Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8c851-16ec-476f-9918-a62473abaa91/1/tRjz9e26iHcC62pla43uyniGWns.roa
File: tRjz9e26iHcC62pla43uyniGWns.roa (raw, json)
Hash identifier: GJYoz2YnYSrfKK0WRnG2Jplf6VrA12iQFkEFA8hIwWo=
Subject key identifier: B5:18:F3:F5:ED:BA:88:77:02:EB:6A:65:6B:8D:EE:CA:78:86:5A:7B
Certificate issuer: /CN=d1f5d55a1bb009d181992e241851d5f9939237cc
Certificate serial: 0F34C896
Authority key identifier: D1:F5:D5:5A:1B:B0:09:D1:81:99:2E:24:18:51:D5:F9:93:92:37:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fXVWhuwCdGBmS4kGFHV-ZOSN8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8c851-16ec-476f-9918-a62473abaa91/1/tRjz9e26iHcC62pla43uyniGWns.roa
Signing time: Sat 01 Jan 2022 09:56:35 +0000
ROA not before: Sat 01 Jan 2022 09:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44053
IP address blocks: 185.50.200.0/22 maxlen: 22
79.98.208.0/21 maxlen: 32
31.15.16.0/21 maxlen: 32
92.53.224.0/21 maxlen: 21
95.174.88.0/21 maxlen: 21
94.127.176.0/21 maxlen: 32
31.177.104.0/21 maxlen: 21
2a02:6d00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 255117462 (0xf34c896)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f5d55a1bb009d181992e241851d5f9939237cc
Validity
Not Before: Jan 1 09:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b518f3f5edba887702eb6a656b8deeca78865a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:67:23:38:21:f3:1a:f8:01:d9:26:01:b8:ef:
67:64:24:c5:86:ae:b2:e4:08:60:2b:49:40:9f:2e:
9e:7f:10:6d:93:70:e9:96:32:34:cb:35:4b:29:19:
29:66:f8:04:6f:89:66:a9:13:65:45:af:fe:f9:1a:
14:66:68:d9:a6:45:32:46:5f:5b:0b:5f:60:a4:c0:
e1:20:59:d5:e2:ec:e9:83:70:56:0e:ec:b0:80:59:
90:1d:8b:c5:a4:a0:91:8d:ca:f9:24:43:83:48:0b:
e7:16:e9:c3:87:e8:31:5f:11:97:6f:3b:7d:89:4f:
4a:93:1e:c1:35:a3:dc:5b:e4:d4:ef:59:c3:1a:5f:
d0:fe:7f:e7:bd:25:9e:4a:3a:3d:65:13:a3:48:ea:
a9:e8:c7:47:b0:56:ba:f1:7d:1a:da:6a:ee:98:24:
1d:21:fb:1e:75:7f:7a:21:6f:23:88:dd:8b:49:52:
71:37:7f:31:39:19:cf:64:3b:f1:a1:31:a2:7e:84:
1a:47:fc:1d:67:c4:86:33:a3:6b:bb:21:db:9e:0b:
02:bf:93:e7:27:c5:23:30:32:04:6f:ce:4f:b0:98:
4e:6f:56:c3:98:f2:23:1b:f2:47:66:dc:e2:e0:07:
59:85:dd:15:54:3e:c2:84:8e:05:ee:2e:93:cb:60:
45:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:18:F3:F5:ED:BA:88:77:02:EB:6A:65:6B:8D:EE:CA:78:86:5A:7B
X509v3 Authority Key Identifier:
keyid:D1:F5:D5:5A:1B:B0:09:D1:81:99:2E:24:18:51:D5:F9:93:92:37:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fXVWhuwCdGBmS4kGFHV-ZOSN8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8c851-16ec-476f-9918-a62473abaa91/1/tRjz9e26iHcC62pla43uyniGWns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8c851-16ec-476f-9918-a62473abaa91/1/0fXVWhuwCdGBmS4kGFHV-ZOSN8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.16.0/21
