Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/EpjdqFEVNxRe1lBFvBD-Q0wJXGo.roa
File: EpjdqFEVNxRe1lBFvBD-Q0wJXGo.roa (raw, json)
Hash identifier: cVkuLs7VJzdmUR+fXdzf5ZnTsbEdm6fBNe1yYQnhI5g=
Subject key identifier: 12:98:DD:A8:51:15:37:14:5E:D6:50:45:BC:10:FE:43:4C:09:5C:6A
Certificate issuer: /CN=d894365b28a082834a751a97771b791124524dec
Certificate serial: 097953E1
Authority key identifier: D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/EpjdqFEVNxRe1lBFvBD-Q0wJXGo.roa
Signing time: Sat 01 Jan 2022 00:54:22 +0000
ROA not before: Sat 01 Jan 2022 00:54:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19607
IP address blocks: 91.108.160.0/21 maxlen: 21
185.31.152.0/22 maxlen: 22
109.68.192.0/21 maxlen: 21
159.253.160.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158946273 (0x97953e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d894365b28a082834a751a97771b791124524dec
Validity
Not Before: Jan 1 00:54:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1298dda8511537145ed65045bc10fe434c095c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7c:17:6c:aa:5b:55:e8:3d:6b:d7:dc:14:d1:
5b:d6:e5:42:52:79:b8:a9:5a:9f:22:c8:04:ad:4d:
4b:c1:55:92:d6:f9:72:70:b7:0b:30:de:e3:2b:8c:
66:25:d6:96:0a:3d:1f:fd:cc:35:8f:ab:d1:b8:86:
08:23:81:49:8f:d4:8f:5a:39:e3:2d:c5:8c:c6:92:
9e:34:80:c6:37:6e:87:2a:1d:af:9c:8d:cd:c0:c6:
ee:e3:eb:45:f4:a9:7c:2b:a8:c2:53:5f:a5:39:63:
e0:b3:c6:19:81:56:0d:44:fb:83:e1:bd:30:b7:9e:
5f:17:79:e1:c9:b9:3d:0d:59:90:22:55:7f:4d:b3:
b4:d5:52:ea:83:83:22:a7:3a:26:0d:ae:33:1d:f4:
57:8e:f9:be:dd:ba:b0:03:f9:86:2c:87:9e:8a:24:
67:a7:d2:8d:c2:8c:4a:d9:22:60:05:18:6a:d5:51:
56:cf:cd:3a:3a:35:62:12:e0:da:9e:02:77:a0:14:
ea:7e:84:04:1e:cd:32:c8:d0:e3:b5:a0:6a:0a:15:
88:55:05:fb:ab:72:34:4f:32:0b:25:2d:b1:f2:79:
83:65:db:cb:41:dd:5a:42:a4:6c:d9:7a:80:b1:c9:
23:dc:ff:e4:20:9a:2e:59:5f:ca:90:32:7e:f6:99:
9f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:98:DD:A8:51:15:37:14:5E:D6:50:45:BC:10:FE:43:4C:09:5C:6A
X509v3 Authority Key Identifier:
keyid:D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/EpjdqFEVNxRe1lBFvBD-Q0wJXGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.160.0/21
109.68.192.0/21
159.253.160.0/21
185.31.152.0/22
Signature Algorithm: sha256WithRSAEncryption
16:7f:bf:f1:a2:1c:7e:23:50:26:e6:d0:a7:75:1b:b5:95:d1:
88:52:fd:c3:36:9b:f6:04:fd:5f:4d:31:b2:41:73:5e:17:53:
0b:e5:bf:b9:0d:ce:35:2e:61:41:fe:6b:46:0b:af:e4:95:d8:
