Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/FQLp0gwdwb3g4tcS0aCaNmZLnTA.roa
File: FQLp0gwdwb3g4tcS0aCaNmZLnTA.roa (raw, json)
Hash identifier: Pyf3kqotj9JbNpwDyR0ID3MdGLRAtaQ/kvkPJAY4VV8=
Subject key identifier: 15:02:E9:D2:0C:1D:C1:BD:E0:E2:D7:12:D1:A0:9A:36:66:4B:9D:30
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018D36B8B8048F047486283E8BA2FDA58267
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/FQLp0gwdwb3g4tcS0aCaNmZLnTA.roa
Signing time: Tue 23 Jan 2024 14:28:11 +0000
ROA not before: Tue 23 Jan 2024 14:28:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44220
IP address blocks: 85.204.246.0/24 maxlen: 24
89.45.46.0/24 maxlen: 24
188.213.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:b8:b8:04:8f:04:74:86:28:3e:8b:a2:fd:a5:82:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 23 14:28:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1502e9d20c1dc1bde0e2d712d1a09a36664b9d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:97:cc:cb:d1:58:56:99:27:66:cd:68:aa:e7:
31:37:b8:f3:ec:4a:44:7e:69:d5:b2:1c:78:67:e4:
20:5a:ce:dc:91:3c:16:f0:b5:17:de:c7:3c:7c:62:
13:ba:11:f0:e5:73:a3:75:a1:97:c2:51:4e:38:f1:
38:76:ae:dc:27:ee:19:33:26:45:c7:d1:ec:64:c9:
7e:e5:fc:dc:f4:e7:ab:8b:a8:05:6f:36:ba:d4:3f:
52:88:c8:99:49:e1:71:56:cb:40:09:e8:f2:4a:de:
d1:32:ad:37:29:13:ef:7a:68:78:c4:ac:f8:5a:79:
cc:f5:42:fc:90:7f:f0:f5:82:37:d6:1a:d2:71:f1:
93:50:17:2e:08:31:f6:e4:1b:68:9d:9a:41:bd:d6:
82:cf:49:39:d1:ef:84:54:b3:4b:73:31:3c:25:d1:
f2:d0:34:06:3f:11:95:a3:89:be:cb:fa:77:68:e2:
ae:09:d1:5a:cc:f2:da:64:af:7a:4f:12:6f:52:d1:
e4:ce:75:74:47:32:21:ff:cf:63:6d:ca:52:2c:69:
e5:8a:78:cf:f0:f5:4b:a1:be:6d:c8:ca:bf:e5:a9:
d0:c9:bb:cc:38:b8:b5:a7:14:fc:ae:af:5d:66:58:
6d:08:49:47:47:7b:51:13:17:00:ff:66:3d:00:30:
0c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:02:E9:D2:0C:1D:C1:BD:E0:E2:D7:12:D1:A0:9A:36:66:4B:9D:30
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/FQLp0gwdwb3g4tcS0aCaNmZLnTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.246.0/24
89.45.46.0/24
188.213.49.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:8f:43:b3:c9:0a:6c:b2:b3:09:9c:b2:c1:d0:80:f4:8c:ff:
12:2f:2a:76:e2:f8:31:4a:9d:23:e7:9c:8c:a6:30:0e:e0:40:
d3:6a:fd:2e:dc:97:a0:72:77:94:b2:f2:2c:36:fc:b3:1b:cc:
ca:7b:ed:0f:e2:e7:34:5a:22:4c:91:cd:77:c0:87:63:96:b3:
9e:cd:12:2e:72:68:52:a8:00:44:1b:48:51:bd:0d:5a:65:64:
1d:79:54:0a:bb:e5:9f:c8:79:d3:e4:44:fc:f9:98:57:dc:da:
dc:16:cb:46:4b:cd:12:f9:76:11:1b:4a:4b:52:e6:6f:52:69:
36:85:c4:5b:cc:75:00:d4:3f:04:36:ad:b3:d5:d9:d8:f1:8a:
89:7b:ed:7e:2d:86:4c:c1:a2:e8:c2:4d:7e:99:f6:21:c4:63:
c0:cb:51:25:06:2f:dd:65:9f:48:b5:3f:ca:a7:3c:64:f2:e6:
15:b7:a9:33:a1:d7:8d:69:22:9f:9c:66:70:7d:86:9c:fa:fb:
52:8b:93:10:6a:ce:ed:8d:39:46:a6:ff:52:9f:0e:ee:a8:8d:
ab:98:1c:4b:a5:8d:e5:bc:95:4a:e2:db:a2:07:2c:0b:55:cc:
ee:dc:61:f0:8d:a4:e7:ee:b1:9d:e4:05:0f:7e:12:c6:26:9d:
f0:41:a9:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY02uLgEjwR0hig+i6L9pYJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTIzMTQyODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTAyZTlkMjBjMWRjMWJkZTBlMmQ3MTJkMWEwOWEzNjY2NGI5ZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJfMy9FYVpknZs1oqucxN7jz7EpE
fmnVshx4Z+QgWs7ckTwW8LUX3sc8fGITuhHw5XOjdaGXwlFOOPE4dq7cJ+4ZMyZF
x9HsZMl+5fzc9Oeri6gFbza61D9SiMiZSeFxVstACejySt7RMq03KRPvemh4xKz4
WnnM9UL8kH/w9YI31hrScfGTUBcuCDH25BtonZpBvdaCz0k50e+EVLNLczE8JdHy
0DQGPxGVo4m+y/p3aOKuCdFazPLaZK96TxJvUtHkznV0RzIh/89jbcpSLGnlinjP
8PVLob5tyMq/5anQybvMOLi1pxT8rq9dZlhtCElHR3tRExcA/2Y9ADAMMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBUC6dIMHcG94OLXEtGgmjZmS50wMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvRlFMcDBnd2R3YjNnNHRjUzBhQ2FObVpMblRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcz2AwQA
WS0uAwQAvNUxMA0GCSqGSIb3DQEBCwUAA4IBAQCOj0OzyQpssrMJnLLB0ID0jP8S
Lyp24vgxSp0j55yMpjAO4EDTav0u3JegcneUsvIsNvyzG8zKe+0P4uc0WiJMkc13
wIdjlrOezRIucmhSqABEG0hRvQ1aZWQdeVQKu+WfyHnT5ET8+ZhX3NrcFstGS80S
+XYRG0pLUuZvUmk2hcRbzHUA1D8ENq2z1dnY8YqJe+1+LYZMwaLowk1+mfYhxGPA
y1ElBi/dZZ9ItT/Kpzxk8uYVt6kzodeNaSKfnGZwfYac+vtSi5MQas7tjTlGpv9S
nw7uqI2rmBxLpY3lvJVK4tuiBywLVczu3GHwjaTn7rGd5AUPfhLGJp3wQakb
-----END CERTIFICATE-----
Generated at Tue Aug 6 15:08:08 2024 by rpki-client on console-ams.rpki-client.org