Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/RKMqCIB1CmsCaDX6toYkzS1UW2w.roa
File: RKMqCIB1CmsCaDX6toYkzS1UW2w.roa (raw, json)
Hash identifier: OJbjEBYfvJNYOkUVfC5FYcXWTz2y5GNPqa74v4CqD/w=
Subject key identifier: 44:A3:2A:08:80:75:0A:6B:02:68:35:FA:B6:86:24:CD:2D:54:5B:6C
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29EF1687
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/RKMqCIB1CmsCaDX6toYkzS1UW2w.roa
Signing time: Sat 01 Jan 2022 13:54:24 +0000
ROA not before: Sat 01 Jan 2022 13:54:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61263
IP address blocks: 93.179.70.0/23 maxlen: 23
93.179.122.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703534727 (0x29ef1687)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44a32a0880750a6b026835fab68624cd2d545b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7a:d2:e6:39:71:cc:c9:0d:22:70:91:77:20:
bd:da:ca:6c:a8:2b:9a:64:b9:9a:14:79:aa:c3:06:
e4:a4:fa:8f:e7:f3:23:20:81:f2:b4:04:6f:21:b7:
9b:0b:bc:f3:6e:a6:ff:54:19:51:88:b0:ec:20:9d:
88:ce:ce:b5:77:76:ac:50:98:9a:98:b5:86:f4:df:
3c:ae:c2:68:06:cf:ae:1e:35:d4:1f:bf:68:ed:6b:
63:d3:79:17:ef:c2:45:1f:04:0a:7a:30:ae:52:ab:
7d:35:f8:74:41:60:12:2d:1c:78:98:4a:29:f7:7a:
4a:eb:ef:92:e1:fd:3a:ec:da:ca:97:20:30:e0:2a:
9a:89:e4:1d:27:53:1f:23:ec:0f:d5:34:88:2c:c5:
73:fc:a8:58:32:87:90:50:b6:e2:93:11:04:86:78:
b5:66:2e:1f:7a:9b:5d:f0:4a:07:f6:a1:f5:b8:1b:
57:c2:78:9e:6f:43:95:07:f0:60:a5:ea:08:5c:52:
47:cb:71:59:39:43:6d:e6:09:fe:e8:8c:c8:4d:14:
38:7f:9e:73:24:1b:a0:af:22:12:a7:0e:9b:44:53:
fb:53:5d:45:a0:7c:fa:32:81:ed:dc:13:1b:b1:b7:
62:78:d4:c1:28:8c:5a:f9:ec:94:b6:c1:aa:aa:32:
59:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A3:2A:08:80:75:0A:6B:02:68:35:FA:B6:86:24:CD:2D:54:5B:6C
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/RKMqCIB1CmsCaDX6toYkzS1UW2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.179.70.0/23
93.179.122.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:7d:f7:4a:54:7d:e8:58:1a:50:26:a5:68:38:64:c2:dd:b6:
f4:43:28:c6:6c:ac:0e:ec:ee:24:7f:24:21:36:94:f4:fe:c9:
3f:a6:02:92:e7:ce:eb:77:e1:62:c0:ed:0f:bc:60:68:9f:c1:
dc:e4:94:2c:d4:65:fe:6d:be:f6:da:84:c9:d0:03:be:51:40:
6c:99:46:03:1b:3f:b1:d0:29:43:8c:29:37:d9:84:33:44:2f:
ad:5c:05:2b:f1:95:01:12:90:e8:81:81:39:01:df:04:74:f5:
95:4c:01:b8:bf:c7:79:b5:f7:9d:1d:40:c2:6c:9e:01:39:b0:
0e:39:2f:7a:ee:36:24:51:08:d0:c5:5f:9e:67:ec:50:50:8b:
6e:b5:e1:78:f4:2a:97:db:dd:04:f9:a9:bf:2b:b1:f1:a7:c0:
5f:6c:a9:37:a4:12:20:fc:ad:e8:62:1e:9c:f2:27:09:ca:50:
d2:ce:ff:8a:01:25:42:bf:72:05:ee:7e:4a:e8:75:9c:ed:86:
41:8a:97:97:52:0a:05:0d:7c:f9:7e:43:23:7f:b6:93:d3:fc:
e3:74:fb:4b:5b:4a:da:15:b3:00:e7:23:df:01:10:14:80:a2:
a0:56:56:83:32:47:4d:5c:f4:14:94:cb:f6:fc:f3:b6:16:7b:
82:4c:8d:4d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEKe8WhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRhMzJhMDg4MDc1
MGE2YjAyNjgzNWZhYjY4NjI0Y2QyZDU0NWI2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIV60uY5cczJDSJwkXcgvdrKbKgrmmS5mhR5qsMG5KT6j+fz
IyCB8rQEbyG3mwu8826m/1QZUYiw7CCdiM7OtXd2rFCYmpi1hvTfPK7CaAbPrh41
1B+/aO1rY9N5F+/CRR8ECnowrlKrfTX4dEFgEi0ceJhKKfd6SuvvkuH9Ouzaypcg
MOAqmonkHSdTHyPsD9U0iCzFc/yoWDKHkFC24pMRBIZ4tWYuH3qbXfBKB/ah9bgb
V8J4nm9DlQfwYKXqCFxSR8txWTlDbeYJ/uiMyE0UOH+ecyQboK8iEqcOm0RT+1Nd
RaB8+jKB7dwTG7G3YnjUwSiMWvnslLbBqqoyWRECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBREoyoIgHUKawJoNfq2hiTNLVRbbDAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L1JLTXFDSUIxQ21zQ2FEWDZ0b1lrelMxVVcydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAV2zRgMEAV2zejANBgkqhkiG9w0B
AQsFAAOCAQEAnn33SlR96FgaUCalaDhkwt229EMoxmysDuzuJH8kITaU9P7JP6YC
kufO63fhYsDtD7xgaJ/B3OSULNRl/m2+9tqEydADvlFAbJlGAxs/sdApQ4wpN9mE
M0QvrVwFK/GVARKQ6IGBOQHfBHT1lUwBuL/HebX3nR1AwmyeATmwDjkveu42JFEI
0MVfnmfsUFCLbrXhePQql9vdBPmpvyux8afAX2ypN6QSIPyt6GIenPInCcpQ0s7/
igElQr9yBe5+Suh1nO2GQYqXl1IKBQ18+X5DI3+2k9P843T7S1tK2hWzAOcj3wEQ
FICioFZWgzJHTVz0FJTL9vzzthZ7gkyNTQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:13 2023 by rpki-client on console-ams.rpki-client.org