Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/wjZIq_E3y1xvRkdByNxlPsphn7k.roa
File: wjZIq_E3y1xvRkdByNxlPsphn7k.roa (raw, json)
Hash identifier: X5nOx2Hu82dQHx4+p1tqj9PqxrYGOVQg/UXi4ZOH27I=
Subject key identifier: C2:36:48:AB:F1:37:CB:5C:6F:46:47:41:C8:DC:65:3E:CA:61:9F:B9
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 3745969C
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/wjZIq_E3y1xvRkdByNxlPsphn7k.roa
Signing time: Sat 01 Jan 2022 05:59:21 +0000
ROA not before: Sat 01 Jan 2022 05:59:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59739
IP address blocks: 212.80.172.0/24 maxlen: 24
213.192.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927307420 (0x3745969c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c23648abf137cb5c6f464741c8dc653eca619fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:62:70:69:a7:e6:0c:8f:ad:eb:8b:f2:81:8a:
f2:65:da:4a:2c:6f:a5:0c:1e:7d:1e:b6:82:2b:86:
38:bd:b7:ec:62:43:80:30:20:a3:4c:5d:cb:d0:6e:
15:05:29:f0:98:89:3d:bf:ce:a8:9a:d4:62:c1:be:
c9:a2:4e:7b:69:4d:24:b9:21:a6:ba:58:2e:00:a8:
b6:6b:3c:03:73:5e:21:8d:97:46:a4:94:50:03:e2:
dc:4a:62:14:0b:8c:64:63:a2:d8:02:c1:16:c4:70:
c5:71:3e:7a:6f:93:29:ca:de:87:3e:75:84:97:06:
f5:1e:48:46:4a:13:8b:d6:ef:b8:62:d9:fa:2c:0a:
9f:15:4b:94:90:67:c9:c0:b8:a9:d7:df:c2:ba:19:
d1:1b:3a:cd:4e:92:ac:22:01:d1:3e:f1:6b:46:e1:
25:95:82:48:fe:e9:75:fb:2b:b2:73:c5:24:62:c9:
dc:1e:1f:bd:af:41:92:e0:aa:f6:11:c9:63:71:47:
87:14:c3:47:36:ac:40:1f:38:2a:66:e4:54:14:56:
4f:ed:c1:db:cf:d4:99:e6:7e:b6:e5:0f:58:19:6b:
b3:bb:6a:84:e6:d7:91:71:c4:b5:54:05:e3:3b:8c:
af:50:eb:91:be:7f:14:78:19:d7:6c:8e:75:f1:17:
21:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:36:48:AB:F1:37:CB:5C:6F:46:47:41:C8:DC:65:3E:CA:61:9F:B9
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/wjZIq_E3y1xvRkdByNxlPsphn7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.80.172.0/24
213.192.195.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:d3:ea:9c:6f:68:94:d3:3c:0c:35:98:15:4e:3b:2b:20:8b:
0b:b5:96:11:06:09:e0:f3:7b:f2:f1:98:63:62:5d:46:74:08:
ae:87:32:d2:76:37:ba:4c:89:0e:1d:d7:bd:99:c4:b1:90:26:
8c:41:dd:97:bc:7b:4f:7d:bb:92:f9:bd:0e:9f:21:93:33:65:
cf:56:48:45:42:d7:68:5f:ed:d5:07:c6:a1:be:23:69:c3:2a:
f5:fe:e7:93:8d:cf:ce:2f:a8:1b:b2:67:6b:c0:fb:b3:d5:a5:
58:67:1f:7d:61:bc:95:eb:59:c6:25:21:93:01:87:38:0c:81:
c8:e2:d7:b6:44:a6:53:2f:de:c3:60:e9:0c:be:87:98:9b:48:
11:46:46:3f:78:f8:68:33:d2:72:a2:8d:50:e0:15:1a:8c:06:
5a:a8:c0:33:46:d5:2b:fb:98:b4:69:d2:49:59:6a:95:6f:7e:
98:9f:d2:ac:b0:75:65:03:58:02:49:e7:ac:85:e1:38:40:5b:
41:e9:14:91:6f:f8:6f:aa:5b:a9:87:da:f3:61:14:b9:ff:5b:
7a:ec:e4:a4:c2:27:1d:4e:2a:87:1d:68:c5:c2:af:1f:df:c0:
ab:3d:66:fc:d4:04:9b:1b:d8:5a:20:b9:70:af:7e:a1:31:bb:
6a:3a:76:de
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEN0WWnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzIzNjQ4YWJmMTM3
Y2I1YzZmNDY0NzQxYzhkYzY1M2VjYTYxOWZiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBicGmn5gyPreuL8oGK8mXaSixvpQwefR62giuGOL237GJD
gDAgo0xdy9BuFQUp8JiJPb/OqJrUYsG+yaJOe2lNJLkhprpYLgCotms8A3NeIY2X
RqSUUAPi3EpiFAuMZGOi2ALBFsRwxXE+em+TKcrehz51hJcG9R5IRkoTi9bvuGLZ
+iwKnxVLlJBnycC4qdffwroZ0Rs6zU6SrCIB0T7xa0bhJZWCSP7pdfsrsnPFJGLJ
3B4fva9BkuCq9hHJY3FHhxTDRzasQB84KmbkVBRWT+3B28/UmeZ+tuUPWBlrs7tq
hObXkXHEtVQF4zuMr1Drkb5/FHgZ12yOdfEXIesCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTCNkir8TfLXG9GR0HI3GU+ymGfuTAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L3dqWklxX0UzeTF4dlJrZEJ5TnhsUHNwaG43ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANRQrAMEANXAwzANBgkqhkiG9w0B
AQsFAAOCAQEAOtPqnG9olNM8DDWYFU47KyCLC7WWEQYJ4PN78vGYY2JdRnQIrocy
0nY3ukyJDh3XvZnEsZAmjEHdl7x7T327kvm9Dp8hkzNlz1ZIRULXaF/t1QfGob4j
acMq9f7nk43Pzi+oG7Jna8D7s9WlWGcffWG8letZxiUhkwGHOAyByOLXtkSmUy/e
w2DpDL6HmJtIEUZGP3j4aDPScqKNUOAVGowGWqjAM0bVK/uYtGnSSVlqlW9+mJ/S
rLB1ZQNYAknnrIXhOEBbQekUkW/4b6pbqYfa82EUuf9beuzkpMInHU4qhx1oxcKv
H9/Aqz1m/NQEmxvYWiC5cK9+oTG7ajp23g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:33 2023 by rpki-client on console-ams.rpki-client.org