Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/95a3k0EShMnctMs2aagC1r0HCxc.roa
File: 95a3k0EShMnctMs2aagC1r0HCxc.roa (raw, json)
Hash identifier: rxHK+j5+dWWjN6dGEYDO/dJSxk/8gNLzwnbQuVhBKPY=
Subject key identifier: F7:96:B7:93:41:12:84:C9:DC:B4:CB:36:69:A8:02:D6:BD:07:0B:17
Certificate issuer: /CN=de5e36f159f576988fb4e51d4101bb85d0d0c983
Certificate serial: 015D5031
Authority key identifier: DE:5E:36:F1:59:F5:76:98:8F:B4:E5:1D:41:01:BB:85:D0:D0:C9:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/95a3k0EShMnctMs2aagC1r0HCxc.roa
Signing time: Sat 01 Jan 2022 01:53:52 +0000
ROA not before: Sat 01 Jan 2022 01:53:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39421
IP address blocks: 185.21.130.0/24 maxlen: 24
45.90.160.0/24 maxlen: 24
2a0c:8880::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22892593 (0x15d5031)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de5e36f159f576988fb4e51d4101bb85d0d0c983
Validity
Not Before: Jan 1 01:53:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f796b793411284c9dcb4cb3669a802d6bd070b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:d8:4b:d2:c9:68:fb:22:b3:8c:4a:e6:59:
da:d8:9a:6d:14:19:dc:2a:92:a1:92:ee:9a:bf:9c:
b9:be:49:71:8c:a8:73:7d:0a:13:c4:29:37:20:d6:
99:e0:66:f8:cd:8d:f3:96:db:37:a6:02:e5:7f:68:
ce:7e:7d:92:a8:18:ee:67:99:d4:46:d6:88:33:3d:
a3:6d:ab:84:73:87:09:21:ce:46:f9:8b:ba:30:25:
6c:17:9b:90:67:ec:e7:cf:25:e3:4d:72:6e:66:af:
a0:76:8b:68:58:c7:e6:72:42:83:5c:9d:34:ad:06:
fc:37:89:77:2b:a4:77:99:71:f2:6e:d7:7d:dd:b0:
59:c2:32:06:ae:88:e2:2e:23:3b:38:6b:26:55:a1:
b0:33:30:df:1a:3e:7e:ae:db:bd:c2:99:39:c5:53:
10:80:5f:53:b0:c3:16:2b:72:0b:df:e3:46:9d:0b:
14:d3:89:1f:f8:df:77:e6:fa:cf:e3:2b:b9:77:df:
df:a8:de:29:6a:7e:7c:48:4a:fa:a6:24:1e:48:0c:
c3:1e:3d:48:58:b4:d8:3f:49:7e:d3:b1:36:40:d0:
35:69:0d:09:3c:62:e0:ab:93:94:1e:3d:68:49:7e:
1f:5b:5e:78:08:35:ef:db:3d:b0:ff:60:14:f3:8c:
d2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:96:B7:93:41:12:84:C9:DC:B4:CB:36:69:A8:02:D6:BD:07:0B:17
X509v3 Authority Key Identifier:
keyid:DE:5E:36:F1:59:F5:76:98:8F:B4:E5:1D:41:01:BB:85:D0:D0:C9:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/95a3k0EShMnctMs2aagC1r0HCxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/3l428Vn1dpiPtOUdQQG7hdDQyYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.160.0/24
185.21.130.0/24
IPv6:
2a0c:8880::/29
Signature Algorithm: sha256WithRSAEncryption
3b:d8:f1:a2:cd:46:cb:3e:20:ee:58:5d:c4:65:65:cf:cb:0a:
27:85:21:32:d6:f6:7c:85:74:87:17:f3:a9:b2:f1:ca:d9:52:
57:d0:3c:86:a6:db:0b:28:38:c9:db:4a:09:f6:3b:9a:c0:bd:
3e:7f:af:8a:42:41:53:89:1a:27:da:7e:35:78:97:55:45:a4:
c3:d8:99:54:b8:9f:92:b7:78:22:4a:58:e8:4e:7b:b4:a4:e0:
51:9f:20:08:fb:ec:b6:11:8f:98:7a:11:34:ce:50:76:de:2e:
4c:9f:2e:17:ac:c1:dd:8f:5a:8b:60:11:6d:34:7c:1c:bc:e1:
9f:b0:ed:23:8c:46:3b:0d:4d:e6:ca:fe:b4:ee:ae:a6:6e:99:
ac:c2:5f:49:de:2a:ae:1a:57:6d:9f:28:5f:ef:74:59:98:b9:
3c:fd:52:e7:fc:eb:5f:97:96:06:58:c0:07:9b:bc:8b:c0:35:
28:a5:2e:7d:09:07:7a:1e:15:ba:57:93:dc:b8:6d:da:0b:bf:
9a:dd:10:93:89:1a:51:d6:e6:a3:45:b4:74:af:e6:43:ae:59:
9c:39:97:a0:1a:88:9a:de:f5:87:bf:fb:66:28:9a:39:ef:53:
88:1b:14:54:d6:1c:44:db:f9:01:f6:f1:1c:26:9a:67:db:0e:
5f:51:76:e1
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAV1QMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTVlMzZmMTU5ZjU3Njk4OGZiNGU1MWQ0MTAxYmI4NWQwZDBjOTgzMB4XDTIyMDEw
MTAxNTM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc5NmI3OTM0MTEy
ODRjOWRjYjRjYjM2NjlhODAyZDZiZDA3MGIxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALP72EvSyWj7IrOMSuZZ2tiabRQZ3CqSoZLumr+cub5JcYyo
c30KE8QpNyDWmeBm+M2N85bbN6YC5X9ozn59kqgY7meZ1EbWiDM9o22rhHOHCSHO
RvmLujAlbBebkGfs588l401ybmavoHaLaFjH5nJCg1ydNK0G/DeJdyukd5lx8m7X
fd2wWcIyBq6I4i4jOzhrJlWhsDMw3xo+fq7bvcKZOcVTEIBfU7DDFityC9/jRp0L
FNOJH/jfd+b6z+MruXff36jeKWp+fEhK+qYkHkgMwx49SFi02D9JftOxNkDQNWkN
CTxi4KuTlB49aEl+H1teeAg179s9sP9gFPOM0uECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBT3lreTQRKEydy0yzZpqALWvQcLFzAfBgNVHSMEGDAWgBTeXjbxWfV2mI+0
5R1BAbuF0NDJgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNsNDI4Vm4xZHBpUHRPVWRRUUc3aGREUXlZTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvMWNjYmZkLWE2NTEtNGM4ZS05ZDYwLWViYmJiNDQ0Mjg2ZS8x
Lzk1YTNrMEVTaE1uY3RNczJhYWdDMXIwSEN4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
MWNjYmZkLWE2NTEtNGM4ZS05ZDYwLWViYmJiNDQ0Mjg2ZS8xLzNsNDI4Vm4xZHBp
UHRPVWRRUUc3aGREUXlZTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAC1aoAMEALkVgjANBAIAAjAHAwUD
KgyIgDANBgkqhkiG9w0BAQsFAAOCAQEAO9jxos1Gyz4g7lhdxGVlz8sKJ4UhMtb2
fIV0hxfzqbLxytlSV9A8hqbbCyg4ydtKCfY7msC9Pn+vikJBU4kaJ9p+NXiXVUWk
w9iZVLifkrd4IkpY6E57tKTgUZ8gCPvsthGPmHoRNM5Qdt4uTJ8uF6zB3Y9ai2AR
bTR8HLzhn7DtI4xGOw1N5sr+tO6upm6ZrMJfSd4qrhpXbZ8oX+90WZi5PP1S5/zr
X5eWBljAB5u8i8A1KKUufQkHeh4VuleT3Lht2gu/mt0Qk4kaUdbmo0W0dK/mQ65Z
nDmXoBqImt71h7/7ZiiaOe9TiBsUVNYcRNv5AfbxHCaaZ9sOX1F24Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:13 2024 by rpki-client on console-ams.rpki-client.org