Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/kM_Wpi5hxgimipH_I__Ys2c5Ef0.roa
File: kM_Wpi5hxgimipH_I__Ys2c5Ef0.roa (raw, json)
Hash identifier: zsm8ojBbaJQ0TW+ZuKbGcOIiFIabpkqiuTLhIqhr0+I=
Subject key identifier: 90:CF:D6:A6:2E:61:C6:08:A6:8A:91:FF:23:FF:D8:B3:67:39:11:FD
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 018D13D7EEAAC1E2A2FEABDA36E4C0FEAD66
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/kM_Wpi5hxgimipH_I__Ys2c5Ef0.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 188.64.140.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ee:aa:c1:e2:a2:fe:ab:da:36:e4:c0:fe:ad:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90cfd6a62e61c608a68a91ff23ffd8b3673911fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2d:a1:d7:b4:8a:36:24:3d:f9:4b:fc:44:69:
04:ca:f1:52:f7:2c:eb:29:5f:53:85:1b:e3:50:59:
91:e9:33:b9:5a:1f:c8:d5:9e:c8:31:1f:a6:e5:cf:
7a:d1:42:40:2a:fe:d4:5e:73:cb:d9:5b:37:1f:af:
b9:84:84:60:32:30:15:d3:a5:2e:32:e4:cf:89:b9:
60:b8:05:0d:d8:5e:69:a7:12:77:94:23:59:78:05:
61:13:18:a4:2b:de:87:19:45:91:33:aa:89:2b:c2:
fd:c3:ed:74:c4:b9:a7:32:7e:fb:59:36:89:da:a2:
b5:f1:17:72:55:2b:a5:30:9b:58:2d:66:36:e5:83:
de:4c:bb:ca:e4:12:0a:80:85:6a:7d:42:b1:2c:ef:
42:10:3e:22:94:5e:1d:c7:4d:8d:ce:1f:4b:c1:41:
14:18:2e:c3:29:fd:bc:45:f8:22:5c:83:71:34:31:
a7:27:74:dd:64:d3:dd:6b:12:14:e2:93:91:11:d3:
a5:5c:eb:85:45:0e:eb:52:b1:5e:36:8d:bf:6c:ed:
60:68:23:e5:de:f7:a3:de:6f:45:fc:8b:a9:cc:da:
7e:a6:30:dc:1f:58:df:b1:c1:55:91:c1:2a:a9:88:
f7:03:92:2b:b3:d2:64:d5:e6:5e:8f:51:c0:a9:2d:
c5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CF:D6:A6:2E:61:C6:08:A6:8A:91:FF:23:FF:D8:B3:67:39:11:FD
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/kM_Wpi5hxgimipH_I__Ys2c5Ef0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.140.0/24
Signature Algorithm: sha256WithRSAEncryption
18:2f:aa:46:f8:70:08:fa:e8:dc:0b:aa:57:62:7a:17:3c:38:
9e:4e:b0:c1:85:67:7b:4b:f4:19:4b:61:86:60:ab:07:f8:24:
17:51:a1:de:67:f8:63:a3:06:34:e4:1e:f1:0c:12:f5:90:64:
aa:1b:e4:39:3a:bd:3a:7f:a9:6b:60:2e:16:1a:ca:67:bc:73:
06:61:d4:12:d2:af:74:36:4f:16:8e:ae:cd:c3:7c:71:84:32:
31:dd:bf:68:11:4c:b5:e1:27:b0:53:e2:29:a1:60:4a:f0:56:
d7:5a:ec:ad:f5:ef:24:b0:75:10:6e:5a:65:87:ea:c3:42:fc:
8e:4d:e5:52:c4:60:b6:27:f4:d6:3e:58:f4:0e:4d:d6:12:4b:
71:af:56:5f:8b:12:c0:ea:f4:8f:c0:f1:27:4f:fc:67:ee:47:
c6:51:b7:96:7a:cc:b2:d7:58:9d:dd:3d:66:31:03:53:d3:6a:
e6:a0:d0:7b:67:1e:46:38:02:f1:f0:d3:e9:0f:27:69:f8:da:
a1:fe:c6:89:ee:36:a6:e4:cf:18:08:18:df:02:3a:47:13:35:
a2:50:64:80:c2:ae:56:9e:4b:d9:4b:34:f7:0f:7f:ff:76:24:
d5:48:0f:f3:2d:80:5b:a9:27:a7:4f:f1:69:01:cf:a3:9b:66:
39:c3:3f:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0T1+6qweKi/qvaNuTA/q1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNmZDZhNjJlNjFjNjA4YTY4YTkxZmYyM2ZmZDhiMzY3MzkxMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi2h17SKNiQ9+Uv8RGkEyvFS9yzr
KV9ThRvjUFmR6TO5Wh/I1Z7IMR+m5c960UJAKv7UXnPL2Vs3H6+5hIRgMjAV06Uu
MuTPiblguAUN2F5ppxJ3lCNZeAVhExikK96HGUWRM6qJK8L9w+10xLmnMn77WTaJ
2qK18RdyVSulMJtYLWY25YPeTLvK5BIKgIVqfUKxLO9CED4ilF4dx02Nzh9LwUEU
GC7DKf28RfgiXINxNDGnJ3TdZNPdaxIU4pOREdOlXOuFRQ7rUrFeNo2/bO1gaCPl
3vej3m9F/IupzNp+pjDcH1jfscFVkcEqqYj3A5Irs9Jk1eZej1HAqS3FiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDP1qYuYcYIpoqR/yP/2LNnORH9MB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEva01fV3BpNWh4Z2ltaXBIX0lfX1lzMmM1RWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvECMMA0G
CSqGSIb3DQEBCwUAA4IBAQAYL6pG+HAI+ujcC6pXYnoXPDieTrDBhWd7S/QZS2GG
YKsH+CQXUaHeZ/hjowY05B7xDBL1kGSqG+Q5Or06f6lrYC4WGspnvHMGYdQS0q90
Nk8Wjq7Nw3xxhDIx3b9oEUy14SewU+IpoWBK8FbXWuyt9e8ksHUQblplh+rDQvyO
TeVSxGC2J/TWPlj0Dk3WEktxr1ZfixLA6vSPwPEnT/xn7kfGUbeWesyy11id3T1m
MQNT02rmoNB7Zx5GOALx8NPpDydp+Nqh/saJ7jam5M8YCBjfAjpHEzWiUGSAwq5W
nkvZSzT3D3//diTVSA/zLYBbqSenT/FpAc+jm2Y5wz9m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:27 2024 by rpki-client on console-fra.rpki-client.org