Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/9DwR-SY-XUpzjE0C5OEYxb5Vk1I.roa
File: 9DwR-SY-XUpzjE0C5OEYxb5Vk1I.roa (raw, json)
Hash identifier: OSihnqqP7x7xaTlUiyglXEE6C1g4ItEll1gYZXgA9NU=
Subject key identifier: F4:3C:11:F9:26:3E:5D:4A:73:8C:4D:02:E4:E1:18:C5:BE:55:93:52
Certificate issuer: /CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Certificate serial: 14E96BEE
Authority key identifier: 4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/9DwR-SY-XUpzjE0C5OEYxb5Vk1I.roa
Signing time: Fri 18 Feb 2022 05:45:06 +0000
ROA not before: Fri 18 Feb 2022 05:45:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38972
IP address blocks: 80.251.152.0/23 maxlen: 23
80.251.154.0/24 maxlen: 24
80.251.144.0/21 maxlen: 21
46.254.24.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350841838 (0x14e96bee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Validity
Not Before: Feb 18 05:45:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f43c11f9263e5d4a738c4d02e4e118c5be559352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:12:11:04:49:4f:c5:92:68:80:25:14:72:90:
0b:54:1a:55:57:55:99:0a:1d:0f:34:7b:03:39:a9:
29:71:43:af:7f:2d:b2:4a:ab:d0:50:99:74:9d:d7:
dd:03:3c:1f:a3:e0:8f:d2:20:56:d4:06:d0:e2:87:
39:5e:a7:14:4c:7d:03:ef:71:a4:69:65:2a:80:de:
58:94:04:74:ec:31:94:42:be:41:42:aa:8b:84:fd:
39:6d:d5:86:70:a5:c6:b8:33:5f:88:7a:d2:2b:bd:
53:b4:f4:c0:6d:6a:4b:f7:32:75:c3:88:1c:62:5b:
e8:70:46:23:bf:1c:6b:b6:9a:69:17:2c:88:a8:1e:
28:d7:96:8e:c2:6e:8f:a1:00:44:d3:6c:9d:df:83:
18:59:1b:1f:db:80:66:35:25:c8:67:2b:f7:9f:cb:
95:dc:50:84:a3:17:17:2e:c6:74:2c:66:11:98:26:
91:d1:77:0c:b1:4f:88:2b:f1:a5:5a:e7:78:a2:e6:
56:f9:7f:45:f7:68:11:4b:da:bc:b7:7b:25:bd:69:
48:f4:99:43:74:e5:dd:b0:ee:09:4e:d0:f0:aa:8a:
49:f2:16:08:8b:1c:d8:86:f9:84:08:11:82:f9:55:
0c:62:cf:d6:f6:a4:ae:cc:9a:52:e1:e9:39:23:19:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3C:11:F9:26:3E:5D:4A:73:8C:4D:02:E4:E1:18:C5:BE:55:93:52
X509v3 Authority Key Identifier:
keyid:4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/9DwR-SY-XUpzjE0C5OEYxb5Vk1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.24.0/22
80.251.144.0-80.251.154.255
Signature Algorithm: sha256WithRSAEncryption
64:d8:5e:01:8e:c1:27:8b:da:da:34:92:46:ea:64:50:22:28:
98:a5:a9:7a:d4:9e:45:6d:ed:a4:18:47:32:71:df:b1:11:5e:
a1:f6:01:64:b3:f7:e3:22:51:4c:9d:5c:4b:5f:eb:d6:52:d2:
