Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/xPyV0OsaLoKdq2Bf69KMvornsio.roa
File: xPyV0OsaLoKdq2Bf69KMvornsio.roa (raw, json)
Hash identifier: v/mA+KGcExcmhry373el/wSktahGZT8IqlhFlHLJwuc=
Subject key identifier: C4:FC:95:D0:EB:1A:2E:82:9D:AB:60:5F:EB:D2:8C:BE:8A:E7:B2:2A
Certificate issuer: /CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Certificate serial: 0181D4B4D0444BD4C66145917532A9443401
Authority key identifier: D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/xPyV0OsaLoKdq2Bf69KMvornsio.roa
Signing time: Wed 06 Jul 2022 18:10:28 +0000
ROA not before: Wed 06 Jul 2022 18:10:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58367
IP address blocks: 151.216.2.0/24 maxlen: 24
2001:7fc::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d4:b4:d0:44:4b:d4:c6:61:45:91:75:32:a9:44:34:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Validity
Not Before: Jul 6 18:10:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4fc95d0eb1a2e829dab605febd28cbe8ae7b22a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b2:9a:0a:67:c4:e1:c4:6b:fb:fc:22:d8:02:
19:16:6f:c9:6b:52:d7:48:70:99:b5:59:f3:d5:07:
52:99:04:8a:b5:f4:8e:f1:fa:af:ba:11:69:61:97:
95:36:bf:3a:39:dd:a3:5a:64:75:0d:11:69:17:43:
a3:96:46:47:3b:79:0a:9c:f4:28:d2:30:5f:f9:21:
3d:02:77:f6:74:de:29:56:61:13:c3:1c:24:e6:a9:
98:3b:30:39:b1:1f:fc:6b:ae:7a:b7:6a:3c:64:f8:
47:e0:7e:47:dd:b7:cd:a6:0b:d2:83:e8:3f:97:02:
ea:a8:1f:1a:a5:39:41:00:b4:62:e4:4c:b8:23:be:
ac:fc:8b:c0:fc:75:c3:96:0f:fe:ad:56:f4:dd:13:
8e:41:2c:3c:26:ea:45:31:6e:66:b1:e8:9e:64:91:
b4:be:26:94:85:fc:da:3b:2a:64:37:12:8f:bf:18:
fc:8b:f6:78:8a:2e:06:49:71:f4:3c:2c:45:47:7c:
2f:b0:f3:1b:14:20:21:7a:a8:ce:b4:08:61:2b:27:
70:40:81:d8:24:30:a7:16:35:14:a7:b1:83:db:11:
16:1c:1a:b0:c7:30:50:a3:02:a4:a7:c3:92:6c:47:
e6:14:2a:50:87:79:e4:68:35:a4:f2:09:f2:dc:78:
e6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FC:95:D0:EB:1A:2E:82:9D:AB:60:5F:EB:D2:8C:BE:8A:E7:B2:2A
X509v3 Authority Key Identifier:
keyid:D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/xPyV0OsaLoKdq2Bf69KMvornsio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/1zeCTg_6efGLn8SdbLDdgcmmyig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.2.0/24
IPv6:
2001:7fc::/48
Signature Algorithm: sha256WithRSAEncryption
13:7b:16:d8:5b:0b:66:db:40:f6:3f:f6:25:60:7d:92:47:62:
9c:64:d2:34:18:96:1c:51:1b:38:08:92:89:61:9f:d0:1d:c8:
