Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/833795-4df3-4850-bd99-8e8bac4cf18b/1/D7Vh5A8PJMbXwlU9Bp-2TPwt7jE.roa
File: D7Vh5A8PJMbXwlU9Bp-2TPwt7jE.roa (raw, json)
Hash identifier: 1SUCSFx85GIuNZGb4xPz6kwK4E88daxBC26u6cY0qVA=
Subject key identifier: 0F:B5:61:E4:0F:0F:24:C6:D7:C2:55:3D:06:9F:B6:4C:FC:2D:EE:31
Certificate issuer: /CN=514ab6d16a0b176fd40655e17fbde652bc21d453
Certificate serial: 03557C4E
Authority key identifier: 51:4A:B6:D1:6A:0B:17:6F:D4:06:55:E1:7F:BD:E6:52:BC:21:D4:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UUq20WoLF2_UBlXhf73mUrwh1FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/833795-4df3-4850-bd99-8e8bac4cf18b/1/D7Vh5A8PJMbXwlU9Bp-2TPwt7jE.roa
Signing time: Sat 01 Jan 2022 13:04:40 +0000
ROA not before: Sat 01 Jan 2022 13:04:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8652
IP address blocks: 195.248.83.0/24 maxlen: 24
195.85.228.0/24 maxlen: 24
195.43.140.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55934030 (0x3557c4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=514ab6d16a0b176fd40655e17fbde652bc21d453
Validity
Not Before: Jan 1 13:04:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fb561e40f0f24c6d7c2553d069fb64cfc2dee31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:eb:cc:ca:f9:4e:90:df:3f:c2:39:4a:6c:0e:
77:4e:b7:bd:d0:aa:e0:a7:ef:08:4a:d9:13:da:aa:
05:98:bf:a3:03:c2:7d:20:e0:a8:97:42:d9:3e:bb:
ad:44:8a:1d:8d:8a:82:bf:9c:3c:de:fe:66:5b:61:
f2:65:c0:7a:e8:7f:4a:d7:0c:cb:0e:92:48:59:50:
45:9e:29:0b:db:da:64:8c:4f:52:3b:0f:ec:4f:74:
50:3e:59:26:1e:83:52:79:63:1f:d4:75:38:d3:b7:
91:a6:50:1f:01:7d:e2:66:f1:d0:44:83:58:5b:8d:
af:74:65:8e:f8:cd:e4:c4:a2:8a:1d:82:fa:aa:91:
f9:92:2a:f2:5d:d7:a3:b3:24:19:ee:60:d4:9b:fd:
d4:f5:c4:b3:13:ed:54:69:e8:e4:3e:90:36:62:d6:
2c:c4:a6:4d:72:62:75:8c:f2:89:67:e9:7d:fa:99:
01:62:45:d3:24:cd:a8:d8:d9:80:dc:b1:94:5f:2c:
62:73:04:2a:13:30:98:43:b6:c1:dd:bb:e9:7b:ad:
8a:1a:c6:e9:4c:90:a0:5a:b6:54:67:de:ef:f3:4a:
2d:a9:30:74:66:d8:04:72:4a:1b:25:f5:1f:ee:c5:
e4:70:7c:b8:ff:fa:57:93:63:69:84:1a:a8:aa:bf:
d4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B5:61:E4:0F:0F:24:C6:D7:C2:55:3D:06:9F:B6:4C:FC:2D:EE:31
X509v3 Authority Key Identifier:
keyid:51:4A:B6:D1:6A:0B:17:6F:D4:06:55:E1:7F:BD:E6:52:BC:21:D4:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UUq20WoLF2_UBlXhf73mUrwh1FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/833795-4df3-4850-bd99-8e8bac4cf18b/1/D7Vh5A8PJMbXwlU9Bp-2TPwt7jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/833795-4df3-4850-bd99-8e8bac4cf18b/1/UUq20WoLF2_UBlXhf73mUrwh1FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.140.0/24
