Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/hfGgogrPGsoAruXodQyZeIyekfQ.roa
File: hfGgogrPGsoAruXodQyZeIyekfQ.roa (raw, json)
Hash identifier: ji0kT7CHO3EEkm4kw42hzAzIeHF1FGS+lTRxISuGNRg=
Subject key identifier: 85:F1:A0:A2:0A:CF:1A:CA:00:AE:E5:E8:75:0C:99:78:8C:9E:91:F4
Certificate issuer: /CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Certificate serial: 0182D0E047D5824E7DEA282C7A8DA318B76B
Authority key identifier: F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/hfGgogrPGsoAruXodQyZeIyekfQ.roa
Signing time: Wed 24 Aug 2022 17:22:15 +0000
ROA not before: Wed 24 Aug 2022 17:22:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 188.119.112.0/24 maxlen: 24
188.119.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d0:e0:47:d5:82:4e:7d:ea:28:2c:7a:8d:a3:18:b7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Validity
Not Before: Aug 24 17:22:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85f1a0a20acf1aca00aee5e8750c99788c9e91f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2a:a8:8e:47:14:a3:2c:e6:52:67:18:db:ed:
9b:a3:22:86:e3:7e:f9:6d:f3:2a:83:80:82:a1:44:
ba:2e:04:9b:db:39:41:38:79:7e:47:88:03:aa:2b:
3e:9d:5f:e6:f7:8d:e5:d1:9e:2f:33:5e:13:19:c9:
1c:59:7b:db:d8:22:c7:06:71:4f:07:3f:98:67:fe:
09:ef:ed:94:4d:a8:8f:fb:cf:49:45:81:4c:dc:15:
a9:9a:d9:7b:ee:6b:90:6a:43:5c:00:47:9f:d7:a5:
44:7e:9a:37:e7:8f:c7:20:ac:77:15:9a:65:30:9a:
5d:e4:7d:a8:4d:e2:dc:93:20:6f:df:42:59:71:1f:
be:1e:8b:d6:4d:48:07:2f:9d:04:4a:9c:14:f5:ea:
42:0c:d6:68:89:80:81:c7:fa:5b:15:ce:81:0c:8f:
d1:35:76:26:54:f5:4e:7b:6e:da:e7:04:0f:ba:74:
0a:34:b3:66:33:16:bb:c6:5d:6f:c7:42:6d:a2:b0:
1a:27:35:48:f3:d3:75:3d:89:41:17:d0:b2:dc:ad:
d5:c7:d8:42:b6:89:7d:5a:d4:b4:61:f7:3f:da:b2:
6f:f9:02:23:b1:9d:50:5f:0d:c5:1c:55:91:92:e4:
1f:e7:c4:3c:dd:07:0e:da:c4:71:8b:37:be:c5:02:
01:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F1:A0:A2:0A:CF:1A:CA:00:AE:E5:E8:75:0C:99:78:8C:9E:91:F4
X509v3 Authority Key Identifier:
keyid:F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/hfGgogrPGsoAruXodQyZeIyekfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/9NuV-dG1w-yTT_hNb_fwEkLahCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.112.0/23
Signature Algorithm: sha256WithRSAEncryption
98:8a:6c:dc:92:53:d2:02:3c:d4:80:9e:08:78:a9:ca:c8:79:
df:6c:ac:8b:7b:56:24:42:1f:86:39:ec:7f:11:28:b5:bb:9a:
9b:43:32:c7:2d:2a:07:b2:7c:07:40:df:68:eb:5f:ef:3c:5a:
e4:da:dc:79:f1:1f:be:a7:05:e7:c4:ef:04:23:64:6f:63:2f:
9f:f3:95:c3:86:1e:da:d2:ce:67:1c:74:39:6d:f9:97:a9:10:
6a:73:fa:e5:fd:50:29:6c:a2:2b:15:d9:59:3f:34:02:99:73:
7f:ee:9c:1c:24:74:c3:aa:a6:c6:74:6b:92:44:cb:18:ea:b9:
7b:11:6b:ec:a0:f0:3b:a0:d3:f6:4c:17:91:3f:11:a2:a4:64:
79:9f:5a:d0:5f:81:21:88:48:ac:91:ee:52:29:eb:ea:91:f1:
ef:0e:32:56:a8:26:4a:83:b2:51:2f:a2:e7:ca:57:81:28:cc:
38:e8:de:ef:c5:7d:b8:2a:49:63:c3:e2:9c:ab:2f:cc:28:84:
e3:f2:0f:1b:32:61:55:79:6a:41:42:21:4f:d3:5e:22:2b:d0:
ab:d2:f4:7e:49:95:4b:15:8e:1a:fc:56:0c:72:c2:be:75:25:
68:d2:03:54:7e:2b:99:1d:c7:18:64:33:7f:e2:6a:2d:04:f4:
89:26:fe:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLQ4EfVgk596igseo2jGLdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGI5NWY5ZDFiNWMzZWM5MzRmZjg0ZDZmZjdmMDEyNDJk
YTg0MmEwHhcNMjIwODI0MTcyMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWYxYTBhMjBhY2YxYWNhMDBhZWU1ZTg3NTBjOTk3ODhjOWU5MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyqojkcUoyzmUmcY2+2boyKG4375
bfMqg4CCoUS6LgSb2zlBOHl+R4gDqis+nV/m943l0Z4vM14TGckcWXvb2CLHBnFP
Bz+YZ/4J7+2UTaiP+89JRYFM3BWpmtl77muQakNcAEef16VEfpo354/HIKx3FZpl
MJpd5H2oTeLckyBv30JZcR++HovWTUgHL50ESpwU9epCDNZoiYCBx/pbFc6BDI/R
NXYmVPVOe27a5wQPunQKNLNmMxa7xl1vx0JtorAaJzVI89N1PYlBF9Cy3K3Vx9hC
tol9WtS0Yfc/2rJv+QIjsZ1QXw3FHFWRkuQf58Q83QcO2sRxize+xQIBvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXxoKIKzxrKAK7l6HUMmXiMnpH0MB8GA1UdIwQY
MBaAFPTblfnRtcPsk0/4TW/38BJC2oQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjIt
MTRiMzhiNmUwMGE3LzEvaGZHZ29nclBHc29BcnVYb2RReVplSXlla2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjItMTRiMzhiNmUwMGE3
LzEvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvHdwMA0G
CSqGSIb3DQEBCwUAA4IBAQCYimzcklPSAjzUgJ4IeKnKyHnfbKyLe1YkQh+GOex/
ESi1u5qbQzLHLSoHsnwHQN9o61/vPFrk2tx58R++pwXnxO8EI2RvYy+f85XDhh7a
0s5nHHQ5bfmXqRBqc/rl/VApbKIrFdlZPzQCmXN/7pwcJHTDqqbGdGuSRMsY6rl7
EWvsoPA7oNP2TBeRPxGipGR5n1rQX4EhiEiske5SKevqkfHvDjJWqCZKg7JRL6Ln
yleBKMw46N7vxX24Kkljw+Kcqy/MKITj8g8bMmFVeWpBQiFP014iK9Cr0vR+SZVL
FY4a/FYMcsK+dSVo0gNUfiuZHccYZDN/4motBPSJJv4O
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:03 2023 by rpki-client on console-ams.rpki-client.org