Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/r68EK-7uA_xF_ittkCKhlhT22RE.roa
File: r68EK-7uA_xF_ittkCKhlhT22RE.roa (raw, json)
Hash identifier: rri65hhtaue8IFAiehek5aHo4y4MkCBtGfoUqKOjsbs=
Subject key identifier: AF:AF:04:2B:EE:EE:03:FC:45:FE:2B:6D:90:22:A1:96:14:F6:D9:11
Certificate issuer: /CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Certificate serial: 01856E5D6290F3CDF8D556D3144989854FEA
Authority key identifier: E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/r68EK-7uA_xF_ittkCKhlhT22RE.roa
Signing time: Sun 01 Jan 2023 17:24:51 +0000
ROA not before: Sun 01 Jan 2023 17:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 176.116.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:62:90:f3:cd:f8:d5:56:d3:14:49:89:85:4f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Validity
Not Before: Jan 1 17:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afaf042beeee03fc45fe2b6d9022a19614f6d911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:db:33:37:dc:1e:7b:c3:e1:5c:c7:d2:f5:df:
1a:8c:b4:63:d8:24:ed:54:05:8c:86:4c:0d:24:ba:
ec:58:ae:fd:c2:43:59:76:fa:40:b9:9e:9b:28:24:
75:c7:0f:d7:dc:f4:a9:ba:99:46:bb:9e:6f:71:8d:
03:1e:06:e8:49:2d:73:2d:5f:23:2e:ba:06:64:97:
d6:1f:10:41:b9:b3:aa:2f:2a:6f:82:eb:fb:1b:33:
b0:a6:dc:dd:1b:00:b0:64:64:10:b2:de:73:f7:c3:
5b:cc:a8:30:0f:2a:4b:68:91:a0:34:d0:e4:66:7d:
e5:2a:b2:d8:e4:8f:c0:08:39:83:d2:ba:fc:3e:2f:
b3:90:51:e4:c3:02:67:e7:56:88:5b:37:18:04:39:
b9:03:81:04:4a:de:d4:ec:fb:66:c8:0f:83:64:91:
a7:ae:4e:49:af:3b:59:0d:e8:ee:e0:00:5d:90:6c:
8f:e9:eb:5e:9e:e9:63:d2:4c:42:1b:a0:e6:da:e1:
23:75:bf:89:0f:b1:d9:52:ab:f3:5a:5c:2b:5d:55:
8a:b7:41:bc:b3:e7:36:ea:f4:39:4a:04:05:86:04:
68:47:0b:b0:f9:db:6e:83:3c:10:19:18:42:c6:5d:
a6:96:9d:79:80:87:ef:45:36:83:86:2b:44:ba:2a:
6e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AF:04:2B:EE:EE:03:FC:45:FE:2B:6D:90:22:A1:96:14:F6:D9:11
X509v3 Authority Key Identifier:
keyid:E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/r68EK-7uA_xF_ittkCKhlhT22RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.119.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:47:ae:fe:c4:39:8d:6d:fa:2f:f3:07:03:76:45:e3:4b:57:
01:de:ac:f9:66:6c:d3:78:cf:c3:fa:f4:dc:49:98:46:00:3a:
ab:94:b5:f0:19:f0:36:2e:07:82:78:2c:10:42:cc:db:59:80:
8b:60:60:c7:85:2c:3f:b5:e7:f4:d9:8a:4b:ef:b9:65:b5:c5:
b9:79:00:b5:b1:dd:30:79:f4:bb:ed:36:36:42:74:28:db:9b:
5a:95:c9:ee:c8:bb:9f:67:bd:a3:f1:30:0a:04:3f:f9:d8:51:
b4:ef:e5:b5:2e:0b:40:9e:af:25:7a:5a:3f:92:bf:62:ed:03:
bf:70:93:ee:5c:77:93:ff:5b:90:d4:2c:2a:50:1f:a0:64:09:
66:73:e4:5f:19:b1:82:1f:84:8f:08:a1:09:ac:8a:8a:4b:a4:
cc:f3:77:a5:75:05:0b:2b:6e:85:95:3f:51:83:69:ff:46:9b:
1a:17:7e:a9:6f:dc:55:79:e1:f8:fa:d7:fc:cf:e6:97:59:75:
89:fb:e0:1d:01:08:fa:78:5a:3b:50:ea:dc:32:6d:1f:bc:ff:
7a:d6:bf:6b:c7:93:39:ce:20:d5:6e:21:50:47:24:6f:38:3f:
16:c6:9c:ef:b9:21:5b:4e:ef:94:6c:da:93:8c:ef:71:b5:b1:
a6:be:f6:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXWKQ88341VbTFEmJhU/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmNmYzEwNzdjZjg3Njg4OGZiNmM3NWIyZTM5NDkyMzIw
NWYzYjUwHhcNMjMwMTAxMTcyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmFmMDQyYmVlZWUwM2ZjNDVmZTJiNmQ5MDIyYTE5NjE0ZjZkOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdszN9wee8PhXMfS9d8ajLRj2CTt
VAWMhkwNJLrsWK79wkNZdvpAuZ6bKCR1xw/X3PSpuplGu55vcY0DHgboSS1zLV8j
LroGZJfWHxBBubOqLypvguv7GzOwptzdGwCwZGQQst5z98NbzKgwDypLaJGgNNDk
Zn3lKrLY5I/ACDmD0rr8Pi+zkFHkwwJn51aIWzcYBDm5A4EESt7U7PtmyA+DZJGn
rk5JrztZDeju4ABdkGyP6etenulj0kxCG6Dm2uEjdb+JD7HZUqvzWlwrXVWKt0G8
s+c26vQ5SgQFhgRoRwuw+dtugzwQGRhCxl2mlp15gIfvRTaDhitEuipuYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK+vBCvu7gP8Rf4rbZAioZYU9tkRMB8GA1UdIwQY
MBaAFOW8/BB3z4doiPtsdbLjlJIyBfO1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWJ6OEVIZlBoMmlJLTJ4MXN1T1VraklGODdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lMDVlNzctMTJhZS00ZjU5LTk0OTEt
Y2FkZDExMjljOThkLzEvcjY4RUstN3VBX3hGX2l0dGtDS2hsaFQyMlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lMDVlNzctMTJhZS00ZjU5LTk0OTEtY2FkZDExMjljOThk
LzEvNWJ6OEVIZlBoMmlJLTJ4MXN1T1VraklGODdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHR3MA0G
CSqGSIb3DQEBCwUAA4IBAQBOR67+xDmNbfov8wcDdkXjS1cB3qz5ZmzTeM/D+vTc
SZhGADqrlLXwGfA2LgeCeCwQQszbWYCLYGDHhSw/tef02YpL77lltcW5eQC1sd0w
efS77TY2QnQo25talcnuyLufZ72j8TAKBD/52FG07+W1LgtAnq8lelo/kr9i7QO/
cJPuXHeT/1uQ1CwqUB+gZAlmc+RfGbGCH4SPCKEJrIqKS6TM83eldQULK26FlT9R
g2n/RpsaF36pb9xVeeH4+tf8z+aXWXWJ++AdAQj6eFo7UOrcMm0fvP961r9rx5M5
ziDVbiFQRyRvOD8WxpzvuSFbTu+UbNqTjO9xtbGmvvYt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org