195.85.228.0/24
195.248.83.0/24
Signature Algorithm: sha256WithRSAEncryption
15:31:10:e3:27:89:c9:d8:6d:83:02:b2:3b:56:22:de:88:64:
84:3d:5b:fd:1e:a8:51:97:32:2b:59:ce:a0:a8:27:e8:2f:0d:
02:ce:5c:52:0a:bb:bd:55:49:7e:d2:42:02:fb:f7:8a:87:2d:
bf:29:1f:f8:b5:45:b3:6b:0a:1e:8c:a7:3c:d5:75:4b:1b:d1:
57:33:d5:81:bb:9a:6b:01:6b:37:9a:20:c6:12:ab:8f:c8:d4:
27:f6:19:37:3f:14:b1:7e:76:99:c8:65:60:6f:ec:36:a7:2d:
62:eb:b3:68:61:13:0d:77:bd:23:fb:8b:4c:fc:5e:bb:1e:c1:
74:19:19:f2:b5:ed:86:39:3c:db:5d:90:2e:83:6d:2e:35:96:
a1:70:7b:9e:94:4b:99:10:3d:7f:57:8b:be:06:76:57:3a:b5:
69:67:26:7d:4b:06:a6:11:45:b7:af:f3:c6:c0:fc:2c:f2:2a:
14:b9:41:7c:d0:aa:2c:d8:20:58:df:3a:d8:7a:2f:84:3e:48:
27:cd:00:f9:b6:e4:1c:2a:f3:a4:bc:73:db:7c:7d:93:ef:0e:
62:b8:38:59:d1:1f:17:ed:d4:80:2f:77:5e:9e:62:6f:e2:c0:
11:33:e3:9a:08:d4:d4:1c:be:af:0b:1b:55:62:01:26:78:0c:
6c:80:02:ac
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA1V8TjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTRhYjZkMTZhMGIxNzZmZDQwNjU1ZTE3ZmJkZTY1MmJjMjFkNDUzMB4XDTIyMDEw
MTEzMDQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZiNTYxZTQwZjBm
MjRjNmQ3YzI1NTNkMDY5ZmI2NGNmYzJkZWUzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvrzMr5TpDfP8I5SmwOd063vdCq4KfvCErZE9qqBZi/owPC
fSDgqJdC2T67rUSKHY2Kgr+cPN7+Zlth8mXAeuh/StcMyw6SSFlQRZ4pC9vaZIxP
UjsP7E90UD5ZJh6DUnljH9R1ONO3kaZQHwF94mbx0ESDWFuNr3RljvjN5MSiih2C
+qqR+ZIq8l3Xo7MkGe5g1Jv91PXEsxPtVGno5D6QNmLWLMSmTXJidYzyiWfpffqZ
AWJF0yTNqNjZgNyxlF8sYnMEKhMwmEO2wd276XutihrG6UyQoFq2VGfe7/NKLakw
dGbYBHJKGyX1H+7F5HB8uP/6V5NjaYQaqKq/1KcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQPtWHkDw8kxtfCVT0Gn7ZM/C3uMTAfBgNVHSMEGDAWgBRRSrbRagsXb9QG
VeF/veZSvCHUUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VVcTIwV29MRjJfVUJsWGhmNzNtVXJ3aDFGTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvODMzNzk1LTRkZjMtNDg1MC1iZDk5LThlOGJhYzRjZjE4Yi8x
L0Q3Vmg1QThQSk1iWHdsVTlCcC0yVFB3dDdqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ODMzNzk1LTRkZjMtNDg1MC1iZDk5LThlOGJhYzRjZjE4Yi8xL1VVcTIwV29MRjJf
VUJsWGhmNzNtVXJ3aDFGTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMMrjAMEAMNV5AMEAMP4UzANBgkq
hkiG9w0BAQsFAAOCAQEAFTEQ4yeJydhtgwKyO1Yi3ohkhD1b/R6oUZcyK1nOoKgn
6C8NAs5cUgq7vVVJftJCAvv3ioctvykf+LVFs2sKHoynPNV1SxvRVzPVgbuaawFr
N5ogxhKrj8jUJ/YZNz8UsX52mchlYG/sNqctYuuzaGETDXe9I/uLTPxeux7BdBkZ
8rXthjk8212QLoNtLjWWoXB7npRLmRA9f1eLvgZ2Vzq1aWcmfUsGphFFt6/zxsD8
LPIqFLlBfNCqLNggWN862HovhD5IJ80A+bbkHCrzpLxz23x9k+8OYrg4WdEfF+3U
gC93Xp5ib+LAETPjmgjU1By+rwsbVWIBJngMbIACrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:29 2024 by rpki-client on console-fra.rpki-client.org