Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/fQ0k6oT6p0TQCL9g-BanxlziBCE.roa
File: fQ0k6oT6p0TQCL9g-BanxlziBCE.roa (raw, json)
Hash identifier: jTzq8m9Ajkp3UX5kLL5NqG65+7W8sYYzZpTRvbGDdCs=
Subject key identifier: 7D:0D:24:EA:84:FA:A7:44:D0:08:BF:60:F8:16:A7:C6:5C:E2:04:21
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 03E23BE8
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/fQ0k6oT6p0TQCL9g-BanxlziBCE.roa
Signing time: Wed 04 May 2022 00:29:32 +0000
ROA not before: Wed 04 May 2022 00:29:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 85.204.148.0/22 maxlen: 24
86.105.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65158120 (0x3e23be8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: May 4 00:29:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d0d24ea84faa744d008bf60f816a7c65ce20421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f2:0e:b7:76:dc:98:71:12:fb:a9:6b:0d:a3:
4c:2a:e1:25:9a:33:cf:70:e3:0e:69:bc:e4:14:d4:
7b:7a:7e:f7:17:64:6e:57:12:bd:a6:53:6f:1b:16:
b3:43:c1:a2:85:5b:65:76:b7:51:00:45:5b:d7:38:
cc:32:dd:96:a3:ed:85:8a:98:9b:71:5d:ad:06:86:
34:20:c0:f0:58:56:bf:0a:a6:8b:df:07:81:a0:8e:
ce:85:c0:97:dd:50:f9:78:80:40:85:71:c7:c4:5b:
d4:51:72:11:c4:1d:be:95:b8:45:aa:ed:8b:e0:18:
55:77:d2:37:89:5e:95:3b:89:78:6d:e3:3e:1c:bc:
54:94:1d:fc:ab:26:de:9f:91:57:83:a2:c6:5f:fc:
52:3c:99:45:7c:95:54:7e:80:c5:0b:2d:3b:ab:ff:
b0:29:51:ad:f2:29:59:29:3d:6c:e4:a5:f2:1f:8b:
4e:93:6b:f2:ef:5b:71:47:6f:52:d0:2e:8a:7e:f7:
4d:d8:48:75:ab:cb:02:87:be:7b:16:d5:c8:db:3b:
51:92:2e:33:58:a0:63:aa:e9:05:ad:65:7b:4a:d1:
5a:72:c2:2d:5b:5e:8b:c1:bf:23:56:08:6a:29:95:
77:19:fa:c3:fd:73:bf:2e:86:14:2e:a2:53:2a:98:
45:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:0D:24:EA:84:FA:A7:44:D0:08:BF:60:F8:16:A7:C6:5C:E2:04:21
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/fQ0k6oT6p0TQCL9g-BanxlziBCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.148.0/22
86.105.104.0/22
Signature Algorithm: sha256WithRSAEncryption
14:16:88:31:e4:be:41:06:93:0e:cc:74:d9:b6:f1:98:f2:0a:
fb:83:98:f9:a7:22:3f:af:3c:f9:40:30:be:21:e9:8a:fe:5a:
24:21:00:07:53:a3:b9:91:09:93:74:7b:c5:7d:5a:08:24:71:
a8:99:44:fb:ac:3c:cd:a8:b7:ba:02:77:3f:84:40:90:29:17:
4e:63:84:03:13:4b:bd:6d:f3:82:51:98:22:85:b8:66:de:1d:
c8:23:63:07:93:b3:b7:31:c4:02:3e:c3:c8:b0:3b:04:49:56:
70:50:78:51:8d:bc:54:11:0c:18:ec:84:bc:f9:27:ff:4f:e5:
d4:15:65:cb:74:36:53:90:d0:35:e9:d5:d1:c6:e6:76:9e:4e:
69:8d:4a:ed:a3:28:ca:17:d9:83:f9:61:b2:56:fd:19:ac:89:
bc:e2:8d:80:93:5c:ce:a2:13:79:ef:d2:a4:90:0b:88:d6:58:
2b:3b:fc:46:94:da:11:38:f1:eb:30:5f:ad:22:2c:47:8f:d1:
51:ac:aa:79:9a:da:71:1f:27:aa:2d:01:94:96:ba:7b:ff:32:
a9:12:fe:01:07:b5:8e:e6:53:e9:13:c9:89:c3:7e:bd:63:0b:
5d:1f:b8:27:30:34:d2:83:8f:de:db:c8:29:e4:2e:33:a0:04:
ae:79:c0:e9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA+I76DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDUw
NDAwMjkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QwZDI0ZWE4NGZh
YTc0NGQwMDhiZjYwZjgxNmE3YzY1Y2UyMDQyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3yDrd23JhxEvupaw2jTCrhJZozz3DjDmm85BTUe3p+9xdk
blcSvaZTbxsWs0PBooVbZXa3UQBFW9c4zDLdlqPthYqYm3FdrQaGNCDA8FhWvwqm
i98HgaCOzoXAl91Q+XiAQIVxx8Rb1FFyEcQdvpW4Rarti+AYVXfSN4lelTuJeG3j
Phy8VJQd/Ksm3p+RV4Oixl/8UjyZRXyVVH6AxQstO6v/sClRrfIpWSk9bOSl8h+L
TpNr8u9bcUdvUtAuin73TdhIdavLAoe+exbVyNs7UZIuM1igY6rpBa1le0rRWnLC
LVtei8G/I1YIaimVdxn6w/1zvy6GFC6iUyqYRQcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR9DSTqhPqnRNAIv2D4FqfGXOIEITAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
L2ZRMGs2b1Q2cDBUUUNMOWctQmFueGx6aUJDRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8xLzJnRHBnWlV3WVpj
c2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlXMlAMEAlZpaDANBgkqhkiG9w0B
AQsFAAOCAQEAFBaIMeS+QQaTDsx02bbxmPIK+4OY+aciP688+UAwviHpiv5aJCEA
B1OjuZEJk3R7xX1aCCRxqJlE+6w8zai3ugJ3P4RAkCkXTmOEAxNLvW3zglGYIoW4
Zt4dyCNjB5OztzHEAj7DyLA7BElWcFB4UY28VBEMGOyEvPkn/0/l1BVly3Q2U5DQ
NenV0cbmdp5OaY1K7aMoyhfZg/lhslb9GayJvOKNgJNczqITee/SpJALiNZYKzv8
RpTaETjx6zBfrSIsR4/RUayqeZracR8nqi0BlJa6e/8yqRL+AQe1juZT6RPJicN+
vWMLXR+4JzA00oOP3tvIKeQuM6AErnnA6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org