2b:f8:66:49:02:29:51:8f:f1:e5:24:1b:a9:15:95:d7:56:0a:
33:b2:82:c5:24:71:1a:52:39:74:54:17:64:ce:d7:cd:32:ef:
b6:e8:fd:0e:3b:9e:84:1e:4e:3f:9e:e0:41:02:2a:1c:ca:d8:
c2:68:23:a5:b7:bf:93:45:a6:fa:9b:29:1a:43:7d:1c:10:25:
23:17:57:58:55:3c:b9:81:be:a8:7f:2f:59:ff:d7:4a:40:03:
7e:e5:c1:4e:d6:1a:2a:77:c9:a5:21:ee:90:27:d6:d2:21:03:
83:9f:f6:28:13:37:dc:0d:5a:01:9f:b8:7b:4d:96:9e:df:c8:
67:8a:1f:23:c9:8d:fd:d6:43:6a:58:16:1c:8d:eb:52:cb:de:
39:9b:66:b8:11:59:c3:3c:9d:f1:c2:9c:a1:52:72:f4:b6:f4:
ec:44:2f:0e:33:ef:d8:35:ee:32:2e:ca:a8:10:35:93:5c:54:
42:14:47:7c:6b:c1:d4:7e:bf:2b:0f:72:62:84:f1:0d:63:4a:
b3:a2:11:3d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECXlT4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODk0MzY1YjI4YTA4MjgzNGE3NTFhOTc3NzFiNzkxMTI0NTI0ZGVjMB4XDTIyMDEw
MTAwNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTI5OGRkYTg1MTE1
MzcxNDVlZDY1MDQ1YmMxMGZlNDM0YzA5NWM2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJ8F2yqW1XoPWvX3BTRW9blQlJ5uKlanyLIBK1NS8FVktb5
cnC3CzDe4yuMZiXWlgo9H/3MNY+r0biGCCOBSY/Uj1o54y3FjMaSnjSAxjduhyod
r5yNzcDG7uPrRfSpfCuowlNfpTlj4LPGGYFWDUT7g+G9MLeeXxd54cm5PQ1ZkCJV
f02ztNVS6oODIqc6Jg2uMx30V475vt26sAP5hiyHnookZ6fSjcKMStkiYAUYatVR
Vs/NOjo1YhLg2p4Cd6AU6n6EBB7NMsjQ47WgagoViFUF+6tyNE8yCyUtsfJ5g2Xb
y0HdWkKkbNl6gLHJI9z/5CCaLllfypAyfvaZn2ECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQSmN2oURU3FF7WUEW8EP5DTAlcajAfBgNVHSMEGDAWgBTYlDZbKKCCg0p1
Gpd3G3kRJFJN7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJKUTJXeWlnZ29OS2RScVhkeHQ1RVNSU1Rldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzYvYTYwN2Y0LTE1ZGMtNGRiNS05NjAxLTIxNDYxNzlkOGUyYi8x
L0VwamRxRkVWTnhSZTFsQkZ2QkQtUTB3SlhHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYv
YTYwN2Y0LTE1ZGMtNGRiNS05NjAxLTIxNDYxNzlkOGUyYi8xLzJKUTJXeWlnZ29O
S2RScVhkeHQ1RVNSU1Rldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEA1tsoAMEA21EwAMEA5/9oAMEArkf
mDANBgkqhkiG9w0BAQsFAAOCAQEAFn+/8aIcfiNQJubQp3UbtZXRiFL9wzab9gT9
X00xskFzXhdTC+W/uQ3ONS5hQf5rRguv5JXYK/hmSQIpUY/x5SQbqRWV11YKM7KC
xSRxGlI5dFQXZM7XzTLvtuj9DjuehB5OP57gQQIqHMrYwmgjpbe/k0Wm+pspGkN9
HBAlIxdXWFU8uYG+qH8vWf/XSkADfuXBTtYaKnfJpSHukCfW0iEDg5/2KBM33A1a
AZ+4e02Wnt/IZ4ofI8mN/dZDalgWHI3rUsveOZtmuBFZwzyd8cKcoVJy9Lb07EQv
DjPv2DXuMi7KqBA1k1xUQhRHfGvB1H6/Kw9yYoTxDWNKs6IRPQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:41 2023 by rpki-client on console-fra.rpki-client.org