00:b5:eb:15:d7:af:1f:e9:76:52:73:dd:d5:9d:45:ed:69:d2:
ed:e2:f8:51:1e:b5:13:66:ff:20:b3:1c:3e:c0:23:62:67:ed:
75:ca:06:b9:54:98:f5:a6:b2:1f:5d:6c:97:96:a6:c1:b0:64:
fe:22:35:f0:6d:65:59:22:cf:74:6f:c7:b8:36:4c:b8:1d:75:
a0:67:72:35:fa:11:58:40:63:23:82:a8:ab:f1:be:61:34:0d:
7e:90:ff:f0:2a:b0:67:ca:5a:f0:92:e8:80:01:78:8d:8b:84:
30:25:95:4c:3b:2a:51:14:a9:ba:e5:d2:1c:54:16:e4:3e:fe:
2b:a8:ee:e9:10:65:20:33:86:9b:4f:10:0c:53:81:d5:12:c4:
90:14:b4:a4:c4:8d:a1:21:3b:8b:59:4a:22:6e:1d:3d:dd:b3:
4c:50:a7:24:39:e2:d1:7e:3c:a1:73:75:25:1d:90:89:ff:e4:
52:b1:47:c9:0e:68:86:39:7f:c9:35:cd:a6:f3:52:be:3d:52:
b7:18:77:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEFOlr7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZTVlYmI5YjA1MWFkNWVjN2EzNjk4OWZjM2ZjYzk0YzFjYWJjYzc0MB4XDTIyMDIx
ODA1NDUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQzYzExZjkyNjNl
NWQ0YTczOGM0ZDAyZTRlMTE4YzViZTU1OTM1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcSEQRJT8WSaIAlFHKQC1QaVVdVmQodDzR7AzmpKXFDr38t
skqr0FCZdJ3X3QM8H6Pgj9IgVtQG0OKHOV6nFEx9A+9xpGllKoDeWJQEdOwxlEK+
QUKqi4T9OW3VhnClxrgzX4h60iu9U7T0wG1qS/cydcOIHGJb6HBGI78ca7aaaRcs
iKgeKNeWjsJuj6EARNNsnd+DGFkbH9uAZjUlyGcr95/LldxQhKMXFy7GdCxmEZgm
kdF3DLFPiCvxpVrneKLmVvl/RfdoEUvavLd7Jb1pSPSZQ3Tl3bDuCU7Q8KqKSfIW
CIsc2Ib5hAgRgvlVDGLP1vakrsyaUuHpOSMZW+ECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBT0PBH5Jj5dSnOMTQLk4RjFvlWTUjAfBgNVHSMEGDAWgBROXrubBRrV7Ho2
mJ/D/MlMHKvMdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RsNjdtd1VhMWV4Nk5waWZ3X3pKVEJ5cnpIUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvZWMxNzIxLTc1YzUtNDBmNS05MzQ1LWMyZmQwZjk1OGQ0Yi8x
LzlEd1ItU1ktWFVwempFMEM1T0VZeGI1VmsxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
ZWMxNzIxLTc1YzUtNDBmNS05MzQ1LWMyZmQwZjk1OGQ0Yi8xL1RsNjdtd1VhMWV4
Nk5waWZ3X3pKVEJ5cnpIUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAi7+GDAMAwQEUPuQAwQAUPuaMA0G
CSqGSIb3DQEBCwUAA4IBAQBk2F4BjsEni9raNJJG6mRQIiiYpal61J5Fbe2kGEcy
cd+xEV6h9gFks/fjIlFMnVxLX+vWUtIAtesV168f6XZSc93VnUXtadLt4vhRHrUT
Zv8gsxw+wCNiZ+11yga5VJj1prIfXWyXlqbBsGT+IjXwbWVZIs90b8e4Nky4HXWg
Z3I1+hFYQGMjgqir8b5hNA1+kP/wKrBnylrwkuiAAXiNi4QwJZVMOypRFKm65dIc
VBbkPv4rqO7pEGUgM4abTxAMU4HVEsSQFLSkxI2hITuLWUoibh093bNMUKckOeLR
fjyhc3UlHZCJ/+RSsUfJDmiGOX/JNc2m81K+PVK3GHfM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:05 2024 by rpki-client on console-fra.rpki-client.org