Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/WEINraY1uTNAfTEMVFO1l5mCksU.roa
File: WEINraY1uTNAfTEMVFO1l5mCksU.roa (raw, json)
Hash identifier: AUCnFRIYFfYuoQwsHHS7JuJ5hEclKhVERdih8l07H1E=
Subject key identifier: 58:42:0D:AD:A6:35:B9:33:40:7D:31:0C:54:53:B5:97:99:82:92:C5
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 06FB3943
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/WEINraY1uTNAfTEMVFO1l5mCksU.roa
Signing time: Sat 01 Jan 2022 07:54:04 +0000
ROA not before: Sat 01 Jan 2022 07:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205185
IP address blocks: 185.152.84.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117127491 (0x6fb3943)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jan 1 07:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58420dada635b933407d310c5453b597998292c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:51:d2:2a:56:e4:ac:fc:97:18:88:3f:3d:72:
df:86:8b:1a:63:5e:a0:17:41:cb:9a:fe:89:5b:00:
f0:21:6a:a5:66:93:2a:9a:61:68:5a:f8:09:2c:5f:
4a:97:a5:1e:82:d8:ce:1d:69:49:cd:e4:10:f3:85:
79:bb:80:c2:4d:fb:bc:2f:0b:fc:18:7c:64:38:6d:
bf:92:78:55:5d:ce:d7:7a:21:12:29:dc:59:04:4e:
2d:91:9f:30:32:f1:e4:4a:88:53:50:a8:73:ca:3a:
27:3e:b6:3e:2c:fd:e8:78:62:45:f3:ed:5f:c1:cd:
48:a1:71:48:21:15:a4:f1:52:0d:a8:26:c9:de:d7:
24:8e:74:03:ec:79:2d:89:e8:21:53:2f:f4:2f:02:
02:ae:d5:9d:0c:4c:89:2b:ab:c9:69:a2:b4:aa:cf:
9b:9a:cf:04:bb:89:e3:9d:57:49:74:39:2f:45:37:
19:d3:62:a4:b8:25:f9:e8:fb:9f:7c:54:29:9f:f2:
a9:c4:25:2a:d8:5d:d0:fa:f7:d7:bb:d6:16:90:98:
83:de:6c:37:e6:77:5e:f3:5b:da:22:7d:a7:34:f5:
7e:82:e2:98:bb:90:d8:fc:b0:43:93:c0:62:e7:69:
1f:44:d7:8e:8b:7e:b9:f9:83:f7:24:4c:cd:16:f5:
32:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:42:0D:AD:A6:35:B9:33:40:7D:31:0C:54:53:B5:97:99:82:92:C5
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/WEINraY1uTNAfTEMVFO1l5mCksU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.84.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:61:56:0d:f3:1b:c8:82:d2:51:a5:a0:65:6a:20:88:5f:85:
37:3e:89:82:b9:b2:ba:6a:6d:b8:58:58:a6:1a:99:f5:62:83:
48:c6:0e:13:b8:c9:ee:32:5f:02:f6:36:c0:33:38:7b:c1:d8:
1f:b3:3a:17:d9:87:8a:de:2e:f3:b9:46:1b:ff:42:88:1c:ad:
4a:78:98:d2:aa:e9:e6:fd:00:b7:db:d9:8a:4a:74:89:6d:7c:
13:b9:ba:5d:53:5a:91:dc:27:9b:41:77:1d:39:3d:9f:44:f9:
39:42:f3:c4:b6:12:76:b0:93:b1:a8:bd:fe:8e:31:96:30:48:
be:13:08:08:fb:51:d1:a4:8f:7c:77:11:91:4f:30:dc:a6:a7:
67:f3:a6:39:95:a6:01:b6:f3:45:13:dd:09:0c:05:25:80:02:
92:dc:07:f6:82:6e:21:fa:be:19:fb:72:6e:de:9e:54:45:a7:
0d:b6:a5:67:4c:c1:dc:ce:07:57:b9:82:68:f5:30:31:98:63:
99:19:f9:51:db:57:62:46:eb:19:c4:a5:be:18:26:32:28:bf:
12:ec:1f:83:f8:de:7c:44:cc:ac:08:53:b2:d3:7e:eb:e8:80:
c6:50:63:13:81:ec:e3:18:c9:59:37:50:df:bf:1d:c7:be:b0:
d4:63:5e:f7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBvs5QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODY1ODBlMThhZDZmZjhkYzk0MmJlODgzYzE2ZGU4YjczMWY5NjA1MB4XDTIyMDEw
MTA3NTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg0MjBkYWRhNjM1
YjkzMzQwN2QzMTBjNTQ1M2I1OTc5OTgyOTJjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZR0ipW5Kz8lxiIPz1y34aLGmNeoBdBy5r+iVsA8CFqpWaT
KpphaFr4CSxfSpelHoLYzh1pSc3kEPOFebuAwk37vC8L/Bh8ZDhtv5J4VV3O13oh
EincWQROLZGfMDLx5EqIU1Coc8o6Jz62Piz96HhiRfPtX8HNSKFxSCEVpPFSDagm
yd7XJI50A+x5LYnoIVMv9C8CAq7VnQxMiSuryWmitKrPm5rPBLuJ451XSXQ5L0U3
GdNipLgl+ej7n3xUKZ/yqcQlKthd0Pr317vWFpCYg95sN+Z3XvNb2iJ9pzT1foLi
mLuQ2PywQ5PAYudpH0TXjot+ufmD9yRMzRb1MpsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRYQg2tpjW5M0B9MQxUU7WXmYKSxTAfBgNVHSMEGDAWgBSoZYDhitb/jclC
vog8Ft6Lcx+WBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FHV0E0WXJXXzQzSlFyNklQQmJlaTNNZmxnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8x
L1dFSU5yYVkxdVROQWZURU1WRk8xbDVtQ2tzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
ZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8xL3FHV0E0WXJXXzQz
SlFyNklQQmJlaTNNZmxnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmYVDANBgkqhkiG9w0BAQsFAAOC
AQEAb2FWDfMbyILSUaWgZWogiF+FNz6JgrmyumptuFhYphqZ9WKDSMYOE7jJ7jJf
AvY2wDM4e8HYH7M6F9mHit4u87lGG/9CiBytSniY0qrp5v0At9vZikp0iW18E7m6
XVNakdwnm0F3HTk9n0T5OULzxLYSdrCTsai9/o4xljBIvhMICPtR0aSPfHcRkU8w
3KanZ/OmOZWmAbbzRRPdCQwFJYACktwH9oJuIfq+Gftybt6eVEWnDbalZ0zB3M4H
V7mCaPUwMZhjmRn5UdtXYkbrGcSlvhgmMii/Euwfg/jefETMrAhTstN+6+iAxlBj
E4Hs4xjJWTdQ378dx76w1GNe9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:20 2024 by rpki-client on console-fra.rpki-client.org