Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/WxUiEQyDzwhqFozt8-A-L6R3850.roa
File: WxUiEQyDzwhqFozt8-A-L6R3850.roa (raw, json)
Hash identifier: y7N3kj2RwNfY8UAys+Bowufu6Pd0IICEQMMW3wbB/Ko=
Subject key identifier: 5B:15:22:11:0C:83:CF:08:6A:16:8C:ED:F3:E0:3E:2F:A4:77:F3:9D
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 11C665F8
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/WxUiEQyDzwhqFozt8-A-L6R3850.roa
Signing time: Sat 01 Jan 2022 15:05:41 +0000
ROA not before: Sat 01 Jan 2022 15:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43561
IP address blocks: 87.246.26.0/23 maxlen: 23
87.246.28.0/22 maxlen: 22
87.246.50.0/23 maxlen: 23
87.246.46.0/23 maxlen: 23
87.246.58.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298214904 (0x11c665f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 1 15:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b1522110c83cf086a168cedf3e03e2fa477f39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1e:a3:35:37:c9:a8:23:57:c7:bf:13:6d:0b:
73:3e:09:51:0f:29:c3:f9:08:43:c9:d6:df:94:fa:
7a:44:d3:e1:3f:ac:58:11:d4:2e:37:0e:3f:05:a1:
9d:60:d8:4e:3c:37:cc:f0:08:d7:19:09:f8:84:c7:
61:d0:10:f4:0c:3c:85:19:d1:fe:1a:da:e1:bd:16:
c7:c7:7a:f1:4b:8b:94:6b:e7:95:1d:9d:1d:b2:3f:
62:09:95:07:8e:09:bf:b1:0b:fd:4b:6c:70:ff:88:
79:0b:10:92:b9:a5:cc:5d:63:fa:52:b8:b7:36:60:
80:4e:cf:07:88:ee:03:51:a7:29:99:4d:72:1a:3e:
00:cb:47:32:c8:59:61:25:bb:53:41:5e:0b:a2:c6:
4c:c2:95:a4:19:30:75:b5:50:8f:a5:d2:c1:0e:a4:
05:c7:3e:b2:1b:46:dd:1d:0e:c8:cc:21:0d:31:fc:
5a:41:0f:32:54:a6:ca:4d:63:a5:9e:7b:9d:c8:62:
34:0a:aa:14:01:6b:3e:4a:a4:63:28:6b:fb:53:1e:
7c:6e:cb:2f:31:b6:2d:b6:26:b8:48:1e:39:f7:a8:
94:7f:95:8b:53:1d:fe:96:7d:14:51:21:af:63:2d:
52:c3:e7:a7:e4:e7:7e:8b:a0:5c:5d:ca:d7:46:95:
1b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:15:22:11:0C:83:CF:08:6A:16:8C:ED:F3:E0:3E:2F:A4:77:F3:9D
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/WxUiEQyDzwhqFozt8-A-L6R3850.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.26.0-87.246.31.255
87.246.46.0/23
87.246.50.0/23
87.246.58.0/23
Signature Algorithm: sha256WithRSAEncryption
c1:52:e9:de:45:6c:64:dc:64:56:c5:04:a5:dc:29:1e:f2:14:
84:33:b8:97:09:0b:83:1c:e4:45:53:a3:49:8c:6d:13:4e:fb:
af:d4:9e:e8:e7:df:75:12:ed:ed:eb:f4:ea:7c:f8:7a:b0:ba:
e0:e9:e3:a0:d3:e9:ad:a1:38:f8:01:dc:cc:67:ae:12:15:f4:
29:ea:bf:e7:b3:be:8d:26:19:08:5b:22:46:9c:95:a1:da:55:
da:5c:e5:d4:43:f0:d0:a2:0f:dd:12:b6:7f:8c:d3:66:c1:20:
36:b5:98:0d:06:e9:9e:ae:72:9d:f8:ec:89:b5:ab:f5:67:ff:
df:b9:a6:b6:67:c3:87:86:00:8a:cc:86:05:0e:0c:53:94:d4:
5d:f5:11:f6:d9:c3:fc:7f:c6:d9:dc:eb:9d:6a:74:a3:ab:c8:
03:9c:8d:37:f0:ab:13:ee:5f:81:00:7e:96:c4:4b:82:88:e2:
dd:d1:7e:31:a7:94:78:d7:93:a0:a2:34:26:7a:1a:4b:b8:1b:
64:ce:27:b1:30:16:8a:c2:5d:7b:a5:ce:36:c1:d9:dd:b3:fb:
58:3e:b6:ce:91:cf:ca:a8:76:b6:f8:c5:3c:d7:fa:d0:96:27:
f1:11:1a:6a:05:50:c9:3c:98:18:14:77:fa:d5:47:24:3f:b6:
2b:81:21:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEEcZl+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzVlYWM2NGVhNDgwMmU2ODI0Njg2ZjdjMGQyMDFmMmM4NWNiMmFhMB4XDTIyMDEw
MTE1MDU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWIxNTIyMTEwYzgz
Y2YwODZhMTY4Y2VkZjNlMDNlMmZhNDc3ZjM5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKseozU3yagjV8e/E20Lcz4JUQ8pw/kIQ8nW35T6ekTT4T+s
WBHULjcOPwWhnWDYTjw3zPAI1xkJ+ITHYdAQ9Aw8hRnR/hra4b0Wx8d68UuLlGvn
lR2dHbI/YgmVB44Jv7EL/UtscP+IeQsQkrmlzF1j+lK4tzZggE7PB4juA1GnKZlN
cho+AMtHMshZYSW7U0FeC6LGTMKVpBkwdbVQj6XSwQ6kBcc+shtG3R0OyMwhDTH8
WkEPMlSmyk1jpZ57nchiNAqqFAFrPkqkYyhr+1MefG7LLzG2LbYmuEgeOfeolH+V
i1Md/pZ9FFEhr2MtUsPnp+TnfougXF3K10aVG2cCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRbFSIRDIPPCGoWjO3z4D4vpHfznTAfBgNVHSMEGDAWgBTDXqxk6kgC5oJG
hvfA0gHyyFyyqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3cxNnNaT3BJQXVhQ1JvYjN3TklCOHNoY3Nxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvY2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8x
L1d4VWlFUXlEendocUZvenQ4LUEtTDZSMzg1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
Y2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8xL3cxNnNaT3BJQXVh
Q1JvYjN3TklCOHNoY3Nxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQBV/YaAwQFV/YAAwQBV/YuAwQB
V/YyAwQBV/Y6MA0GCSqGSIb3DQEBCwUAA4IBAQDBUuneRWxk3GRWxQSl3Cke8hSE
M7iXCQuDHORFU6NJjG0TTvuv1J7o5991Eu3t6/TqfPh6sLrg6eOg0+mtoTj4AdzM
Z64SFfQp6r/ns76NJhkIWyJGnJWh2lXaXOXUQ/DQog/dErZ/jNNmwSA2tZgNBume
rnKd+OyJtav1Z//fuaa2Z8OHhgCKzIYFDgxTlNRd9RH22cP8f8bZ3OudanSjq8gD
nI038KsT7l+BAH6WxEuCiOLd0X4xp5R415OgojQmehpLuBtkziexMBaKwl17pc42
wdnds/tYPrbOkc/KqHa2+MU81/rQlifxERpqBVDJPJgYFHf61UckP7YrgSGp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org