Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/ik9cSgiwAQ8t1VLw3wz7T8rRrK4.roa
File: ik9cSgiwAQ8t1VLw3wz7T8rRrK4.roa (raw, json)
Hash identifier: zMInzd+nzBd6UNZmNcw38mM5W7IKQCJUfnXxEOyjIxk=
Subject key identifier: 8A:4F:5C:4A:08:B0:01:0F:2D:D5:52:F0:DF:0C:FB:4F:CA:D1:AC:AE
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 0A7B5414
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/ik9cSgiwAQ8t1VLw3wz7T8rRrK4.roa
Signing time: Sat 01 Jan 2022 16:07:08 +0000
ROA not before: Sat 01 Jan 2022 16:07:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48181
IP address blocks: 151.237.48.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175854612 (0xa7b5414)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 16:07:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a4f5c4a08b0010f2dd552f0df0cfb4fcad1acae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:84:11:0b:59:0d:e9:8e:3a:48:48:89:19:0a:
ca:76:cf:df:ca:5a:83:42:a8:ee:0e:bf:0a:dc:f5:
3f:fd:0c:05:e4:55:ce:76:d9:5f:1a:92:93:06:a6:
f2:0e:32:02:87:5b:7b:d9:1c:54:53:a5:86:db:2e:
18:c0:5b:2a:4e:c9:bc:f9:62:73:46:c9:d5:bb:9f:
7d:48:9b:80:15:91:cc:13:9c:15:b1:8f:61:53:8f:
02:28:91:aa:6f:84:26:68:00:85:7e:83:72:55:f0:
fb:fd:86:ad:c0:6b:c1:7d:b2:bc:7e:ae:63:87:d4:
b7:b1:c6:18:09:fe:2c:89:4a:b7:34:c2:0b:af:95:
08:42:3e:91:06:68:16:d5:60:af:31:07:92:49:60:
6d:eb:30:8e:e9:11:de:dd:48:d0:b0:44:a1:41:15:
92:63:f0:d6:bb:5a:3e:f2:2f:57:4f:55:6b:98:13:
e9:6a:d6:45:74:c7:1f:37:91:d3:51:85:cb:76:7e:
fb:9a:f0:e8:73:3c:63:d0:ad:3f:cf:34:88:17:8b:
ae:58:62:81:b6:36:cd:67:93:c3:88:7b:46:94:a1:
f6:8f:79:a2:8a:60:64:52:8d:d2:2f:f6:6b:ff:79:
84:7c:b9:c8:a7:f2:05:cf:3d:b6:99:87:08:02:69:
70:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4F:5C:4A:08:B0:01:0F:2D:D5:52:F0:DF:0C:FB:4F:CA:D1:AC:AE
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/ik9cSgiwAQ8t1VLw3wz7T8rRrK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.48.0/21
Signature Algorithm: sha256WithRSAEncryption
13:f8:56:44:0b:c9:c9:ba:b6:78:35:2f:09:7a:44:a2:0a:d8:
bc:39:f9:7b:f9:48:e2:fd:9c:44:de:86:ec:d9:b1:ff:f4:c7:
e6:fe:0f:0a:a4:c4:6d:aa:2d:22:91:5f:96:99:06:fb:cb:c4:
f2:47:2f:59:8b:52:04:48:85:b5:5e:88:ac:e3:1f:55:0c:14:
eb:2a:3a:71:f8:ca:63:93:be:dc:3d:ca:e5:82:56:51:fa:b1:
51:2d:a1:91:ac:45:cb:ce:28:cc:29:00:da:b0:ac:d7:fe:ac:
84:d7:bf:d7:f2:63:2f:6c:b5:cb:af:fd:11:c2:bb:ca:b0:0c:
80:61:d9:f7:38:bd:b3:92:e0:a4:d0:d0:71:44:5d:2f:c1:d3:
f4:b5:99:32:cb:5a:39:c9:9d:ae:4b:1e:bf:07:c3:42:f2:36:
07:1c:46:00:e2:4a:2d:6a:9f:7f:46:0b:d8:d0:c4:6f:84:c2:
02:5b:ae:7a:96:92:f9:b8:90:08:ee:54:f4:17:a2:97:24:69:
03:d3:fe:22:fd:24:2c:0a:8d:10:87:9c:56:09:50:9e:b2:c6:
d5:40:42:51:fb:65:65:42:30:e2:b7:a1:45:1f:83:65:3d:1a:
b3:79:63:6f:70:f9:6b:fd:33:5f:9d:3c:77:c1:f5:9a:ae:b6:
ed:a6:70:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECntUFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZWJmMzAyMDFmMTJhMDQwZDM4NmQyYjRlZWQ0NDg0NjIzZTRkMTFiMB4XDTIyMDEw
MTE2MDcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE0ZjVjNGEwOGIw
MDEwZjJkZDU1MmYwZGYwY2ZiNGZjYWQxYWNhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWEEQtZDemOOkhIiRkKynbP38pag0Ko7g6/Ctz1P/0MBeRV
znbZXxqSkwam8g4yAodbe9kcVFOlhtsuGMBbKk7JvPlic0bJ1buffUibgBWRzBOc
FbGPYVOPAiiRqm+EJmgAhX6DclXw+/2GrcBrwX2yvH6uY4fUt7HGGAn+LIlKtzTC
C6+VCEI+kQZoFtVgrzEHkklgbeswjukR3t1I0LBEoUEVkmPw1rtaPvIvV09Va5gT
6WrWRXTHHzeR01GFy3Z++5rw6HM8Y9CtP880iBeLrlhigbY2zWeTw4h7RpSh9o95
oopgZFKN0i/2a/95hHy5yKfyBc89tpmHCAJpcJ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKT1xKCLABDy3VUvDfDPtPytGsrjAfBgNVHSMEGDAWgBT+vzAgHxKgQNOG
0rTu1EhGI+TRGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19yOHdJQjhTb0VEVGh0SzA3dFJJUmlQazBScy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvZjhjNGEyLTk2YWMtNGI0ZS1hMTk1LWE5N2MwZGMwYTc0OS8x
L2lrOWNTZ2l3QVE4dDFWTHczd3o3VDhyUnJLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
ZjhjNGEyLTk2YWMtNGI0ZS1hMTk1LWE5N2MwZGMwYTc0OS8xL19yOHdJQjhTb0VE
VGh0SzA3dFJJUmlQazBScy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA5ftMDANBgkqhkiG9w0BAQsFAAOC
AQEAE/hWRAvJybq2eDUvCXpEogrYvDn5e/lI4v2cRN6G7Nmx//TH5v4PCqTEbaot
IpFflpkG+8vE8kcvWYtSBEiFtV6IrOMfVQwU6yo6cfjKY5O+3D3K5YJWUfqxUS2h
kaxFy84ozCkA2rCs1/6shNe/1/JjL2y1y6/9EcK7yrAMgGHZ9zi9s5LgpNDQcURd
L8HT9LWZMstaOcmdrksevwfDQvI2BxxGAOJKLWqff0YL2NDEb4TCAluuepaS+biQ
CO5U9BeilyRpA9P+Iv0kLAqNEIecVglQnrLG1UBCUftlZUIw4rehRR+DZT0as3lj
b3D5a/0zX508d8H1mq627aZw5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:12 2024 by rpki-client on console-fra.rpki-client.org