31.177.104.0/21
79.98.208.0/21
92.53.224.0/21
94.127.176.0/21
95.174.88.0/21
185.50.200.0/22
IPv6:
2a02:6d00::/32
Signature Algorithm: sha256WithRSAEncryption
9f:9b:7d:7f:84:59:ea:a2:d5:6d:7b:4b:88:f1:15:e5:42:49:
6d:82:ab:af:cc:43:24:2e:2e:29:e8:d6:2a:6e:91:ec:7b:87:
dc:75:89:dd:5a:ee:68:38:40:ef:06:a6:8b:9f:b0:7c:06:70:
1f:fa:30:b1:c1:a9:33:a4:a8:15:14:6a:f0:f1:fe:c1:71:d1:
38:e3:fe:6c:35:60:06:a9:f9:e4:b0:25:19:1b:8e:ce:df:f7:
f2:a5:81:e7:7c:68:2a:96:4a:16:45:c9:91:82:78:e3:bb:c9:
5d:46:c3:a3:c3:20:63:f6:23:d7:73:bd:3d:e4:bc:cd:f2:8f:
8a:f6:ff:42:9c:10:6e:f8:7f:f4:e7:88:2f:f7:53:b0:5c:9c:
84:b7:a6:34:ea:2f:67:9f:97:71:96:9f:1a:95:27:3e:e1:ac:
8b:d3:47:4b:76:06:73:df:a1:4d:e8:98:d2:58:f8:e8:c8:54:
82:08:ad:a7:bc:7f:7a:c3:09:06:d3:8c:6d:00:47:97:62:01:
82:56:42:68:62:d2:c5:2a:2f:4e:5b:38:34:00:ab:48:6b:4b:
05:7d:79:ff:28:1f:54:21:78:fd:ad:f0:a5:6b:cd:4d:0d:11:
92:71:bd:a7:39:9a:a1:8a:b3:0e:a3:54:bf:8e:2b:12:d9:c1:
e4:5b:94:b0
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEDzTIljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MWY1ZDU1YTFiYjAwOWQxODE5OTJlMjQxODUxZDVmOTkzOTIzN2NjMB4XDTIyMDEw
MTA5NTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUxOGYzZjVlZGJh
ODg3NzAyZWI2YTY1NmI4ZGVlY2E3ODg2NWE3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9nIzgh8xr4AdkmAbjvZ2QkxYausuQIYCtJQJ8unn8QbZNw
6ZYyNMs1SykZKWb4BG+JZqkTZUWv/vkaFGZo2aZFMkZfWwtfYKTA4SBZ1eLs6YNw
Vg7ssIBZkB2LxaSgkY3K+SRDg0gL5xbpw4foMV8Rl287fYlPSpMewTWj3Fvk1O9Z
wxpf0P5/570lnko6PWUTo0jqqejHR7BWuvF9Gtpq7pgkHSH7HnV/eiFvI4jdi0lS
cTd/MTkZz2Q78aExon6EGkf8HWfEhjOja7sh254LAr+T5yfFIzAyBG/OT7CYTm9W
w5jyIxvyR2bc4uAHWYXdFVQ+woSOBe4uk8tgRSkCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBS1GPP17bqIdwLramVrje7KeIZaezAfBgNVHSMEGDAWgBTR9dVaG7AJ0YGZ
LiQYUdX5k5I3zDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBmWFZXaHV3Q2RHQm1TNGtHRkhWLVpPU044dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvYjhjODUxLTE2ZWMtNDc2Zi05OTE4LWE2MjQ3M2FiYWE5MS8x
L3RSano5ZTI2aUhjQzYycGxhNDN1eW5pR1ducy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
YjhjODUxLTE2ZWMtNDc2Zi05OTE4LWE2MjQ3M2FiYWE5MS8xLzBmWFZXaHV3Q2RH
Qm1TNGtHRkhWLVpPU044dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAx8PEAMEAx+xaAMEA09i0AMEA1w1
4AMEA15/sAMEA1+uWAMEArkyyDANBAIAAjAHAwUAKgJtADANBgkqhkiG9w0BAQsF
AAOCAQEAn5t9f4RZ6qLVbXtLiPEV5UJJbYKrr8xDJC4uKejWKm6R7HuH3HWJ3Vru
aDhA7wami5+wfAZwH/owscGpM6SoFRRq8PH+wXHROOP+bDVgBqn55LAlGRuOzt/3
8qWB53xoKpZKFkXJkYJ447vJXUbDo8MgY/Yj13O9PeS8zfKPivb/QpwQbvh/9OeI
L/dTsFychLemNOovZ5+XcZafGpUnPuGsi9NHS3YGc9+hTeiY0lj46MhUggitp7x/
esMJBtOMbQBHl2IBglZCaGLSxSovTls4NACrSGtLBX15/ygfVCF4/a3wpWvNTQ0R
knG9pzmaoYqzDqNUv44rEtnB5FuUsA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:01 2023 by rpki-client on console-ams.rpki-client.org