Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/suJSEaabyOQqADbA4FJFytL3ccM.roa
File: suJSEaabyOQqADbA4FJFytL3ccM.roa (raw, json)
Hash identifier: iPeSfrWQImcZxkqaBDpCmeGlD6J9+7RTF58jaSGtnwI=
Subject key identifier: B2:E2:52:11:A6:9B:C8:E4:2A:00:36:C0:E0:52:45:CA:D2:F7:71:C3
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018572FA5ED38775B789131D936B27ABFE2F
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/suJSEaabyOQqADbA4FJFytL3ccM.roa
Signing time: Mon 02 Jan 2023 14:54:48 +0000
ROA not before: Mon 02 Jan 2023 14:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59739
IP address blocks: 212.80.172.0/24 maxlen: 24
213.192.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5e:d3:87:75:b7:89:13:1d:93:6b:27:ab:fe:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 14:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2e25211a69bc8e42a0036c0e05245cad2f771c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:90:44:7a:6e:88:92:3d:cb:41:64:66:11:3f:
1b:36:2f:fe:f9:cd:93:53:6b:3b:c1:92:bc:c1:15:
cd:da:92:9a:f4:50:6e:f2:41:fa:54:e3:a0:cf:52:
52:45:b7:28:7e:da:c0:ce:0d:ff:3f:6d:57:30:ac:
1a:92:a7:49:33:e0:fe:de:3d:ed:f1:ef:bf:d2:80:
ae:f9:72:c5:76:1a:34:e3:34:3d:7f:1d:b0:58:fe:
06:2f:8f:af:a9:d9:cd:73:31:4d:11:cd:58:68:3e:
19:33:d0:b8:b0:81:f8:92:06:b1:ac:ce:30:f3:c8:
48:1b:f4:09:ac:d7:4f:c3:8a:3f:8b:b3:ab:f3:77:
d5:67:fa:f3:60:81:ce:73:4b:28:eb:c9:5a:63:9d:
66:65:c3:90:dc:8a:e9:bf:4a:53:03:ad:40:d8:f8:
d9:ad:d4:9d:06:c7:ab:22:24:60:88:ff:48:9e:fe:
bd:f3:20:e0:e6:7a:68:5b:08:58:15:25:1d:75:63:
3f:32:e5:69:d2:04:ed:69:5d:95:47:3b:f2:0a:a6:
2a:84:28:3c:4e:8d:49:45:50:52:e3:fa:19:0a:5b:
cd:2d:81:c1:5f:1b:a4:54:12:73:5a:c3:16:08:5e:
b7:10:b5:bd:9a:68:48:01:63:6b:87:81:7f:83:a3:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E2:52:11:A6:9B:C8:E4:2A:00:36:C0:E0:52:45:CA:D2:F7:71:C3
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/suJSEaabyOQqADbA4FJFytL3ccM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.80.172.0/24
213.192.195.0/24
Signature Algorithm: sha256WithRSAEncryption
17:b2:b8:a9:5b:03:60:7c:aa:f1:82:6a:d7:27:68:c5:6e:b5:
52:a3:60:80:8b:c3:f8:25:24:40:04:b3:0f:da:0e:ae:51:9e:
a6:d7:15:93:95:61:12:be:1e:99:1a:92:2b:39:5c:4a:cc:b7:
2c:11:98:42:d7:e0:30:c4:24:67:9c:0c:dc:7d:77:e6:a4:78:
e3:d3:bb:ab:e8:a3:2c:45:27:8c:4b:dd:d6:a2:fb:f6:2b:5e:
f6:b5:96:d5:c5:4f:98:a1:30:93:0d:03:ef:6d:2d:d4:c8:19:
b3:16:bf:ac:44:a1:f3:5b:bf:aa:4d:05:04:fe:ee:4a:9b:b9:
c9:5b:9d:e6:1c:91:8e:75:19:39:2b:ca:7e:99:be:bf:f4:30:
f1:f7:13:af:b5:81:a4:c3:46:b6:4c:aa:66:db:d3:c8:3a:f5:
fa:7c:e7:70:aa:50:5c:97:d6:18:c1:ac:e1:1b:b7:5d:ee:4c:
14:fd:26:84:ed:07:fa:9c:a3:a9:a9:29:55:dc:bb:ba:de:61:
43:18:b4:e0:06:85:2b:71:68:8c:50:3c:18:ed:8f:4c:97:5e:
1d:34:d3:f2:6d:c0:ce:5e:5a:f0:4f:57:10:84:c3:22:cc:d6:
06:9d:20:6c:39:74:04:bc:a3:96:ac:ca:01:98:ee:bf:43:6f:
ec:bf:79:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVy+l7Th3W3iRMdk2snq/4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMTAyMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmUyNTIxMWE2OWJjOGU0MmEwMDM2YzBlMDUyNDVjYWQyZjc3MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5BEem6Ikj3LQWRmET8bNi/++c2T
U2s7wZK8wRXN2pKa9FBu8kH6VOOgz1JSRbcoftrAzg3/P21XMKwakqdJM+D+3j3t
8e+/0oCu+XLFdho04zQ9fx2wWP4GL4+vqdnNczFNEc1YaD4ZM9C4sIH4kgaxrM4w
88hIG/QJrNdPw4o/i7Or83fVZ/rzYIHOc0so68laY51mZcOQ3Irpv0pTA61A2PjZ
rdSdBserIiRgiP9Inv698yDg5npoWwhYFSUddWM/MuVp0gTtaV2VRzvyCqYqhCg8
To1JRVBS4/oZClvNLYHBXxukVBJzWsMWCF63ELW9mmhIAWNrh4F/g6PnwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLLiUhGmm8jkKgA2wOBSRcrS93HDMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvc3VKU0VhYWJ5T1FxQURiQTRGSkZ5dEwzY2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1FCsAwQA
1cDDMA0GCSqGSIb3DQEBCwUAA4IBAQAXsripWwNgfKrxgmrXJ2jFbrVSo2CAi8P4
JSRABLMP2g6uUZ6m1xWTlWESvh6ZGpIrOVxKzLcsEZhC1+AwxCRnnAzcfXfmpHjj
07ur6KMsRSeMS93Wovv2K172tZbVxU+YoTCTDQPvbS3UyBmzFr+sRKHzW7+qTQUE
/u5Km7nJW53mHJGOdRk5K8p+mb6/9DDx9xOvtYGkw0a2TKpm29PIOvX6fOdwqlBc
l9YYwazhG7dd7kwU/SaE7Qf6nKOpqSlV3Lu63mFDGLTgBoUrcWiMUDwY7Y9Ml14d
NNPybcDOXlrwT1cQhMMizNYGnSBsOXQEvKOWrMoBmO6/Q2/sv3ne
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:43 2023 by rpki-client on console-fra.rpki-client.org