Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/d3G08Z2xl64CupujSwfAAch0F64.roa
File: d3G08Z2xl64CupujSwfAAch0F64.roa (raw, json)
Hash identifier: 6jfhND3Z9ZSDvom3rgwKLMeu8j7Iuz6SDJaELrZtkFU=
Subject key identifier: 77:71:B4:F1:9D:B1:97:AE:02:BA:9B:A3:4B:07:C0:01:C8:74:17:AE
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29F02B9C
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/d3G08Z2xl64CupujSwfAAch0F64.roa
Signing time: Sat 01 Jan 2022 13:54:25 +0000
ROA not before: Sat 01 Jan 2022 13:54:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61431
IP address blocks: 188.68.5.0/24 maxlen: 24
95.181.215.0/24 maxlen: 24
95.181.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703605660 (0x29f02b9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7771b4f19db197ae02ba9ba34b07c001c87417ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0a:50:70:29:c9:68:68:b7:2e:36:d9:bc:de:
4d:de:94:d0:69:17:8f:2e:6e:c0:d4:20:8f:d4:8c:
30:14:17:2c:6b:bd:23:c6:1c:b4:de:9a:9f:1f:c3:
a1:32:24:5c:58:eb:a0:73:29:99:26:a9:fb:5a:ae:
99:cb:84:a2:04:21:4a:d9:14:a1:5c:7b:62:a1:f2:
90:5f:80:b8:4b:34:5e:a6:5c:32:64:3c:91:57:57:
dd:42:43:38:9a:b1:e9:ca:67:b1:ef:13:43:87:a1:
69:50:32:9b:00:65:b6:c4:49:be:e5:aa:9a:10:36:
73:3b:5a:de:ee:c9:8e:e8:07:ad:44:8b:e3:ea:24:
b6:79:e2:ec:78:0d:51:1e:f3:20:71:b7:ef:0c:6c:
e1:cb:6c:82:95:bd:da:77:14:8c:5e:27:73:82:4d:
76:33:63:b5:ce:35:17:e7:e3:d6:7a:bd:ae:43:a3:
0a:09:1b:2f:af:64:44:37:18:31:3f:b5:d2:13:a4:
ed:bc:0c:86:f9:1f:7f:84:04:ae:5c:e5:86:5c:fd:
ba:a4:7c:f7:cc:de:2e:97:0e:70:17:af:71:cb:c0:
0f:96:1d:c1:5f:b1:b0:23:9a:b9:cb:e0:7c:54:32:
3a:c7:df:4a:5a:73:15:fb:87:28:af:c5:84:f7:10:
b2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:71:B4:F1:9D:B1:97:AE:02:BA:9B:A3:4B:07:C0:01:C8:74:17:AE
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/d3G08Z2xl64CupujSwfAAch0F64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.214.0/23
188.68.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:36:ad:8b:f8:af:5e:89:45:9c:9c:d8:69:86:9b:91:76:f7:
4f:77:d0:67:c9:f0:ae:06:5a:dd:19:ad:ce:76:cd:b1:38:a3:
95:cd:b7:0f:e6:94:b2:3d:33:36:cf:5a:e2:28:4b:3b:79:5a:
17:f7:a3:35:6c:76:4f:74:89:66:8b:e9:bb:6f:11:8c:27:70:
04:51:2a:96:82:0a:e1:a2:44:e7:73:8a:1b:dd:b9:b8:7c:e7:
78:92:f8:d8:28:09:0b:17:f4:86:9f:06:62:1e:aa:a0:19:0e:
ac:64:a9:e1:91:7f:e9:32:78:42:ea:eb:bc:5e:4e:3e:3c:26:
85:a3:2f:a9:01:2f:7b:ad:e6:49:c4:1d:f1:78:ec:e4:0b:c7:
5d:3c:69:45:39:5b:ad:ac:c8:ab:5d:f6:e3:28:3d:a8:d8:5b:
2e:44:f5:1e:52:c5:04:3b:ce:bd:18:21:55:fc:df:36:85:3d:
b4:f0:ec:59:c4:3d:b3:5e:b5:b0:be:0d:19:3a:be:de:3a:6a:
77:22:69:5f:21:9d:83:b7:56:0c:58:24:6c:08:28:c9:f2:0b:
81:e5:17:6c:4d:e6:8d:de:14:f3:36:c6:66:4c:83:7d:6c:e4:
fa:f7:11:05:48:b9:6d:6d:f0:ac:8f:f6:71:05:ed:00:0b:91:
be:30:67:02
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEKfArnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc3MWI0ZjE5ZGIx
OTdhZTAyYmE5YmEzNGIwN2MwMDFjODc0MTdhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIKUHApyWhoty422bzeTd6U0GkXjy5uwNQgj9SMMBQXLGu9
I8YctN6anx/DoTIkXFjroHMpmSap+1qumcuEogQhStkUoVx7YqHykF+AuEs0XqZc
MmQ8kVdX3UJDOJqx6cpnse8TQ4ehaVAymwBltsRJvuWqmhA2czta3u7JjugHrUSL
4+oktnni7HgNUR7zIHG37wxs4ctsgpW92ncUjF4nc4JNdjNjtc41F+fj1nq9rkOj
CgkbL69kRDcYMT+10hOk7bwMhvkff4QErlzlhlz9uqR898zeLpcOcBevccvAD5Yd
wV+xsCOaucvgfFQyOsffSlpzFfuHKK/FhPcQsgkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR3cbTxnbGXrgK6m6NLB8AByHQXrjAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L2QzRzA4WjJ4bDY0Q3VwdWpTd2ZBQWNoMEY2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAV+11gMEALxEBTANBgkqhkiG9w0B
AQsFAAOCAQEAoTati/ivXolFnJzYaYabkXb3T3fQZ8nwrgZa3RmtznbNsTijlc23
D+aUsj0zNs9a4ihLO3laF/ejNWx2T3SJZovpu28RjCdwBFEqloIK4aJE53OKG925
uHzneJL42CgJCxf0hp8GYh6qoBkOrGSp4ZF/6TJ4QurrvF5OPjwmhaMvqQEve63m
ScQd8Xjs5AvHXTxpRTlbrazIq1324yg9qNhbLkT1HlLFBDvOvRghVfzfNoU9tPDs
WcQ9s161sL4NGTq+3jpqdyJpXyGdg7dWDFgkbAgoyfILgeUXbE3mjd4U8zbGZkyD
fWzk+vcRBUi5bW3wrI/2cQXtAAuRvjBnAg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:13 2023 by rpki-client on console-ams.rpki-client.org