Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/H0h4PwpYwRS17Z8Q8k8KiJZNxPg.roa
File: H0h4PwpYwRS17Z8Q8k8KiJZNxPg.roa (raw, json)
Hash identifier: asMUbNRxj3QUc0MlT6QIM8Dz33zSbeIotTMVdrOxazM=
Subject key identifier: 1F:48:78:3F:0A:58:C1:14:B5:ED:9F:10:F2:4F:0A:88:96:4D:C4:F8
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 018E3243C40895E6B22A8A5BC82C640D202B
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/H0h4PwpYwRS17Z8Q8k8KiJZNxPg.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 176.126.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c4:08:95:e6:b2:2a:8a:5b:c8:2c:64:0d:20:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f48783f0a58c114b5ed9f10f24f0a88964dc4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fb:64:05:b5:48:8a:6c:4b:40:54:d7:83:42:
af:72:1c:b2:33:52:31:e6:0f:09:3c:79:9d:57:7f:
c5:0d:85:92:70:88:a8:e9:ab:82:24:6c:a4:58:12:
03:c9:7d:82:36:3b:0f:18:7a:66:ca:89:02:88:0b:
7e:27:36:ab:c7:3d:88:64:ef:60:93:cc:e5:a0:a7:
3a:99:53:41:0b:b7:b2:8b:9a:9b:9a:b3:70:18:49:
c8:d7:57:28:e7:9a:7d:89:65:7b:e4:50:39:a3:1f:
f6:28:9d:cc:13:11:70:8a:d0:ab:eb:7b:d5:6f:2d:
25:8b:32:80:c1:1b:ea:98:44:66:ca:e5:9e:58:1f:
63:c4:7e:82:2c:54:9d:09:7b:ab:1d:02:40:d3:dc:
19:3f:3a:a1:e1:38:77:d1:46:d7:46:14:a5:7d:c4:
f0:c8:e1:f6:18:0a:43:3b:d0:62:65:fd:7c:e0:3f:
ca:ea:53:e0:ec:8c:30:16:a9:16:17:f1:5c:e7:bb:
3c:69:29:c6:34:dd:65:db:7c:0f:9b:d6:11:fd:f7:
43:46:02:5e:78:33:bd:04:2e:c1:8a:11:42:2a:62:
ed:b2:62:d9:95:a1:59:6b:fc:68:d6:17:e4:f4:86:
1a:f3:a6:a7:b8:78:55:df:8a:f2:85:47:12:6a:3e:
f7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:48:78:3F:0A:58:C1:14:B5:ED:9F:10:F2:4F:0A:88:96:4D:C4:F8
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/H0h4PwpYwRS17Z8Q8k8KiJZNxPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.96.0/24
Signature Algorithm: sha256WithRSAEncryption
23:25:d9:2c:f8:de:c9:ae:ec:f4:92:0a:d5:05:1e:39:85:45:
d9:82:e7:f7:88:7a:5e:44:6d:31:cc:5e:ae:b4:18:c8:06:f2:
3a:5f:92:8b:90:3d:e8:d9:4b:f2:ef:61:7d:15:32:1a:63:8e:
dd:90:32:18:69:d5:31:4c:6d:53:dd:49:e9:e6:15:1e:d3:c2:
61:14:c7:55:2e:1a:b0:e6:8e:15:b0:67:77:10:c6:c4:4e:cd:
16:4c:d9:02:ed:6d:af:ba:79:e1:09:6a:4e:76:66:c9:90:88:
1c:d5:ad:5a:6c:5a:4f:e3:47:73:5f:25:73:ee:0b:7a:88:eb:
88:af:8a:5b:8f:75:ac:18:06:99:77:b7:6a:65:8c:83:91:b4:
ee:8a:29:cb:e8:8d:4a:29:8c:c4:83:e7:04:cc:a2:60:ca:7b:
00:3f:7f:c8:5e:b6:78:1a:cc:78:3a:01:79:0b:20:12:1c:aa:
f8:9a:57:f4:18:ae:00:7d:7f:b7:ee:e4:d3:63:34:b1:39:39:
84:6f:f4:d7:93:d6:76:58:ec:01:90:b5:e1:c5:18:9d:a6:f6:
d8:50:d8:6d:a4:d8:21:30:f5:d3:b1:ed:82:7e:68:e7:4b:e1:
9d:25:7b:8d:a7:ce:7f:e2:84:dd:3b:cd:dc:53:98:5f:88:e7:
52:1f:a4:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8QIleayKopbyCxkDSArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQ4NzgzZjBhNThjMTE0YjVlZDlmMTBmMjRmMGE4ODk2NGRjNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvtkBbVIimxLQFTXg0KvchyyM1Ix
5g8JPHmdV3/FDYWScIio6auCJGykWBIDyX2CNjsPGHpmyokCiAt+Jzarxz2IZO9g
k8zloKc6mVNBC7eyi5qbmrNwGEnI11co55p9iWV75FA5ox/2KJ3MExFwitCr63vV
by0lizKAwRvqmERmyuWeWB9jxH6CLFSdCXurHQJA09wZPzqh4Th30UbXRhSlfcTw
yOH2GApDO9BiZf184D/K6lPg7IwwFqkWF/Fc57s8aSnGNN1l23wPm9YR/fdDRgJe
eDO9BC7BihFCKmLtsmLZlaFZa/xo1hfk9IYa86anuHhV34ryhUcSaj73FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9IeD8KWMEUte2fEPJPCoiWTcT4MB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvSDBoNFB3cFl3UlMxN1o4UThrOEtpSlpOeFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsH5gMA0G
CSqGSIb3DQEBCwUAA4IBAQAjJdks+N7Jruz0kgrVBR45hUXZguf3iHpeRG0xzF6u
tBjIBvI6X5KLkD3o2Uvy72F9FTIaY47dkDIYadUxTG1T3Unp5hUe08JhFMdVLhqw
5o4VsGd3EMbETs0WTNkC7W2vunnhCWpOdmbJkIgc1a1abFpP40dzXyVz7gt6iOuI
r4pbj3WsGAaZd7dqZYyDkbTuiinL6I1KKYzEg+cEzKJgynsAP3/IXrZ4Gsx4OgF5
CyASHKr4mlf0GK4AfX+37uTTYzSxOTmEb/TXk9Z2WOwBkLXhxRidpvbYUNhtpNgh
MPXTse2CfmjnS+GdJXuNp85/4oTdO83cU5hfiOdSH6Sn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:27 2024 by rpki-client on console-fra.rpki-client.org