Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/t864xaBAP_eCMFeKUPFLwycqNUo.roa
File: t864xaBAP_eCMFeKUPFLwycqNUo.roa (raw, json)
Hash identifier: WM/I1PK08KJ0BIECiBVPjDm/W/1UjQMX1AKeg6YGhxU=
Subject key identifier: B7:CE:B8:C5:A0:40:3F:F7:82:30:57:8A:50:F1:4B:C3:27:2A:35:4A
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 01896478EF500C31A643F3E1377F0AEA6D1D
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/t864xaBAP_eCMFeKUPFLwycqNUo.roa
Signing time: Mon 17 Jul 2023 15:29:54 +0000
ROA not before: Mon 17 Jul 2023 15:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202656
IP address blocks: 194.34.249.0/24 maxlen: 24
176.53.135.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:78:ef:50:0c:31:a6:43:f3:e1:37:7f:0a:ea:6d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Jul 17 15:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7ceb8c5a0403ff78230578a50f14bc3272a354a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:c1:1f:0a:b0:7b:42:ad:82:41:d4:fc:10:
7a:84:cf:9e:e7:3c:2d:2a:d0:b1:84:ca:a7:92:63:
bb:8f:cd:79:d5:db:aa:de:21:72:9e:2b:05:4d:63:
2d:cd:a1:3a:75:83:36:db:55:18:ae:b0:83:37:09:
8f:86:a7:07:5b:ea:39:b1:d1:fc:33:57:b3:0f:04:
74:ed:18:b2:0a:ee:7a:12:41:d3:3a:3f:3c:f6:a1:
96:18:8e:b7:6c:be:cf:0c:ae:cc:66:d7:c0:e1:6d:
04:67:d5:90:cd:71:32:b0:15:34:2e:6c:62:d9:b1:
c6:57:7f:80:a1:9c:f9:54:c1:e4:5a:4d:1f:1a:2e:
ee:5d:c3:13:98:4a:13:7e:96:a1:02:c3:c4:3d:8b:
f4:a1:54:07:b6:02:e7:cf:71:b0:2b:69:7e:f1:ea:
75:0e:08:e7:d4:54:df:7d:8b:98:fe:1d:10:d0:e8:
66:df:00:40:01:16:c6:31:95:d4:92:de:b5:65:2a:
e7:55:89:8c:d7:2c:8c:dc:c8:8f:33:d7:a5:e9:fe:
20:dd:db:35:bb:5a:4b:f1:bf:5a:d9:f1:fb:91:10:
99:a1:fa:57:2e:ac:cd:4f:a0:f0:df:f3:20:57:ab:
a6:e7:8f:cb:ed:09:07:0f:58:76:5d:00:85:d5:33:
04:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CE:B8:C5:A0:40:3F:F7:82:30:57:8A:50:F1:4B:C3:27:2A:35:4A
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/t864xaBAP_eCMFeKUPFLwycqNUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.135.0/24
194.34.249.0/24
Signature Algorithm: sha256WithRSAEncryption
20:2e:44:02:23:cd:91:b1:b3:53:9c:19:5b:47:e5:ff:f6:15:
ee:85:5d:c0:fd:fe:23:96:49:34:2b:8e:46:ac:b9:b7:d2:c9:
31:18:93:4f:ff:78:7a:7f:db:13:c1:ef:7a:7d:2d:d8:f1:84:
2f:9a:75:3a:b5:80:51:28:83:4e:e5:4b:61:ab:71:42:78:44:
80:39:62:20:2a:53:bc:86:44:3c:4e:13:ef:6e:d2:21:91:d8:
28:1d:9c:e5:87:f3:9b:d4:de:f6:8d:34:79:8b:5c:07:95:9b:
0b:b0:5b:c2:c9:76:ec:b8:50:6d:a6:fe:e4:dd:21:04:c7:23:
c5:50:29:71:50:b4:59:75:84:52:b2:01:af:74:cf:af:90:7c:
c9:80:39:00:37:fe:04:8f:19:44:51:aa:14:ba:6d:df:44:74:
47:0e:2b:06:18:4d:b0:df:cb:0b:a1:58:55:06:c1:7f:8d:47:
83:33:2b:0e:43:f8:ee:9b:1d:72:27:e5:ce:6b:e9:df:b7:c7:
88:68:86:25:8f:c3:d8:5b:68:24:98:7e:43:23:c6:af:a2:e7:
07:8b:c4:ef:7d:09:89:f7:ed:3b:2f:45:be:44:c2:b7:6e:29:
09:d4:dc:8c:e9:18:54:c5:0f:a5:39:19:af:6d:cc:20:84:3d:
43:9e:5f:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlkeO9QDDGmQ/PhN38K6m0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjMwNzE3MTUyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2NlYjhjNWEwNDAzZmY3ODIzMDU3OGE1MGYxNGJjMzI3MmEzNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsrBHwqwe0KtgkHU/BB6hM+e5zwt
KtCxhMqnkmO7j8151duq3iFynisFTWMtzaE6dYM221UYrrCDNwmPhqcHW+o5sdH8
M1ezDwR07RiyCu56EkHTOj889qGWGI63bL7PDK7MZtfA4W0EZ9WQzXEysBU0Lmxi
2bHGV3+AoZz5VMHkWk0fGi7uXcMTmEoTfpahAsPEPYv0oVQHtgLnz3GwK2l+8ep1
Dgjn1FTffYuY/h0Q0Ohm3wBAARbGMZXUkt61ZSrnVYmM1yyM3MiPM9el6f4g3ds1
u1pL8b9a2fH7kRCZofpXLqzNT6Dw3/MgV6um54/L7QkHD1h2XQCF1TME4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfOuMWgQD/3gjBXilDxS8MnKjVKMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvdDg2NHhhQkFQX2VDTUZlS1VQRkx3eWNxTlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsDWHAwQA
wiL5MA0GCSqGSIb3DQEBCwUAA4IBAQAgLkQCI82RsbNTnBlbR+X/9hXuhV3A/f4j
lkk0K45GrLm30skxGJNP/3h6f9sTwe96fS3Y8YQvmnU6tYBRKINO5Uthq3FCeESA
OWIgKlO8hkQ8ThPvbtIhkdgoHZzlh/Ob1N72jTR5i1wHlZsLsFvCyXbsuFBtpv7k
3SEExyPFUClxULRZdYRSsgGvdM+vkHzJgDkAN/4EjxlEUaoUum3fRHRHDisGGE2w
38sLoVhVBsF/jUeDMysOQ/jumx1yJ+XOa+nft8eIaIYlj8PYW2gkmH5DI8avoucH
i8TvfQmJ9+07L0W+RMK3bikJ1NyM6RhUxQ+lORmvbcwghD1Dnl9W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:03 2024 by rpki-client on console-fra.rpki-client.org