Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/b228d9-7ff3-4c40-95a6-8a36a6facd50/1/E4vPOJedBpQRLQTcRK7GSJyD2pA.roa
File: E4vPOJedBpQRLQTcRK7GSJyD2pA.roa (raw, json)
Hash identifier: n/RSDHN6POLbfKS7RJh35vNDYG0As45/VwlJ+1UFe0U=
Subject key identifier: 13:8B:CF:38:97:9D:06:94:11:2D:04:DC:44:AE:C6:48:9C:83:DA:90
Certificate issuer: /CN=4092c47db8a21931154605d576c3b7341d06b4b4
Certificate serial: 04231BF8
Authority key identifier: 40:92:C4:7D:B8:A2:19:31:15:46:05:D5:76:C3:B7:34:1D:06:B4:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QJLEfbiiGTEVRgXVdsO3NB0GtLQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/b228d9-7ff3-4c40-95a6-8a36a6facd50/1/E4vPOJedBpQRLQTcRK7GSJyD2pA.roa
Signing time: Sat 01 Jan 2022 13:58:57 +0000
ROA not before: Sat 01 Jan 2022 13:58:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206238
IP address blocks: 185.93.175.0/24 maxlen: 24
185.238.128.0/22 maxlen: 24
2a10:3780::/29 maxlen: 29
2a10:3780:2::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69409784 (0x4231bf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4092c47db8a21931154605d576c3b7341d06b4b4
Validity
Not Before: Jan 1 13:58:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=138bcf38979d0694112d04dc44aec6489c83da90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9b:b2:c5:63:7c:4b:e4:f6:bd:17:57:54:42:
ac:15:d7:50:b6:ba:62:02:04:52:f2:c9:db:fe:ff:
91:77:9c:43:2f:dc:3a:bd:b9:ce:ba:98:10:a8:f3:
34:55:dd:a5:da:dc:26:85:4a:19:73:36:8f:0c:05:
d2:79:ab:61:fb:f1:fe:d1:ed:64:cc:9d:bf:b6:9d:
8a:86:ca:18:30:70:2c:08:33:86:c8:18:5f:78:25:
69:fe:51:a0:df:6a:2e:d6:c9:8d:94:5f:15:e2:74:
80:7d:d5:25:87:2c:7c:e2:06:6e:e4:8f:26:6f:91:
3f:80:33:91:90:07:20:52:89:ef:36:55:d1:f9:dd:
0a:cc:33:90:35:cb:f1:a8:2b:f8:a7:ae:17:80:65:
33:02:71:e8:07:c7:07:bc:35:3a:af:e8:0b:a4:e8:
df:57:60:21:1c:7f:22:95:8e:48:fd:b7:75:b4:dd:
97:39:ed:a3:f8:b9:8e:f6:7c:54:8e:05:14:88:b8:
a6:72:6e:60:06:83:3b:db:70:f3:a2:95:b6:5a:f4:
27:95:bb:7a:b8:1f:cf:61:aa:80:af:28:18:aa:f4:
e6:67:42:d2:1e:f8:64:bc:c3:ce:78:3d:0b:fd:8c:
4e:56:f5:af:7d:97:e2:e1:a2:f7:86:6a:e0:7a:da:
60:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:8B:CF:38:97:9D:06:94:11:2D:04:DC:44:AE:C6:48:9C:83:DA:90
X509v3 Authority Key Identifier:
keyid:40:92:C4:7D:B8:A2:19:31:15:46:05:D5:76:C3:B7:34:1D:06:B4:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QJLEfbiiGTEVRgXVdsO3NB0GtLQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b228d9-7ff3-4c40-95a6-8a36a6facd50/1/E4vPOJedBpQRLQTcRK7GSJyD2pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b228d9-7ff3-4c40-95a6-8a36a6facd50/1/QJLEfbiiGTEVRgXVdsO3NB0GtLQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.175.0/24
