Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/3oV1rE9d4Rqeayr3JNshpv5M5wo.roa
File: 3oV1rE9d4Rqeayr3JNshpv5M5wo.roa (raw, json)
Hash identifier: p+lBHFFFyeQ1qzfyQ5epgQHKnwpqZ3nIJlXHMa0ms2s=
Subject key identifier: DE:85:75:AC:4F:5D:E1:1A:9E:6B:2A:F7:24:DB:21:A6:FE:4C:E7:0A
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29EE6D31
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/3oV1rE9d4Rqeayr3JNshpv5M5wo.roa
Signing time: Sat 01 Jan 2022 13:54:24 +0000
ROA not before: Sat 01 Jan 2022 13:54:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61120
IP address blocks: 93.179.120.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703491377 (0x29ee6d31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de8575ac4f5de11a9e6b2af724db21a6fe4ce70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:df:3d:aa:07:b7:56:e7:7e:25:1a:f8:b1:f5:
3a:f6:21:95:e4:1c:8b:0f:44:12:51:2f:30:bf:0c:
6b:34:31:97:32:7f:42:35:d6:3c:54:8a:6e:dd:4f:
94:3b:08:e2:7c:65:f3:22:89:65:af:87:b9:41:e6:
f9:ea:40:a6:dd:9b:7e:14:58:cb:6c:43:94:52:a3:
2d:eb:98:f8:cd:2f:e5:04:35:92:ee:41:79:4c:77:
62:8e:41:cd:6f:5e:1c:a3:3c:b5:51:18:a2:27:fa:
8d:c9:35:b6:67:d6:0a:28:0f:32:c5:77:7a:07:bf:
30:e5:67:d8:c5:26:14:57:98:5d:96:c3:fd:f6:4a:
28:4c:06:51:9d:ae:84:de:5e:89:30:e9:62:14:be:
45:cf:f0:e1:2f:88:a2:bc:34:ec:af:a1:99:95:0a:
86:ed:2b:6f:66:3b:ff:ce:57:fe:ab:17:f0:d4:a8:
29:f8:81:0b:07:10:16:15:4a:29:d5:a7:da:9f:3c:
e0:a2:17:94:1b:f9:a1:e2:d2:55:41:44:d0:8a:49:
9c:c3:80:27:ae:38:e4:a5:1b:c6:84:26:fa:87:09:
2f:09:ff:19:ad:34:2e:5c:b6:31:7f:e9:00:b2:84:
10:22:41:b9:0f:d8:ed:b4:fe:00:c3:a7:9a:10:da:
57:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:85:75:AC:4F:5D:E1:1A:9E:6B:2A:F7:24:DB:21:A6:FE:4C:E7:0A
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/3oV1rE9d4Rqeayr3JNshpv5M5wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.179.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f0:82:11:0e:b1:24:bd:45:60:16:1f:a5:0a:6f:50:93:3a:
59:1a:b9:7d:63:69:60:36:60:b7:16:b4:68:78:1d:06:0a:23:
92:7d:76:5d:41:02:6b:c4:c1:b6:77:8c:77:4c:6c:23:26:92:
3e:dc:e4:78:af:82:75:dc:8d:dd:7a:1b:43:a8:43:5c:6f:f4:
03:69:29:4c:80:c5:8a:72:e9:d0:75:32:da:8d:da:53:14:9b:
6e:54:dd:81:00:4d:6c:d2:b6:70:bd:98:34:70:be:b2:74:6b:
59:4a:ba:b1:f2:ab:b7:90:8c:d1:44:e2:80:76:bb:40:0b:d5:
7a:46:d3:a6:a1:a1:8a:77:21:5f:84:b9:22:16:1d:2e:3c:ae:
2d:0e:38:47:8d:f8:35:6c:cb:47:c4:17:0e:36:c8:ca:f6:56:
24:83:35:ef:b8:f9:fb:0b:71:36:de:ae:c3:3c:54:54:81:21:
13:dd:89:e8:80:40:22:ac:26:93:9c:84:39:24:d9:7a:d7:01:
6f:49:a3:72:ae:51:fb:c6:ab:41:e6:a9:c8:61:38:e4:b3:71:
9e:c9:fe:1e:a6:84:57:c2:36:66:2f:01:34:85:c4:55:57:e0:
7c:8e:18:d1:6c:93:21:e3:73:55:75:5e:7b:38:fd:6c:88:a0:
19:f5:42:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKe5tMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU4NTc1YWM0ZjVk
ZTExYTllNmIyYWY3MjRkYjIxYTZmZTRjZTcwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLfPaoHt1bnfiUa+LH1OvYhleQciw9EElEvML8MazQxlzJ/
QjXWPFSKbt1PlDsI4nxl8yKJZa+HuUHm+epApt2bfhRYy2xDlFKjLeuY+M0v5QQ1
ku5BeUx3Yo5BzW9eHKM8tVEYoif6jck1tmfWCigPMsV3ege/MOVn2MUmFFeYXZbD
/fZKKEwGUZ2uhN5eiTDpYhS+Rc/w4S+Iorw07K+hmZUKhu0rb2Y7/85X/qsX8NSo
KfiBCwcQFhVKKdWn2p884KIXlBv5oeLSVUFE0IpJnMOAJ6445KUbxoQm+ocJLwn/
Ga00Lly2MX/pALKEECJBuQ/Y7bT+AMOnmhDaV/kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTehXWsT13hGp5rKvck2yGm/kznCjAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
LzNvVjFyRTlkNFJxZWF5cjNKTnNocHY1TTV3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF2zeDANBgkqhkiG9w0BAQsFAAOC
AQEAPPCCEQ6xJL1FYBYfpQpvUJM6WRq5fWNpYDZgtxa0aHgdBgojkn12XUECa8TB
tneMd0xsIyaSPtzkeK+CddyN3XobQ6hDXG/0A2kpTIDFinLp0HUy2o3aUxSbblTd
gQBNbNK2cL2YNHC+snRrWUq6sfKrt5CM0UTigHa7QAvVekbTpqGhinchX4S5IhYd
LjyuLQ44R434NWzLR8QXDjbIyvZWJIM177j5+wtxNt6uwzxUVIEhE92J6IBAIqwm
k5yEOSTZetcBb0mjcq5R+8arQeapyGE45LNxnsn+HqaEV8I2Zi8BNIXEVVfgfI4Y
0WyTIeNzVXVeezj9bIigGfVClA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-fra.rpki-client.org