Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uDF8SlgLNfS2NuIePEuRGAa5Qj0.roa
File: uDF8SlgLNfS2NuIePEuRGAa5Qj0.roa (raw, json)
Hash identifier: Moq13+hoQTxZ7mW+ht9IJLRxu9CH/YV+uhS6VFXDU4s=
Subject key identifier: B8:31:7C:4A:58:0B:35:F4:B6:36:E2:1E:3C:4B:91:18:06:B9:42:3D
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 313874B3
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uDF8SlgLNfS2NuIePEuRGAa5Qj0.roa
Signing time: Fri 13 May 2022 07:49:02 +0000
ROA not before: Fri 13 May 2022 07:49:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8866
IP address blocks: 83.222.184.0/21 maxlen: 21
109.160.116.0/23 maxlen: 23
87.246.4.0/23 maxlen: 23
87.246.8.0/21 maxlen: 21
87.246.16.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 825783475 (0x313874b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: May 13 07:49:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8317c4a580b35f4b636e21e3c4b911806b9423d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5a:88:a4:ea:62:4d:b7:72:ac:d6:9b:be:2c:
ae:30:74:86:6c:6e:56:a5:36:ba:20:15:39:03:41:
38:c2:f6:dd:b1:7f:4b:cb:ea:f7:cd:b5:27:17:df:
8a:a7:42:ad:a5:bf:af:7a:99:7e:25:19:cb:1f:d4:
e8:d9:58:c3:d8:6c:de:59:28:97:e7:9e:5e:b0:5b:
5c:22:62:0c:fd:73:c1:45:59:cd:0b:0f:dd:05:33:
a4:18:b0:63:98:15:a0:69:34:08:89:3b:72:cb:57:
c8:15:6d:b1:0e:9a:e9:32:8b:c5:6b:81:28:78:96:
dd:89:8e:f8:57:0c:a6:ac:30:eb:93:1d:ac:c7:a0:
77:fc:66:5d:f5:d3:37:7e:af:06:a8:3d:bd:0e:f0:
14:e8:19:53:a3:fa:94:ee:e7:8f:b6:2b:94:38:91:
ac:72:d5:f0:20:cb:78:b9:04:99:6e:f5:ee:6a:f8:
84:f2:22:76:67:db:9c:d2:e4:aa:bc:0b:b8:18:b9:
b9:5b:47:c1:0e:62:ad:86:d7:e9:ed:09:b6:ad:ba:
f7:e4:44:53:5a:49:12:d7:b1:d0:7d:dc:ff:55:fc:
df:53:76:86:fb:32:7f:b1:14:79:2e:7c:26:cc:5c:
30:63:2f:05:b8:a2:0f:67:08:19:a3:20:d8:4c:ea:
bc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:31:7C:4A:58:0B:35:F4:B6:36:E2:1E:3C:4B:91:18:06:B9:42:3D
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uDF8SlgLNfS2NuIePEuRGAa5Qj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.222.184.0/21
87.246.4.0/23
87.246.8.0-87.246.23.255
109.160.116.0/23
Signature Algorithm: sha256WithRSAEncryption
16:3b:ae:df:da:80:8f:2b:59:e1:e5:e7:cb:c1:d4:68:42:f4:
22:dc:0b:fd:05:f8:79:d4:fe:97:7c:fb:ac:83:b7:64:30:9d:
41:c7:b2:52:ac:50:1c:b5:d5:98:b3:ed:7e:89:de:3d:51:86:
36:00:c2:ee:22:fa:9b:f3:da:25:ee:7d:ae:4f:79:06:c9:ec:
02:59:7c:3d:87:fe:54:5d:2c:5f:fb:bb:a3:f5:25:9b:86:8b:
7e:05:a1:3e:39:2f:ff:96:65:23:f8:04:e6:56:cf:0a:cb:2e:
da:c9:f5:10:d2:96:39:16:f8:59:e5:16:0a:34:8f:e6:df:f1:
26:92:53:20:a5:8d:35:e0:a3:19:c4:18:21:80:24:97:02:59:
b4:8b:89:ae:6e:89:f2:e9:1b:bc:d6:74:3a:eb:6b:8c:b7:85:
f1:8f:f4:3a:07:67:d8:9b:3b:dc:dd:60:7c:bc:70:a6:4d:ff:
f1:6d:4c:ca:90:5d:fe:6c:0f:34:cf:b7:de:2f:5b:e4:cf:e1:
51:f8:f8:dc:ec:d4:a7:c1:c4:3a:16:19:85:b7:0a:0f:cb:c6:
59:11:b3:8a:28:16:71:1d:7c:c8:32:4e:37:39:21:11:98:51:
c2:59:59:f4:12:e1:dc:95:6c:a1:cd:61:66:36:ba:f6:3a:1e:
b3:22:b1:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEMTh0szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjJhOGMxZDMxMTg5NTAxNjEwOGZmYmQxNDU3NWM3N2NjMjg3NzNhMB4XDTIyMDUx
MzA3NDkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjgzMTdjNGE1ODBi
MzVmNGI2MzZlMjFlM2M0YjkxMTgwNmI5NDIzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtaiKTqYk23cqzWm74srjB0hmxuVqU2uiAVOQNBOML23bF/
S8vq9821JxffiqdCraW/r3qZfiUZyx/U6NlYw9hs3lkol+eeXrBbXCJiDP1zwUVZ
zQsP3QUzpBiwY5gVoGk0CIk7cstXyBVtsQ6a6TKLxWuBKHiW3YmO+FcMpqww65Md
rMegd/xmXfXTN36vBqg9vQ7wFOgZU6P6lO7nj7YrlDiRrHLV8CDLeLkEmW717mr4
hPIidmfbnNLkqrwLuBi5uVtHwQ5irYbX6e0Jtq269+REU1pJEtex0H3c/1X831N2
hvsyf7EUeS58JsxcMGMvBbiiD2cIGaMg2EzqvE0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBS4MXxKWAs19LY24h48S5EYBrlCPTAfBgNVHSMEGDAWgBRyKowdMRiVAWEI
/70UV1x3zCh3OjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NpcU1IVEVZbFFGaENQLTlGRmRjZDh3b2R6by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvYjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8x
L3VERjhTbGdMTmZTMk51SWVQRXVSR0FhNVFqMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
YjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8xL2NpcU1IVEVZbFFG
aENQLTlGRmRjZDh3b2R6by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEA1PeuAMEAVf2BDAMAwQDV/YIAwQD
V/YQAwQBbaB0MA0GCSqGSIb3DQEBCwUAA4IBAQAWO67f2oCPK1nh5efLwdRoQvQi
3Av9Bfh51P6XfPusg7dkMJ1Bx7JSrFActdWYs+1+id49UYY2AMLuIvqb89ol7n2u
T3kGyewCWXw9h/5UXSxf+7uj9SWbhot+BaE+OS//lmUj+ATmVs8Kyy7ayfUQ0pY5
FvhZ5RYKNI/m3/EmklMgpY014KMZxBghgCSXAlm0i4mubony6Ru81nQ662uMt4Xx
j/Q6B2fYmzvc3WB8vHCmTf/xbUzKkF3+bA80z7feL1vkz+FR+Pjc7NSnwcQ6FhmF
twoPy8ZZEbOKKBZxHXzIMk43OSERmFHCWVn0EuHclWyhzWFmNrr2Oh6zIrHq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:14 2024 by rpki-client on console-fra.rpki-client.org