Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4707b4-0032-4ac7-bcc7-40c1a72702ef/1/1U3Qf4wpuarIbTIr9Y4c7Hd5PKw.roa
File: 1U3Qf4wpuarIbTIr9Y4c7Hd5PKw.roa (raw, json)
Hash identifier: qbcS7f/kKEHX+yOry9/UXWsHM/AtvOVvENr4gYkW5b4=
Subject key identifier: D5:4D:D0:7F:8C:29:B9:AA:C8:6D:32:2B:F5:8E:1C:EC:77:79:3C:AC
Certificate issuer: /CN=fa1e9b4e8dc49be3aba597425aefd8b3a5362ffc
Certificate serial: 01828D4BAA6B067D126A4766B389D0768E13
Authority key identifier: FA:1E:9B:4E:8D:C4:9B:E3:AB:A5:97:42:5A:EF:D8:B3:A5:36:2F:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-h6bTo3Em-OrpZdCWu_Ys6U2L_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4707b4-0032-4ac7-bcc7-40c1a72702ef/1/1U3Qf4wpuarIbTIr9Y4c7Hd5PKw.roa
Signing time: Thu 11 Aug 2022 14:25:22 +0000
ROA not before: Thu 11 Aug 2022 14:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8798
IP address blocks: 212.69.76.0/24 maxlen: 24
212.69.72.0/22 maxlen: 22
212.69.78.0/23 maxlen: 23
212.69.80.0/21 maxlen: 21
212.69.80.0/20 maxlen: 20
212.69.88.0/21 maxlen: 21
212.69.64.0/21 maxlen: 21
2001:4028::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:4b:aa:6b:06:7d:12:6a:47:66:b3:89:d0:76:8e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa1e9b4e8dc49be3aba597425aefd8b3a5362ffc
Validity
Not Before: Aug 11 14:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d54dd07f8c29b9aac86d322bf58e1cec77793cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:95:06:ad:4b:2e:70:b3:97:d5:ec:67:38:a7:
bd:73:58:37:b5:48:04:16:01:75:4a:5e:88:aa:09:
6a:ed:42:4e:b0:4e:b1:58:cb:1d:46:53:6a:df:c0:
63:f4:c4:23:12:77:6c:cb:46:02:f3:ea:f2:aa:91:
7d:51:ed:78:ae:09:90:f3:5a:77:bc:6f:df:82:2e:
e9:ec:ec:b4:ee:92:0d:ed:8c:77:b2:08:0a:0d:72:
5a:3d:7b:45:4f:54:da:a7:af:be:85:fc:3f:9e:71:
15:47:36:3d:b0:cd:4c:84:81:a2:a3:be:5d:b4:17:
c6:53:b4:fc:e1:14:a9:35:ac:07:c8:e3:96:27:59:
41:61:d8:76:1e:cb:fe:cf:47:b5:78:3d:8d:ec:39:
83:37:ef:2e:50:61:5d:d4:0e:cf:71:f6:bf:63:fb:
a2:f9:fe:42:1d:9c:ed:a1:e6:73:65:9f:2c:a0:ba:
4f:e7:ac:69:88:15:04:c0:02:72:db:50:af:7a:b2:
a0:ef:37:0b:06:21:ad:bd:b9:b3:47:75:67:9c:a6:
02:63:fd:dd:14:0a:fa:98:12:bc:b5:0f:42:53:7a:
71:33:44:81:83:82:3d:02:d0:57:62:57:74:83:ac:
b6:d5:49:02:40:8f:9d:ff:46:16:83:38:f4:2b:ff:
d0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:4D:D0:7F:8C:29:B9:AA:C8:6D:32:2B:F5:8E:1C:EC:77:79:3C:AC
X509v3 Authority Key Identifier:
keyid:FA:1E:9B:4E:8D:C4:9B:E3:AB:A5:97:42:5A:EF:D8:B3:A5:36:2F:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-h6bTo3Em-OrpZdCWu_Ys6U2L_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4707b4-0032-4ac7-bcc7-40c1a72702ef/1/1U3Qf4wpuarIbTIr9Y4c7Hd5PKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4707b4-0032-4ac7-bcc7-40c1a72702ef/1/1-h6bTo3Em-OrpZdCWu_Ys6U2L_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.69.64.0-212.69.76.255