23:d0:15:3c:2a:d7:08:9d:a7:bc:2a:0e:20:ea:7e:75:2d:5b:
3c:1f:76:0d:26:02:69:92:53:68:9b:67:0c:8e:bb:c8:ae:25:
f5:cb:cf:1d:51:2e:96:29:30:d1:43:25:dc:7c:8e:46:98:1d:
f6:d3:eb:77:1e:2e:75:b7:60:48:c5:4c:86:35:c6:7e:c8:35:
6f:50:bc:cf:67:27:fa:a4:b0:6f:b6:78:77:65:16:72:9b:34:
b2:fc:99:58:76:d2:ab:79:2c:2e:10:24:33:ae:42:ea:d2:c6:
85:4e:a8:cc:39:e3:74:7d:85:ee:60:70:13:90:50:eb:c5:ed:
1d:90:b6:de:50:ce:35:10:1e:dc:d6:5a:5f:8f:cb:aa:17:af:
99:df:38:98:bf:ae:b6:f9:ca:3a:6a:3e:c7:df:68:05:85:a3:
1a:77:4d:2a:02:e1:64:ff:d5:b8:5e:74:8a:e8:66:b8:a3:bc:
0b:f8:ac:ae:60:7a:00:58:37:3b:c9:fe:bc:84:9e:83:36:a6:
9b:b4:40:8e:53:85:b6:8e:ba:81:3e:6f:ba:39:29:8c:ac:39:
92:21:93:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYHUtNBES9TGYUWRdTKpRDQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Mzc4MjRlMGZmYTc5ZjE4YjlmYzQ5ZDZjYjBkZDgxYzlh
NmNhMjgwHhcNMjIwNzA2MTgxMDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZjOTVkMGViMWEyZTgyOWRhYjYwNWZlYmQyOGNiZThhZTdiMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbKaCmfE4cRr+/wi2AIZFm/Ja1LX
SHCZtVnz1QdSmQSKtfSO8fqvuhFpYZeVNr86Od2jWmR1DRFpF0OjlkZHO3kKnPQo
0jBf+SE9Anf2dN4pVmETwxwk5qmYOzA5sR/8a656t2o8ZPhH4H5H3bfNpgvSg+g/
lwLqqB8apTlBALRi5Ey4I76s/IvA/HXDlg/+rVb03ROOQSw8JupFMW5mseieZJG0
viaUhfzaOypkNxKPvxj8i/Z4ii4GSXH0PCxFR3wvsPMbFCAheqjOtAhhKydwQIHY
JDCnFjUUp7GD2xEWHBqwxzBQowKkp8OSbEfmFCpQh3nkaDWk8gny3HjmLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMT8ldDrGi6CnatgX+vSjL6K57IqMB8GA1UdIwQY
MBaAFNc3gk4P+nnxi5/EnWyw3YHJpsooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXplQ1RnXzZlZkdMbjhTZGJMRGRnY21teWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NDZkNDAtNTc4Mi00ZGUwLWEyYzUt
YjY4ZjVkOGY2NTFhLzEveFB5VjBPc2FMb0tkcTJCZjY5S012b3Juc2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80NDZkNDAtNTc4Mi00ZGUwLWEyYzUtYjY4ZjVkOGY2NTFh
LzEvMXplQ1RnXzZlZkdMbjhTZGJMRGRnY21teWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAl9gCMA8E
AgACMAkDBwAgAQf8AAAwDQYJKoZIhvcNAQELBQADggEBABN7FthbC2bbQPY/9iVg
fZJHYpxk0jQYlhxRGzgIkolhn9AdyCPQFTwq1widp7wqDiDqfnUtWzwfdg0mAmmS
U2ibZwyOu8iuJfXLzx1RLpYpMNFDJdx8jkaYHfbT63ceLnW3YEjFTIY1xn7INW9Q
vM9nJ/qksG+2eHdlFnKbNLL8mVh20qt5LC4QJDOuQurSxoVOqMw543R9he5gcBOQ
UOvF7R2Qtt5QzjUQHtzWWl+Py6oXr5nfOJi/rrb5yjpqPsffaAWFoxp3TSoC4WT/
1bhedIroZrijvAv4rK5gegBYNzvJ/ryEnoM2ppu0QI5ThbaOuoE+b7o5KYysOZIh
kww=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-fra.rpki-client.org