Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/hN2z0p_8H1gcX9DUMpKLhKj7lg0.roa
File: hN2z0p_8H1gcX9DUMpKLhKj7lg0.roa (raw, json)
Hash identifier: Fq2RVTJejXjvwuqznVnvPBm/5BeVExH4SEF/TMd5hQg=
Subject key identifier: 84:DD:B3:D2:9F:FC:1F:58:1C:5F:D0:D4:32:92:8B:84:A8:FB:96:0D
Certificate issuer: /CN=306134bcf59f581d6b76630cfa87867876a29215
Certificate serial: 036B55C7
Authority key identifier: 30:61:34:BC:F5:9F:58:1D:6B:76:63:0C:FA:87:86:78:76:A2:92:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGE0vPWfWB1rdmMM-oeGeHaikhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/hN2z0p_8H1gcX9DUMpKLhKj7lg0.roa
Signing time: Fri 25 Mar 2022 13:44:33 +0000
ROA not before: Fri 25 Mar 2022 13:44:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5500
IP address blocks: 193.93.200.0/22 maxlen: 22
188.64.32.0/21 maxlen: 21
2a02:56c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57365959 (0x36b55c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306134bcf59f581d6b76630cfa87867876a29215
Validity
Not Before: Mar 25 13:44:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84ddb3d29ffc1f581c5fd0d432928b84a8fb960d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a9:78:d4:23:b9:83:99:34:f2:68:f9:2a:40:
d2:0a:35:fc:c5:92:0c:6e:b9:67:f1:7f:2b:1d:84:
06:0a:10:f6:d4:67:f9:bc:5e:d1:a2:69:c8:3e:40:
b9:9f:fb:dd:cc:19:6a:77:8c:8d:ab:91:46:ef:bd:
31:9b:4a:8b:b1:5c:64:bf:62:6f:cc:88:e1:de:28:
9d:9d:3d:c1:9d:cd:c9:c2:63:fa:d6:3f:b5:c4:47:
a0:35:4a:53:0b:a5:41:7a:ca:5c:e9:63:19:6b:a0:
be:53:82:21:60:e2:15:fd:f1:4e:0b:1d:3d:de:90:
a1:70:ac:29:67:46:6f:69:d0:5f:0b:20:b6:60:01:
f7:dc:d3:1b:a0:d9:d5:66:a3:e5:d0:34:f6:7a:f5:
09:8f:da:d5:62:cc:8a:01:69:53:31:13:95:a9:99:
b4:d9:81:e8:47:25:9a:f5:dd:f4:60:98:5e:72:07:
c3:f4:b0:f4:ea:c8:51:a8:59:96:e0:78:df:c8:8f:
70:be:50:21:b9:5b:18:b0:bd:21:df:0b:c5:d8:cf:
34:61:e9:d0:e1:38:55:57:a2:d3:ea:a1:61:92:23:
00:f4:e5:94:ca:65:0c:52:f4:03:38:90:c4:47:55:
27:a6:32:0c:88:af:5c:a2:20:a4:6a:00:65:6b:45:
75:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DD:B3:D2:9F:FC:1F:58:1C:5F:D0:D4:32:92:8B:84:A8:FB:96:0D
X509v3 Authority Key Identifier:
keyid:30:61:34:BC:F5:9F:58:1D:6B:76:63:0C:FA:87:86:78:76:A2:92:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGE0vPWfWB1rdmMM-oeGeHaikhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/hN2z0p_8H1gcX9DUMpKLhKj7lg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a8941a-7250-48ec-aaf8-6d8ea9d1cd73/1/MGE0vPWfWB1rdmMM-oeGeHaikhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.32.0/21
193.93.200.0/22
IPv6:
