Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/x6k9B0Hi9h7OQF3vwptWpdtv7vc.roa
File: x6k9B0Hi9h7OQF3vwptWpdtv7vc.roa (raw, json)
Hash identifier: sV4vuxgnaM9uac8pNAf8lCxyws38fV+n/in9Fz1NUic=
Subject key identifier: C7:A9:3D:07:41:E2:F6:1E:CE:40:5D:EF:C2:9B:56:A5:DB:6F:EE:F7
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018E3243C62F97D160746F847B031FF4BDDC
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/x6k9B0Hi9h7OQF3vwptWpdtv7vc.roa
Signing time: Tue 12 Mar 2024 10:44:46 +0000
ROA not before: Tue 12 Mar 2024 10:44:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 195.96.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c6:2f:97:d1:60:74:6f:84:7b:03:1f:f4:bd:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Mar 12 10:44:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7a93d0741e2f61ece405defc29b56a5db6feef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:15:41:33:d6:49:26:50:dc:d2:dc:6d:e0:b5:
0e:39:91:ee:33:cd:de:3b:e0:3a:7c:81:f1:a6:01:
69:ca:4f:61:49:ad:7d:b8:d8:23:1d:95:ed:be:39:
c2:c8:07:e7:91:3b:9c:7b:3c:99:07:4a:09:d5:a2:
31:9a:be:1d:a9:7f:74:cc:56:61:87:d2:c3:bf:9d:
57:34:c2:15:bd:ac:45:ac:f4:3e:dd:22:7f:0f:64:
1b:dd:97:75:d9:59:76:f7:55:b6:8d:e9:6f:40:67:
a5:80:c9:9e:67:46:32:98:34:a5:dd:00:3b:ef:b2:
4b:b4:2d:54:4b:58:6c:5a:69:c8:68:ae:60:4e:5f:
68:eb:41:f1:fa:05:9c:bf:34:f9:e7:70:3e:d7:54:
98:44:d2:b4:83:de:34:37:7b:4b:a9:94:9f:0f:13:
21:f5:67:4b:d1:19:9f:56:ec:7a:63:11:c3:35:07:
c7:8c:0d:76:66:b7:fb:3b:c8:f6:a5:68:5d:0b:46:
5f:cd:95:5a:aa:ee:bb:5a:18:d6:7f:57:99:dc:be:
a6:51:3b:e3:46:1e:a5:19:10:77:9a:78:89:11:43:
57:b1:88:04:eb:14:26:c4:38:b0:78:a3:31:db:37:
ff:0f:49:6b:bd:28:47:73:e0:09:b7:23:aa:14:be:
49:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:A9:3D:07:41:E2:F6:1E:CE:40:5D:EF:C2:9B:56:A5:DB:6F:EE:F7
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/x6k9B0Hi9h7OQF3vwptWpdtv7vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.154.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ac:9c:66:85:ce:84:91:a8:4a:d6:94:81:39:1b:71:99:aa:
a2:79:0c:1c:f7:a5:f9:a0:50:ff:b9:29:75:60:21:5e:b0:dc:
4b:9d:ec:06:13:b8:fa:a3:9a:4a:66:ff:21:28:db:42:9f:da:
82:d4:7a:bd:d4:92:97:e6:31:7b:ef:3e:fa:15:f9:f0:41:51:
24:ef:f7:20:8f:b4:d0:bc:b5:06:39:ac:ff:54:6f:25:4f:32:
dc:a5:18:d4:43:6f:c4:dd:d3:22:a9:3d:bb:dc:c4:0e:6c:e4:
a4:1f:e0:7d:8b:0f:d9:71:3b:05:c4:da:dc:df:e2:8d:47:3f:
4c:12:f0:f3:b2:05:1c:cf:4e:b7:b1:de:81:f9:69:3f:a7:7e:
a9:43:9d:9e:c6:75:af:7e:86:11:3f:33:e9:38:1c:9a:68:79:
9c:b0:8a:fa:53:bd:0e:17:7a:b5:8a:f7:7b:ff:ea:ae:bd:bc:
60:a7:2a:95:d0:dd:9e:f8:8f:43:27:b9:90:9d:51:d3:43:ce:
1f:de:fb:6a:fc:9e:82:9e:83:90:e3:d7:eb:f8:7d:28:a5:0a:
24:47:11:5a:02:4b:92:e7:10:2e:65:32:89:6f:a3:90:f6:99:
35:80:40:06:45:10:27:35:8d:35:ac:59:b7:46:c7:c1:1b:4e:
74:f8:7f:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8Yvl9FgdG+EewMf9L3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwMzEyMTA0NDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2E5M2QwNzQxZTJmNjFlY2U0MDVkZWZjMjliNTZhNWRiNmZlZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxVBM9ZJJlDc0txt4LUOOZHuM83e
O+A6fIHxpgFpyk9hSa19uNgjHZXtvjnCyAfnkTucezyZB0oJ1aIxmr4dqX90zFZh
h9LDv51XNMIVvaxFrPQ+3SJ/D2Qb3Zd12Vl291W2jelvQGelgMmeZ0YymDSl3QA7
77JLtC1US1hsWmnIaK5gTl9o60Hx+gWcvzT553A+11SYRNK0g940N3tLqZSfDxMh
9WdL0RmfVux6YxHDNQfHjA12Zrf7O8j2pWhdC0ZfzZVaqu67WhjWf1eZ3L6mUTvj
Rh6lGRB3mniJEUNXsYgE6xQmxDiweKMx2zf/D0lrvShHc+AJtyOqFL5JdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMepPQdB4vYezkBd78KbVqXbb+73MB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEveDZrOUIwSGk5aDdPUUYzdndwdFdwZHR2N3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CaMA0G
CSqGSIb3DQEBCwUAA4IBAQCBrJxmhc6EkahK1pSBORtxmaqieQwc96X5oFD/uSl1
YCFesNxLnewGE7j6o5pKZv8hKNtCn9qC1Hq91JKX5jF77z76FfnwQVEk7/cgj7TQ
vLUGOaz/VG8lTzLcpRjUQ2/E3dMiqT273MQObOSkH+B9iw/ZcTsFxNrc3+KNRz9M
EvDzsgUcz063sd6B+Wk/p36pQ52exnWvfoYRPzPpOByaaHmcsIr6U70OF3q1ivd7
/+quvbxgpyqV0N2e+I9DJ7mQnVHTQ84f3vtq/J6CnoOQ49fr+H0opQokRxFaAkuS
5xAuZTKJb6OQ9pk1gEAGRRAnNY01rFm3RsfBG050+H/w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org