212.69.78.0-212.69.95.255
IPv6:
2001:4028::/29
Signature Algorithm: sha256WithRSAEncryption
7e:92:24:19:a2:9e:21:b3:5f:73:26:00:6a:e0:f4:16:f2:0d:
56:46:13:e4:a7:2e:7d:32:1a:14:6b:f0:c9:6a:93:32:9e:37:
f3:50:cf:8d:3a:37:8b:9b:45:a1:c6:a1:21:ae:31:32:8d:69:
06:c1:ad:e6:5e:4d:2d:13:c1:a2:d1:fb:39:10:39:36:03:43:
fe:f6:5e:a6:ba:6d:92:0a:74:e3:d0:30:65:3c:cd:61:a9:30:
2a:bf:46:da:37:75:71:12:f8:33:7d:8c:2c:11:8f:a9:3a:6d:
a0:19:fb:fb:08:5c:65:06:8b:e1:ab:c6:7b:2e:59:f4:b8:3d:
83:ad:1a:7d:ca:79:e5:9b:a7:1b:66:a9:1e:82:c5:97:07:da:
0a:e1:85:e8:45:3a:0a:11:20:89:0e:3a:82:a0:a7:59:d4:8c:
0e:6e:11:a1:95:4f:6a:98:da:81:b6:bb:57:08:3b:c9:36:7a:
41:87:e3:db:b0:59:1b:0a:14:5d:f7:03:ac:5a:30:30:c6:28:
37:ff:2d:33:c1:83:9b:ef:9f:5d:e6:29:85:2d:c7:e9:f4:51:
c0:0d:f0:82:19:66:ce:b5:0e:39:d8:65:58:db:30:ca:35:9f:
c6:d2:d9:ba:7e:45:19:3b:41:ca:f6:ac:26:44:19:ee:8c:30:
10:bd:77:4d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYKNS6prBn0Sakdms4nQdo4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMWU5YjRlOGRjNDliZTNhYmE1OTc0MjVhZWZkOGIzYTUz
NjJmZmMwHhcNMjIwODExMTQyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTRkZDA3ZjhjMjliOWFhYzg2ZDMyMmJmNThlMWNlYzc3NzkzY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpUGrUsucLOX1exnOKe9c1g3tUgE
FgF1Sl6Iqglq7UJOsE6xWMsdRlNq38Bj9MQjEndsy0YC8+ryqpF9Ue14rgmQ81p3
vG/fgi7p7Oy07pIN7Yx3sggKDXJaPXtFT1Tap6++hfw/nnEVRzY9sM1MhIGio75d
tBfGU7T84RSpNawHyOOWJ1lBYdh2Hsv+z0e1eD2N7DmDN+8uUGFd1A7Pcfa/Y/ui
+f5CHZztoeZzZZ8soLpP56xpiBUEwAJy21CverKg7zcLBiGtvbmzR3VnnKYCY/3d
FAr6mBK8tQ9CU3pxM0SBg4I9AtBXYld0g6y21UkCQI+d/0YWgzj0K//QzwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNVN0H+MKbmqyG0yK/WOHOx3eTysMB8GA1UdIwQY
MBaAFPoem06NxJvjq6WXQlrv2LOlNi/8MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oNmJUbzNFbS1PcnBaZENXdV9ZczZVMkxfdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUvNDcwN2I0LTAwMzItNGFjNy1iY2M3
LTQwYzFhNzI3MDJlZi8xLzFVM1FmNHdwdWFySWJUSXI5WTRjN0hkNVBLdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvNDcwN2I0LTAwMzItNGFjNy1iY2M3LTQwYzFhNzI3MDJl
Zi8xLzEtaDZiVG8zRW0tT3JwWmRDV3VfWXM2VTJMX3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRAYIKwYBBQUHAQcBAf8ENTAzMCIEAgABMBwwDAMEBtRF
QAMEANRFTDAMAwQB1EVOAwQF1EVAMA0EAgACMAcDBQMgAUAoMA0GCSqGSIb3DQEB
CwUAA4IBAQB+kiQZop4hs19zJgBq4PQW8g1WRhPkpy59MhoUa/DJapMynjfzUM+N
OjeLm0WhxqEhrjEyjWkGwa3mXk0tE8Gi0fs5EDk2A0P+9l6mum2SCnTj0DBlPM1h
qTAqv0baN3VxEvgzfYwsEY+pOm2gGfv7CFxlBovhq8Z7Lln0uD2DrRp9ynnlm6cb
ZqkegsWXB9oK4YXoRToKESCJDjqCoKdZ1IwObhGhlU9qmNqBtrtXCDvJNnpBh+Pb
sFkbChRd9wOsWjAwxig3/y0zwYOb759d5imFLcfp9FHADfCCGWbOtQ452GVY2zDK
NZ/G0tm6fkUZO0HK9qwmRBnujDAQvXdN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:05 2024 by rpki-client on console-fra.rpki-client.org