Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/gXNc_DDPBtrsJBO2EsWoLcodJZg.roa
File: gXNc_DDPBtrsJBO2EsWoLcodJZg.roa (raw, json)
Hash identifier: AdNIZ9tC/ZkFmsHqpjXPMfF2h4ECtE4W1Yn8NE4VvjI=
Subject key identifier: 81:73:5C:FC:30:CF:06:DA:EC:24:13:B6:12:C5:A8:2D:CA:1D:25:98
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 018D2D73AE8736CB679FC9285F8E08DA5C5D
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/gXNc_DDPBtrsJBO2EsWoLcodJZg.roa
Signing time: Sun 21 Jan 2024 19:16:12 +0000
ROA not before: Sun 21 Jan 2024 19:16:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 188.64.140.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:73:ae:87:36:cb:67:9f:c9:28:5f:8e:08:da:5c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Jan 21 19:16:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81735cfc30cf06daec2413b612c5a82dca1d2598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:88:f7:6e:e5:98:ab:11:70:ac:8b:0b:70:cd:
1e:41:f6:8d:41:dd:ac:53:6c:08:04:d3:9a:99:f9:
38:be:b4:61:cb:4c:e6:bd:69:4e:55:70:17:50:02:
61:28:66:9d:d4:c3:8f:ff:81:a9:8c:e2:fd:ce:4c:
79:40:44:f3:c6:6a:40:a4:a4:7f:50:a4:2c:e8:de:
2d:af:28:9f:6c:fa:fd:b4:e7:e6:36:ef:38:25:24:
87:e4:82:77:13:40:6d:8e:6b:9a:1b:ec:11:2c:1d:
d6:9a:53:78:98:ec:ef:9e:19:c4:63:0b:18:f8:09:
00:fe:82:f8:2c:66:dc:48:74:40:28:1c:69:d2:2d:
4b:88:08:88:e8:7f:7d:37:47:c8:11:6f:b9:af:cf:
9b:bd:00:8f:06:14:67:93:c2:70:0e:18:ea:7e:be:
35:fc:e2:1c:d8:a1:5c:b3:ce:14:21:27:6a:7d:af:
7d:f6:bf:f1:e0:72:5d:6f:19:a9:4c:33:56:2b:4d:
58:d6:7d:44:ba:bb:82:fc:e7:c8:b2:e3:18:93:f9:
08:e7:2a:cc:48:aa:f2:a8:b5:8c:a5:b5:d5:7a:a8:
29:b9:93:7c:dd:b9:78:29:67:a0:81:60:b7:76:7b:
28:d5:da:43:db:32:e8:49:33:ca:ad:8f:0e:ca:c3:
95:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:73:5C:FC:30:CF:06:DA:EC:24:13:B6:12:C5:A8:2D:CA:1D:25:98
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/gXNc_DDPBtrsJBO2EsWoLcodJZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.140.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:6d:ca:e9:29:0f:68:82:9a:30:c8:74:96:bd:16:d5:ee:fb:
b9:24:19:77:15:22:9f:f0:9c:d2:3f:6d:9b:eb:b8:e4:60:25:
56:79:5d:2e:a9:e1:3d:8f:64:34:d5:82:06:5e:9c:36:13:ca:
c8:69:07:65:3b:8d:5d:e0:d9:c7:c9:21:d2:b2:ee:5a:49:5e:
1f:f2:1d:30:13:1f:3a:93:03:44:41:bd:b2:1a:34:c2:f8:2c:
11:7f:d3:10:0b:a3:28:d3:ed:d5:0c:73:ad:cd:21:9b:a0:3f:
f4:03:9e:d7:a6:6d:d9:86:7c:63:a3:a3:5c:fb:dc:f0:ea:3c:
6e:9a:3e:ff:0e:31:17:e2:70:3e:ee:1b:16:42:b8:b8:f0:cf:
2e:04:7f:fd:ac:2b:6e:59:b3:cf:76:09:b0:69:fe:fe:f1:d0:
71:73:f1:c3:d5:1c:a5:c8:da:31:4f:ae:b5:6f:2f:43:cb:58:
ad:8c:29:c4:97:ca:70:3c:2d:61:77:64:25:43:f2:e2:b7:5d:
f3:d5:78:6a:15:fc:78:23:9f:09:14:28:57:d1:00:11:19:7b:
97:5c:3a:cf:db:2a:0e:4a:49:7c:51:d3:ff:3b:e7:c8:ae:f1:
be:4f:4c:9c:c2:c0:5f:e4:87:a3:f8:8c:57:a1:73:37:77:e7:
52:fb:65:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0tc66HNstnn8koX44I2lxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwMTIxMTkxNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTczNWNmYzMwY2YwNmRhZWMyNDEzYjYxMmM1YTgyZGNhMWQyNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIj3buWYqxFwrIsLcM0eQfaNQd2s
U2wIBNOamfk4vrRhy0zmvWlOVXAXUAJhKGad1MOP/4GpjOL9zkx5QETzxmpApKR/
UKQs6N4tryifbPr9tOfmNu84JSSH5IJ3E0BtjmuaG+wRLB3WmlN4mOzvnhnEYwsY
+AkA/oL4LGbcSHRAKBxp0i1LiAiI6H99N0fIEW+5r8+bvQCPBhRnk8JwDhjqfr41
/OIc2KFcs84UISdqfa999r/x4HJdbxmpTDNWK01Y1n1EuruC/OfIsuMYk/kI5yrM
SKryqLWMpbXVeqgpuZN83bl4KWeggWC3dnso1dpD2zLoSTPKrY8OysOVTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFzXPwwzwba7CQTthLFqC3KHSWYMB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvZ1hOY19ERFBCdHJzSkJPMkVzV29MY29kSlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvECMMA0G
CSqGSIb3DQEBCwUAA4IBAQBvbcrpKQ9ogpowyHSWvRbV7vu5JBl3FSKf8JzSP22b
67jkYCVWeV0uqeE9j2Q01YIGXpw2E8rIaQdlO41d4NnHySHSsu5aSV4f8h0wEx86
kwNEQb2yGjTC+CwRf9MQC6Mo0+3VDHOtzSGboD/0A57Xpm3Zhnxjo6Nc+9zw6jxu
mj7/DjEX4nA+7hsWQri48M8uBH/9rCtuWbPPdgmwaf7+8dBxc/HD1RylyNoxT661
by9Dy1itjCnEl8pwPC1hd2QlQ/Lit13z1XhqFfx4I58JFChX0QARGXuXXDrP2yoO
Skl8UdP/O+fIrvG+T0ycwsBf5Iej+IxXoXM3d+dS+2Uo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:27 2024 by rpki-client on console-fra.rpki-client.org