Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/GODFm2dvIP5RoJ1pSAVJUSYq8no.roa
File: GODFm2dvIP5RoJ1pSAVJUSYq8no.roa (raw, json)
Hash identifier: HgQto7mGfbdcA1XXqMmBEJ3cWCa17FnWV/PNJhjFflo=
Subject key identifier: 18:E0:C5:9B:67:6F:20:FE:51:A0:9D:69:48:05:49:51:26:2A:F2:7A
Certificate issuer: /CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Certificate serial: 01856E5D609E8085E6A988ACAB0022096C6C
Authority key identifier: E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/GODFm2dvIP5RoJ1pSAVJUSYq8no.roa
Signing time: Sun 01 Jan 2023 17:24:51 +0000
ROA not before: Sun 01 Jan 2023 17:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 176.116.117.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:60:9e:80:85:e6:a9:88:ac:ab:00:22:09:6c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Validity
Not Before: Jan 1 17:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18e0c59b676f20fe51a09d6948054951262af27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6b:50:b3:47:3d:f0:6e:21:2e:9e:e5:73:e7:
cb:f0:b3:d8:4b:05:8d:df:19:35:d1:02:36:b4:8e:
fd:34:a3:ce:82:42:89:4a:e8:4b:77:49:98:95:2a:
1c:df:0d:31:d4:47:fd:7d:3b:8c:37:1c:b5:db:9b:
71:0b:cd:e5:c9:94:3a:a3:58:3c:0b:42:01:56:e9:
a1:dc:00:c4:31:63:2f:da:32:11:bd:f8:b1:09:f3:
3d:41:96:eb:ac:93:f9:0c:bb:31:cf:40:b3:1e:b4:
bf:60:dd:2b:2d:1f:af:d1:e8:ec:39:35:c0:ef:b8:
81:95:ec:2c:c8:9b:95:d4:ec:60:4b:0d:94:c8:95:
23:ab:a7:60:7c:82:1c:47:d9:a1:a9:d7:70:98:84:
10:71:92:00:f0:15:1d:59:2c:fa:f5:42:b6:c3:24:
4c:05:c0:97:85:82:68:b6:8b:c3:44:2d:53:e9:d4:
77:13:cd:b9:bb:27:14:0f:7b:d2:53:ff:72:47:4d:
16:7f:c0:9b:75:dc:62:f4:ef:be:48:78:92:fb:d3:
35:ee:99:91:e7:2c:47:f5:59:60:aa:68:fc:06:b2:
63:f0:1a:34:b4:72:c5:67:06:a4:de:6c:53:7c:29:
40:51:ac:b1:8c:12:b6:60:f0:6d:64:d8:da:2b:07:
e3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E0:C5:9B:67:6F:20:FE:51:A0:9D:69:48:05:49:51:26:2A:F2:7A
X509v3 Authority Key Identifier:
keyid:E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/GODFm2dvIP5RoJ1pSAVJUSYq8no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.117.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:19:8b:1c:4a:75:e9:16:95:4e:0e:22:85:da:a7:32:73:75:
d6:cc:f2:6f:94:7a:09:21:0d:66:35:d9:31:9e:bc:8c:93:46:
71:fa:1b:78:2d:63:40:4b:9f:15:9d:9f:27:8d:0e:78:83:3a:
78:77:96:fb:75:e9:0d:45:b6:0e:ed:d3:aa:df:ec:3f:6f:9c:
f6:17:c8:45:53:7f:94:eb:f7:43:af:59:d3:fe:a1:cc:fa:29:
8e:06:88:f4:9b:de:5d:32:de:5c:ba:3f:1b:d2:49:48:51:7a:
02:0a:3c:18:85:e8:9c:d9:0a:b6:2d:56:4c:24:ca:4a:03:04:
0a:a5:65:a3:fe:c2:95:c9:6f:88:48:20:95:ba:7b:b3:70:48:
a8:97:f7:83:59:94:f2:c0:c7:d9:33:92:28:03:24:46:ec:01:
80:89:76:bb:6a:87:4f:42:0c:27:c3:34:2d:a5:bf:f3:f3:17:
59:0c:93:72:23:da:af:59:cf:16:7c:d9:c9:d9:af:c0:19:ee:
a1:96:20:95:f6:1b:e6:fa:d7:e1:f2:70:0f:3d:f4:02:39:90:
ef:66:a4:c8:30:73:38:34:80:1c:b8:08:7c:4c:06:e0:b5:c9:
43:9f:74:60:65:d9:e0:36:21:bd:95:70:a1:88:de:0e:f5:ef:
92:68:83:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXWCegIXmqYisqwAiCWxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmNmYzEwNzdjZjg3Njg4OGZiNmM3NWIyZTM5NDkyMzIw
NWYzYjUwHhcNMjMwMTAxMTcyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGUwYzU5YjY3NmYyMGZlNTFhMDlkNjk0ODA1NDk1MTI2MmFmMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWtQs0c98G4hLp7lc+fL8LPYSwWN
3xk10QI2tI79NKPOgkKJSuhLd0mYlSoc3w0x1Ef9fTuMNxy125txC83lyZQ6o1g8
C0IBVumh3ADEMWMv2jIRvfixCfM9QZbrrJP5DLsxz0CzHrS/YN0rLR+v0ejsOTXA
77iBlewsyJuV1OxgSw2UyJUjq6dgfIIcR9mhqddwmIQQcZIA8BUdWSz69UK2wyRM
BcCXhYJotovDRC1T6dR3E825uycUD3vSU/9yR00Wf8Cbddxi9O++SHiS+9M17pmR
5yxH9Vlgqmj8BrJj8Bo0tHLFZwak3mxTfClAUayxjBK2YPBtZNjaKwfjywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjgxZtnbyD+UaCdaUgFSVEmKvJ6MB8GA1UdIwQY
MBaAFOW8/BB3z4doiPtsdbLjlJIyBfO1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWJ6OEVIZlBoMmlJLTJ4MXN1T1VraklGODdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lMDVlNzctMTJhZS00ZjU5LTk0OTEt
Y2FkZDExMjljOThkLzEvR09ERm0yZHZJUDVSb0oxcFNBVkpVU1lxOG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lMDVlNzctMTJhZS00ZjU5LTk0OTEtY2FkZDExMjljOThk
LzEvNWJ6OEVIZlBoMmlJLTJ4MXN1T1VraklGODdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHR1MA0G
CSqGSIb3DQEBCwUAA4IBAQDBGYscSnXpFpVODiKF2qcyc3XWzPJvlHoJIQ1mNdkx
nryMk0Zx+ht4LWNAS58VnZ8njQ54gzp4d5b7dekNRbYO7dOq3+w/b5z2F8hFU3+U
6/dDr1nT/qHM+imOBoj0m95dMt5cuj8b0klIUXoCCjwYheic2Qq2LVZMJMpKAwQK
pWWj/sKVyW+ISCCVunuzcEiol/eDWZTywMfZM5IoAyRG7AGAiXa7aodPQgwnwzQt
pb/z8xdZDJNyI9qvWc8WfNnJ2a/AGe6hliCV9hvm+tfh8nAPPfQCOZDvZqTIMHM4
NIAcuAh8TAbgtclDn3RgZdngNiG9lXChiN4O9e+SaIOT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org