2a02:56c0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:ff:a2:c3:10:8c:86:4b:f9:46:3f:9f:c0:9a:08:81:d1:9f:
d5:c5:32:1d:75:a0:98:73:a2:ca:73:ba:3b:12:4c:54:d5:59:
5d:68:99:a3:83:e1:f5:f9:bc:57:93:36:f1:5d:24:42:d6:ee:
8f:48:ba:2e:aa:84:76:ef:a1:b0:d3:ba:d2:85:f3:fb:be:65:
20:52:cd:9e:87:d5:60:d3:9a:bb:fc:20:6f:d9:90:11:c3:ec:
84:75:bc:b3:3b:ab:c0:1d:e8:b7:67:98:fd:0c:e4:75:1d:89:
14:97:7e:9d:16:74:d5:b0:d1:fa:b1:9b:ab:20:b1:66:0f:4e:
b0:71:99:22:b9:1b:eb:27:c8:53:40:c7:b1:b4:ae:1d:3c:15:
a4:37:06:ca:3b:d0:ae:24:33:32:db:fa:7b:d9:ca:3c:b7:5c:
b7:34:47:48:d2:4b:6b:d7:22:11:90:5c:67:9a:85:c2:87:6e:
ce:b0:ac:8b:80:6c:4b:e7:61:c7:21:7c:50:c0:56:68:0f:be:
23:e6:5b:fc:28:bb:24:b3:f9:eb:72:8a:0b:56:4c:99:9f:9a:
b3:2b:a7:01:f8:14:8f:bf:aa:48:69:18:a7:fd:e8:63:aa:fc:
65:c4:f6:41:35:4e:fe:2c:7c:68:e7:56:ea:0a:34:bd:39:f5:
12:11:14:81
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA2tVxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDYxMzRiY2Y1OWY1ODFkNmI3NjYzMGNmYTg3ODY3ODc2YTI5MjE1MB4XDTIyMDMy
NTEzNDQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRkZGIzZDI5ZmZj
MWY1ODFjNWZkMGQ0MzI5MjhiODRhOGZiOTYwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmpeNQjuYOZNPJo+SpA0go1/MWSDG65Z/F/Kx2EBgoQ9tRn
+bxe0aJpyD5AuZ/73cwZaneMjauRRu+9MZtKi7FcZL9ib8yI4d4onZ09wZ3NycJj
+tY/tcRHoDVKUwulQXrKXOljGWugvlOCIWDiFf3xTgsdPd6QoXCsKWdGb2nQXwsg
tmAB99zTG6DZ1Waj5dA09nr1CY/a1WLMigFpUzETlamZtNmB6EclmvXd9GCYXnIH
w/Sw9OrIUahZluB438iPcL5QIblbGLC9Id8LxdjPNGHp0OE4VVei0+qhYZIjAPTl
lMplDFL0AziQxEdVJ6YyDIivXKIgpGoAZWtFdTECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSE3bPSn/wfWBxf0NQykouEqPuWDTAfBgNVHSMEGDAWgBQwYTS89Z9YHWt2
Ywz6h4Z4dqKSFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01HRTB2UFdmV0IxcmRtTU0tb2VHZUhhaWtoVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYTg5NDFhLTcyNTAtNDhlYy1hYWY4LTZkOGVhOWQxY2Q3My8x
L2hOMnowcF84SDFnY1g5RFVNcEtMaEtqN2xnMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YTg5NDFhLTcyNTAtNDhlYy1hYWY4LTZkOGVhOWQxY2Q3My8xL01HRTB2UFdmV0Ix
cmRtTU0tb2VHZUhhaWtoVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA7xAIAMEAsFdyDANBAIAAjAHAwUA
KgJWwDANBgkqhkiG9w0BAQsFAAOCAQEALP+iwxCMhkv5Rj+fwJoIgdGf1cUyHXWg
mHOiynO6OxJMVNVZXWiZo4Ph9fm8V5M28V0kQtbuj0i6LqqEdu+hsNO60oXz+75l
IFLNnofVYNOau/wgb9mQEcPshHW8szurwB3ot2eY/QzkdR2JFJd+nRZ01bDR+rGb
qyCxZg9OsHGZIrkb6yfIU0DHsbSuHTwVpDcGyjvQriQzMtv6e9nKPLdctzRHSNJL
a9ciEZBcZ5qFwoduzrCsi4BsS+dhxyF8UMBWaA++I+Zb/Ci7JLP563KKC1ZMmZ+a
syunAfgUj7+qSGkYp/3oY6r8ZcT2QTVO/ix8aOdW6go0vTn1EhEUgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org