Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/QRvRDopZa-i-jHo5SC19pE3FvS8.roa
File: QRvRDopZa-i-jHo5SC19pE3FvS8.roa (raw, json)
Hash identifier: OduPHT5bWY+X8uqcKzlAZDLtZoJ+gqMfs5rRtzmB1+k=
Subject key identifier: 41:1B:D1:0E:8A:59:6B:E8:BE:8C:7A:39:48:2D:7D:A4:4D:C5:BD:2F
Certificate issuer: /CN=de5e36f159f576988fb4e51d4101bb85d0d0c983
Certificate serial: 0277F892
Authority key identifier: DE:5E:36:F1:59:F5:76:98:8F:B4:E5:1D:41:01:BB:85:D0:D0:C9:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/QRvRDopZa-i-jHo5SC19pE3FvS8.roa
Signing time: Tue 03 May 2022 14:24:01 +0000
ROA not before: Tue 03 May 2022 14:24:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39421
IP address blocks: 185.21.130.0/24 maxlen: 24
45.90.161.0/24 maxlen: 24
45.90.160.0/24 maxlen: 24
2a0c:8880::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41416850 (0x277f892)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de5e36f159f576988fb4e51d4101bb85d0d0c983
Validity
Not Before: May 3 14:24:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=411bd10e8a596be8be8c7a39482d7da44dc5bd2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1c:fa:03:7a:3f:42:d5:04:3e:be:97:ce:82:
d3:2c:eb:69:90:0e:9b:45:d6:aa:92:8d:6d:30:30:
b1:e2:63:c8:f4:12:a9:2e:a4:45:a6:a7:cc:61:88:
a0:98:bc:f5:23:e7:e2:88:5b:49:4f:77:61:d9:87:
0c:fa:3c:b2:4a:7b:c5:c5:02:ae:bf:70:aa:66:44:
ad:c0:71:a5:2e:40:dc:14:b0:15:25:90:64:c6:c2:
f5:04:4d:39:fb:8a:1b:b0:e2:ed:72:27:1a:e0:9c:
97:ce:bc:7f:19:40:68:4f:7b:f2:fa:a1:e7:28:17:
7b:e2:29:1e:c0:7c:d4:3b:9c:d8:56:8d:46:ce:08:
8b:45:41:c2:10:50:5a:52:d2:e1:77:e4:7c:a3:66:
9b:f6:9d:6a:a6:33:2a:a0:7b:cb:65:ae:49:1c:66:
d3:63:a2:5c:85:af:ee:a0:97:94:16:45:13:1e:35:
a0:d8:42:34:db:55:cd:1a:0c:3a:f7:2b:f0:a2:1b:
da:ce:d6:76:2d:27:a2:7c:6f:0a:80:df:05:73:48:
93:12:85:03:54:9f:0d:76:ee:ae:30:89:48:b7:4f:
a4:27:da:fc:02:d8:0b:b1:b5:cc:43:70:0c:aa:21:
43:f8:33:ca:56:aa:9f:34:77:bc:64:5a:64:d0:eb:
20:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1B:D1:0E:8A:59:6B:E8:BE:8C:7A:39:48:2D:7D:A4:4D:C5:BD:2F
X509v3 Authority Key Identifier:
keyid:DE:5E:36:F1:59:F5:76:98:8F:B4:E5:1D:41:01:BB:85:D0:D0:C9:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/QRvRDopZa-i-jHo5SC19pE3FvS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/3l428Vn1dpiPtOUdQQG7hdDQyYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.160.0/23
185.21.130.0/24
IPv6:
2a0c:8880::/29
Signature Algorithm: sha256WithRSAEncryption
32:b4:6c:51:6e:78:b9:4b:98:60:3c:c0:c4:78:68:00:bc:16:
e7:14:b3:c0:64:3a:43:fe:d3:35:86:b6:0c:38:b9:17:23:ff:
e6:12:fb:c9:66:82:6d:59:90:c8:4d:6e:41:04:41:82:3f:1b:
fb:11:89:24:1b:11:30:51:72:6b:33:c2:3d:3a:2b:60:74:52:
1f:37:27:67:9d:21:6c:1c:bc:ed:4b:cb:67:b4:7a:0c:81:55:
a3:93:39:ad:ff:95:63:5d:a2:89:7e:51:af:08:a8:0b:48:b7:
79:91:0d:20:a7:2e:18:a7:3a:14:ed:e3:87:01:19:2d:e7:10:
b0:1a:f9:32:28:f1:7f:05:e6:ec:bc:6a:05:f7:09:36:de:8b:
b4:ac:d5:e9:2f:e7:3f:ef:a5:5a:6f:1e:6e:16:fe:04:10:d4:
13:00:1d:f7:6c:b3:f9:82:0b:83:ad:83:1a:51:18:61:e0:6c:
a6:ee:0e:78:b1:3a:33:1c:87:12:b5:56:36:72:21:a2:ee:9a:
40:ac:f7:d5:b5:fb:30:dd:01:bc:67:cc:48:4d:7d:e2:92:19:
b3:6f:71:67:78:99:5b:f8:7c:f0:5e:b7:00:78:ce:f3:b0:ae:
1c:48:f0:55:c7:76:ca:0e:de:02:9e:42:3e:59:3f:ab:55:ba:
d1:0e:4d:96
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAnf4kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTVlMzZmMTU5ZjU3Njk4OGZiNGU1MWQ0MTAxYmI4NWQwZDBjOTgzMB4XDTIyMDUw
MzE0MjQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDExYmQxMGU4YTU5
NmJlOGJlOGM3YTM5NDgyZDdkYTQ0ZGM1YmQyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANwc+gN6P0LVBD6+l86C0yzraZAOm0XWqpKNbTAwseJjyPQS
qS6kRaanzGGIoJi89SPn4ohbSU93YdmHDPo8skp7xcUCrr9wqmZErcBxpS5A3BSw
FSWQZMbC9QRNOfuKG7Di7XInGuCcl868fxlAaE978vqh5ygXe+IpHsB81Duc2FaN
Rs4Ii0VBwhBQWlLS4XfkfKNmm/adaqYzKqB7y2WuSRxm02OiXIWv7qCXlBZFEx41
oNhCNNtVzRoMOvcr8KIb2s7Wdi0nonxvCoDfBXNIkxKFA1SfDXburjCJSLdPpCfa
/ALYC7G1zENwDKohQ/gzylaqnzR3vGRaZNDrINMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRBG9EOillr6L6MejlILX2kTcW9LzAfBgNVHSMEGDAWgBTeXjbxWfV2mI+0
5R1BAbuF0NDJgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNsNDI4Vm4xZHBpUHRPVWRRUUc3aGREUXlZTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvMWNjYmZkLWE2NTEtNGM4ZS05ZDYwLWViYmJiNDQ0Mjg2ZS8x
L1FSdlJEb3BaYS1pLWpIbzVTQzE5cEUzRnZTOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
MWNjYmZkLWE2NTEtNGM4ZS05ZDYwLWViYmJiNDQ0Mjg2ZS8xLzNsNDI4Vm4xZHBp
UHRPVWRRUUc3aGREUXlZTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAS1aoAMEALkVgjANBAIAAjAHAwUD
KgyIgDANBgkqhkiG9w0BAQsFAAOCAQEAMrRsUW54uUuYYDzAxHhoALwW5xSzwGQ6
Q/7TNYa2DDi5FyP/5hL7yWaCbVmQyE1uQQRBgj8b+xGJJBsRMFFyazPCPTorYHRS
HzcnZ50hbBy87UvLZ7R6DIFVo5M5rf+VY12iiX5RrwioC0i3eZENIKcuGKc6FO3j
hwEZLecQsBr5MijxfwXm7LxqBfcJNt6LtKzV6S/nP++lWm8ebhb+BBDUEwAd92yz
+YILg62DGlEYYeBspu4OeLE6MxyHErVWNnIhou6aQKz31bX7MN0BvGfMSE194pIZ
s29xZ3iZW/h88F63AHjO87CuHEjwVcd2yg7eAp5CPlk/q1W60Q5Nlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:43 2024 by rpki-client on console-fra.rpki-client.org