185.238.128.0/22
IPv6:
2a10:3780::/29
Signature Algorithm: sha256WithRSAEncryption
2b:82:34:5c:51:3e:ab:c8:dc:2f:87:e6:88:60:a7:a7:cc:b9:
ac:2d:19:0a:56:4f:aa:04:5e:14:7c:4c:c8:19:74:f7:81:87:
ed:aa:1a:8f:6d:bb:fb:04:7f:3a:c9:ad:6b:8a:3b:ce:74:b5:
e9:a6:85:84:fc:31:58:57:e5:1a:f6:be:96:4a:a3:44:05:1a:
9b:4a:a0:c7:d9:d9:00:95:ae:5d:db:06:99:d8:ea:44:5b:31:
91:d8:15:a8:87:f9:bc:3d:eb:56:04:8f:27:25:27:9a:03:b1:
b2:2f:82:65:32:fe:f2:ce:6d:e7:06:e5:af:b7:73:18:8b:2f:
e9:96:e2:ad:23:2d:ff:08:3e:d5:66:18:cd:25:de:47:1f:c1:
b2:bf:84:d7:40:54:fd:2f:4c:d7:83:a4:7b:ac:bb:92:5e:8e:
9a:92:2e:75:9a:c8:d4:e3:f0:d7:3e:fb:54:c5:ec:e8:6a:2d:
08:4c:5e:39:35:1d:28:57:20:21:0a:72:96:1c:31:7f:26:ed:
2f:8e:75:6d:54:21:b4:0d:68:e8:0b:f6:7c:49:b6:e5:1d:ae:
1c:2f:8b:64:88:e8:94:0c:63:27:2a:3a:1f:20:45:78:81:aa:
99:c0:41:ad:f6:3a:05:fc:4a:a4:f8:c0:13:07:0a:c4:00:b2:
1c:4d:bf:23
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBCMb+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDkyYzQ3ZGI4YTIxOTMxMTU0NjA1ZDU3NmMzYjczNDFkMDZiNGI0MB4XDTIyMDEw
MTEzNTg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTM4YmNmMzg5Nzlk
MDY5NDExMmQwNGRjNDRhZWM2NDg5YzgzZGE5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCbssVjfEvk9r0XV1RCrBXXULa6YgIEUvLJ2/7/kXecQy/c
Or25zrqYEKjzNFXdpdrcJoVKGXM2jwwF0nmrYfvx/tHtZMydv7adiobKGDBwLAgz
hsgYX3glaf5RoN9qLtbJjZRfFeJ0gH3VJYcsfOIGbuSPJm+RP4AzkZAHIFKJ7zZV
0fndCswzkDXL8agr+KeuF4BlMwJx6AfHB7w1Oq/oC6To31dgIRx/IpWOSP23dbTd
lznto/i5jvZ8VI4FFIi4pnJuYAaDO9tw86KVtlr0J5W7ergfz2GqgK8oGKr05mdC
0h74ZLzDzng9C/2MTlb1r32X4uGi94Zq4HraYFUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQTi884l50GlBEtBNxErsZInIPakDAfBgNVHSMEGDAWgBRAksR9uKIZMRVG
BdV2w7c0HQa0tDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FKTEVmYmlpR1RFVlJnWFZkc08zTkIwR3RMUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvYjIyOGQ5LTdmZjMtNGM0MC05NWE2LThhMzZhNmZhY2Q1MC8x
L0U0dlBPSmVkQnBRUkxRVGNSSzdHU0p5RDJwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
YjIyOGQ5LTdmZjMtNGM0MC05NWE2LThhMzZhNmZhY2Q1MC8xL1FKTEVmYmlpR1RF
VlJnWFZkc08zTkIwR3RMUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEALldrwMEArnugDANBAIAAjAHAwUD
KhA3gDANBgkqhkiG9w0BAQsFAAOCAQEAK4I0XFE+q8jcL4fmiGCnp8y5rC0ZClZP
qgReFHxMyBl094GH7aoaj227+wR/Osmta4o7znS16aaFhPwxWFflGva+lkqjRAUa
m0qgx9nZAJWuXdsGmdjqRFsxkdgVqIf5vD3rVgSPJyUnmgOxsi+CZTL+8s5t5wbl
r7dzGIsv6ZbirSMt/wg+1WYYzSXeRx/Bsr+E10BU/S9M14Oke6y7kl6OmpIudZrI
1OPw1z77VMXs6GotCExeOTUdKFcgIQpylhwxfybtL451bVQhtA1o6Av2fEm25R2u
HC+LZIjolAxjJyo6HyBFeIGqmcBBrfY6BfxKpPjAEwcKxACyHE2/Iw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:00 2024 by rpki-client on console-ams.rpki-client.org