Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/4a7cdf-c750-4ba4-9060-5f79dbcf5ddd/1/eqFR2BZDVCW2o55DfDSvBirH0uk.roa
File: eqFR2BZDVCW2o55DfDSvBirH0uk.roa (raw, json)
Hash identifier: 4/rxMqvHZjoGsWVz8vxB5xaA3IkSyhOg8Cq3G5s2iag=
Subject key identifier: 7A:A1:51:D8:16:43:54:25:B6:A3:9E:43:7C:34:AF:06:2A:C7:D2:E9
Certificate issuer: /CN=895851d6c3257f218451a258a8e9b94947334e10
Certificate serial: E8950D
Authority key identifier: 89:58:51:D6:C3:25:7F:21:84:51:A2:58:A8:E9:B9:49:47:33:4E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iVhR1sMlfyGEUaJYqOm5SUczThA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/4a7cdf-c750-4ba4-9060-5f79dbcf5ddd/1/eqFR2BZDVCW2o55DfDSvBirH0uk.roa
Signing time: Sat 01 Jan 2022 09:00:35 +0000
ROA not before: Sat 01 Jan 2022 09:00:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38986
IP address blocks: 79.171.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15242509 (0xe8950d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=895851d6c3257f218451a258a8e9b94947334e10
Validity
Not Before: Jan 1 09:00:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7aa151d816435425b6a39e437c34af062ac7d2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7e:48:24:61:fe:8e:50:df:98:6b:fc:10:ca:
de:c9:9b:86:0c:60:91:34:a1:78:10:92:7b:18:85:
7a:f2:2e:e3:f3:6a:a4:30:5b:f3:58:49:96:10:1a:
74:71:e2:96:60:9c:8f:85:8b:85:20:06:a0:bf:b9:
99:bd:84:62:22:72:1f:59:9c:34:db:e7:75:52:8a:
1d:c2:24:1f:36:90:fc:27:6a:71:46:b6:6e:62:d7:
30:10:0d:88:45:0d:76:88:66:bc:57:28:07:a8:09:
db:94:81:d3:30:05:25:9a:1e:c5:02:36:4e:bc:e0:
bd:1e:c8:34:06:c5:16:a5:87:ad:4e:d7:47:d8:db:
af:9e:18:58:dd:47:b3:6f:36:09:53:33:6b:05:28:
1f:b9:ac:73:bd:03:08:ab:73:bc:21:bf:56:fe:9b:
81:a5:59:75:0b:72:45:e1:a4:8a:cc:9e:c6:10:89:
cd:41:d1:9c:a9:52:5c:e7:02:39:ac:7b:8f:00:12:
64:3f:ed:be:5b:83:39:79:8c:9e:b8:ab:51:c8:e8:
c8:99:6a:d8:ca:5b:ef:ee:e7:0d:18:63:8c:39:20:
2f:31:a3:e7:bc:54:c3:97:bf:c2:0c:f7:6a:dd:40:
3d:a2:60:98:6a:90:5b:98:c8:b4:41:27:01:7b:ca:
53:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A1:51:D8:16:43:54:25:B6:A3:9E:43:7C:34:AF:06:2A:C7:D2:E9
X509v3 Authority Key Identifier:
keyid:89:58:51:D6:C3:25:7F:21:84:51:A2:58:A8:E9:B9:49:47:33:4E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iVhR1sMlfyGEUaJYqOm5SUczThA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/4a7cdf-c750-4ba4-9060-5f79dbcf5ddd/1/eqFR2BZDVCW2o55DfDSvBirH0uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/4a7cdf-c750-4ba4-9060-5f79dbcf5ddd/1/iVhR1sMlfyGEUaJYqOm5SUczThA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.168.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:bc:00:89:97:07:df:e5:08:3c:87:7d:b3:af:cf:76:22:b7:
a0:4d:91:46:37:c4:47:89:61:d4:6c:66:9c:e0:dc:84:9b:36:
a6:43:44:ca:31:c4:6f:74:2a:f8:f5:01:d8:44:f4:57:aa:ad:
53:3d:79:08:c2:54:05:9b:37:9d:fd:cc:1f:c8:83:2e:b7:68:
10:09:ed:ef:e3:53:3d:5e:0f:0c:8b:cc:1c:7c:8f:39:73:b9:
eb:30:59:e7:f0:99:17:22:b3:bd:ff:04:84:19:45:60:f6:76:
df:fd:de:0f:1c:43:40:13:b0:56:80:79:ed:3a:91:90:af:d8:
8b:30:39:e3:29:cc:f4:fc:04:cf:5e:3a:ff:ce:85:94:1e:b0:
fc:bc:36:d0:95:28:b3:9c:eb:c7:23:c2:02:60:a6:81:27:91:
c9:c2:69:eb:ae:fe:cb:cc:7f:fb:da:2b:7b:96:56:10:00:fc:
93:ea:90:f5:69:70:04:80:43:99:46:10:37:61:0b:84:36:43:
a2:59:04:1b:3a:55:43:66:ca:32:bd:a1:a3:65:30:83:74:4d:
83:5e:5f:50:98:01:23:9c:4b:fe:e3:0c:36:82:1e:42:0f:08:
ce:94:07:ca:74:d6:3a:fa:bb:8e:a5:72:b4:b5:72:22:ee:b2:
66:aa:19:0d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOiVDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTU4NTFkNmMzMjU3ZjIxODQ1MWEyNThhOGU5Yjk0OTQ3MzM0ZTEwMB4XDTIyMDEw
MTA5MDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2FhMTUxZDgxNjQz
NTQyNWI2YTM5ZTQzN2MzNGFmMDYyYWM3ZDJlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5+SCRh/o5Q35hr/BDK3smbhgxgkTSheBCSexiFevIu4/Nq
pDBb81hJlhAadHHilmCcj4WLhSAGoL+5mb2EYiJyH1mcNNvndVKKHcIkHzaQ/Cdq
cUa2bmLXMBANiEUNdohmvFcoB6gJ25SB0zAFJZoexQI2TrzgvR7INAbFFqWHrU7X
R9jbr54YWN1Hs282CVMzawUoH7msc70DCKtzvCG/Vv6bgaVZdQtyReGkisyexhCJ
zUHRnKlSXOcCOax7jwASZD/tvluDOXmMnrirUcjoyJlq2Mpb7+7nDRhjjDkgLzGj
57xUw5e/wgz3at1APaJgmGqQW5jItEEnAXvKU1sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6oVHYFkNUJbajnkN8NK8GKsfS6TAfBgNVHSMEGDAWgBSJWFHWwyV/IYRR
olio6blJRzNOEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lWaFIxc01sZnlHRVVhSllxT201U1VjelRoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvNGE3Y2RmLWM3NTAtNGJhNC05MDYwLTVmNzlkYmNmNWRkZC8x
L2VxRlIyQlpEVkNXMm81NURmRFN2QmlySDB1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
NGE3Y2RmLWM3NTAtNGJhNC05MDYwLTVmNzlkYmNmNWRkZC8xL2lWaFIxc01sZnlH
RVVhSllxT201U1VjelRoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk+rqDANBgkqhkiG9w0BAQsFAAOC
AQEAL7wAiZcH3+UIPId9s6/PdiK3oE2RRjfER4lh1GxmnODchJs2pkNEyjHEb3Qq
+PUB2ET0V6qtUz15CMJUBZs3nf3MH8iDLrdoEAnt7+NTPV4PDIvMHHyPOXO56zBZ
5/CZFyKzvf8EhBlFYPZ23/3eDxxDQBOwVoB57TqRkK/YizA54ynM9PwEz146/86F
lB6w/Lw20JUos5zrxyPCAmCmgSeRycJp667+y8x/+9ore5ZWEAD8k+qQ9WlwBIBD
mUYQN2ELhDZDolkEGzpVQ2bKMr2ho2Uwg3RNg15fUJgBI5xL/uMMNoIeQg8IzpQH
ynTWOvq7jqVytLVyIu6yZqoZDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:27 2024 by rpki-client on console-ams.rpki-client.org