Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/4eZTFs8DQjQL33RCrn2z4wQ2ywY.roa
File: 4eZTFs8DQjQL33RCrn2z4wQ2ywY.roa (raw, json)
Hash identifier: DuQ2hD41aTxQYVcB98LlEPJ1fGrZA3/ejA+6JawM56A=
Subject key identifier: E1:E6:53:16:CF:03:42:34:0B:DF:74:42:AE:7D:B3:E3:04:36:CB:06
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018E3243C5BE3EA8A279777377F2FB906A8D
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/4eZTFs8DQjQL33RCrn2z4wQ2ywY.roa
Signing time: Tue 12 Mar 2024 10:44:46 +0000
ROA not before: Tue 12 Mar 2024 10:44:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 176.116.25.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c5:be:3e:a8:a2:79:77:73:77:f2:fb:90:6a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Mar 12 10:44:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1e65316cf0342340bdf7442ae7db3e30436cb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c3:63:57:a4:51:4a:19:e0:02:ff:08:48:52:
50:43:56:26:b2:d3:65:d6:3a:95:9e:b3:7e:43:12:
c7:25:8c:5e:28:17:dc:40:80:99:6d:f5:cb:1c:c3:
3a:95:07:1b:ce:f9:1f:55:a9:ba:27:d9:18:49:b3:
7a:86:c1:f2:f2:74:24:07:64:22:f1:85:07:68:56:
80:5c:1d:bb:c1:58:6f:61:5f:f1:7d:2c:cd:f0:55:
32:12:3f:e0:41:6f:f6:75:3b:9f:98:65:ab:5c:ca:
bd:d7:64:22:d1:04:1f:95:0a:40:d4:64:70:66:59:
1f:78:cf:e9:a9:34:21:cf:b8:7e:69:19:5c:fc:0e:
9c:39:d1:1a:41:d7:5b:41:7d:1c:b2:78:05:e6:f6:
57:1d:5a:a6:65:33:52:01:eb:8f:23:ee:6e:cc:7c:
50:60:f0:4f:20:7d:cc:0b:b7:c0:06:ab:2f:5a:fc:
14:6f:69:49:4a:48:03:f4:22:5d:16:93:f5:43:cb:
6d:bf:27:2a:d8:57:11:f7:02:6f:12:77:c4:75:b8:
90:0d:43:88:d2:fa:11:3c:1d:c0:a3:1f:cd:b5:42:
57:6d:23:ed:a3:ee:0d:7c:22:2c:c9:84:72:bd:74:
76:61:e6:f8:6f:1a:20:ab:5d:9b:a4:dc:05:45:98:
43:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E6:53:16:CF:03:42:34:0B:DF:74:42:AE:7D:B3:E3:04:36:CB:06
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/4eZTFs8DQjQL33RCrn2z4wQ2ywY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.25.0/24
Signature Algorithm: sha256WithRSAEncryption
55:6e:70:53:0d:a1:8d:a9:cb:60:aa:ef:18:07:f3:91:0d:1b:
5e:86:18:d5:7d:2c:7f:99:7e:e1:83:1b:97:d0:00:d7:c6:41:
93:27:f5:d4:0a:1f:f0:93:72:f4:e9:17:e2:74:0d:ef:08:8e:
4e:16:61:a2:e2:a2:88:df:51:09:65:d8:0b:e2:ae:d8:29:d6:
cd:fd:c6:38:e3:fb:1b:db:e7:37:5e:33:a7:ef:14:1e:38:ae:
ff:00:1b:f1:ba:3c:de:5d:26:3b:9a:1e:0c:35:c4:25:ba:8e:
52:57:62:be:1f:9f:66:4c:47:9d:11:71:c3:ad:35:c2:ea:5f:
a9:0f:9a:91:b8:98:63:9e:14:99:62:31:15:68:87:51:bf:64:
3d:80:3b:52:de:dd:81:1f:5c:18:88:b7:a5:22:2b:1b:38:6c:
d0:00:57:75:a8:ad:cf:e4:3b:38:77:a0:06:f4:5b:0b:af:d2:
11:62:77:cf:32:aa:23:bf:cc:d8:89:6a:27:5e:89:a8:4d:39:
7c:ba:30:79:b7:a9:6a:48:b3:7d:dd:25:93:62:f1:9d:29:de:
1f:70:2d:7a:f8:a0:e8:a3:49:af:56:47:de:d8:99:0a:9d:b1:
62:da:df:af:44:89:b9:c9:31:3f:3c:29:1b:d7:dd:67:20:6d:
1a:9e:5e:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8W+PqiieXdzd/L7kGqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwMzEyMTA0NDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU2NTMxNmNmMDM0MjM0MGJkZjc0NDJhZTdkYjNlMzA0MzZjYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksNjV6RRShngAv8ISFJQQ1YmstNl
1jqVnrN+QxLHJYxeKBfcQICZbfXLHMM6lQcbzvkfVam6J9kYSbN6hsHy8nQkB2Qi
8YUHaFaAXB27wVhvYV/xfSzN8FUyEj/gQW/2dTufmGWrXMq912Qi0QQflQpA1GRw
ZlkfeM/pqTQhz7h+aRlc/A6cOdEaQddbQX0csngF5vZXHVqmZTNSAeuPI+5uzHxQ
YPBPIH3MC7fABqsvWvwUb2lJSkgD9CJdFpP1Q8ttvycq2FcR9wJvEnfEdbiQDUOI
0voRPB3Aox/NtUJXbSPto+4NfCIsyYRyvXR2Yeb4bxogq12bpNwFRZhDLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOHmUxbPA0I0C990Qq59s+MENssGMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvNGVaVEZzOERRalFMMzNSQ3JuMno0d1EyeXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQZMA0G
CSqGSIb3DQEBCwUAA4IBAQBVbnBTDaGNqctgqu8YB/ORDRtehhjVfSx/mX7hgxuX
0ADXxkGTJ/XUCh/wk3L06RfidA3vCI5OFmGi4qKI31EJZdgL4q7YKdbN/cY44/sb
2+c3XjOn7xQeOK7/ABvxujzeXSY7mh4MNcQluo5SV2K+H59mTEedEXHDrTXC6l+p
D5qRuJhjnhSZYjEVaIdRv2Q9gDtS3t2BH1wYiLelIisbOGzQAFd1qK3P5Ds4d6AG
9FsLr9IRYnfPMqojv8zYiWonXomoTTl8ujB5t6lqSLN93SWTYvGdKd4fcC16+KDo
o0mvVkfe2JkKnbFi2t+vRIm5yTE/PCkb191nIG0anl7F
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:14 2024 by rpki-client on console-ams.rpki-client.org