHcAXCcsqi81nlH6NZ8bNEiiaIJtCQskwEPC/xdmHVLTlXBKMnhBRFH
pSoVrdYHopiKLjLD0ImOe8AWl7PStFNcPlQHgpOI5Pkc8DoN4W5pZtXQzwpNI9/3
GV4VojISH5PRp8a9dZAxfygqmt56Qola7Z9rNmg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:24 2024 by rpki-client on console-ams.rpki-client.org