Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lV5fraTY2WgQ2c4T3vIYNyGYF3Y.roa
File: lV5fraTY2WgQ2c4T3vIYNyGYF3Y.roa (raw, json)
Hash identifier: QmhWmS7r3bE+Eda4yjpDi8pqDul2pTFFR8B/ST512HY=
Subject key identifier: 95:5E:5F:AD:A4:D8:D9:68:10:D9:CE:13:DE:F2:18:37:21:98:17:76
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 418D3A1E
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lV5fraTY2WgQ2c4T3vIYNyGYF3Y.roa
Signing time: Sat 01 Jan 2022 10:06:01 +0000
ROA not before: Sat 01 Jan 2022 10:06:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48456
IP address blocks: 188.208.197.0/24 maxlen: 24
188.208.196.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1099774494 (0x418d3a1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 10:06:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=955e5fada4d8d96810d9ce13def2183721981776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:14:c8:f3:c9:d0:21:83:03:76:02:ae:4c:2a:
0f:d9:02:69:79:e5:de:2c:b0:90:18:a7:cb:76:cf:
d2:e6:8f:47:de:85:9c:b6:cc:69:a7:60:a3:98:17:
18:bb:c5:61:1a:16:5d:81:1e:36:f2:3c:d7:38:f6:
53:54:3f:2c:87:fd:c9:67:69:6e:f9:d4:ed:3f:30:
4f:14:f3:39:ca:11:be:b1:ab:32:cf:54:7f:44:f4:
4c:6c:69:36:6a:c4:d1:15:58:6d:d0:e5:06:03:b3:
cb:5d:02:a3:ee:79:e2:18:0f:a2:47:71:cf:56:a0:
0c:c0:d3:87:e5:2b:42:c8:ec:88:0d:69:7b:d9:9d:
99:c0:fc:a8:81:10:93:91:58:8d:72:93:75:bc:ff:
b8:79:a2:3e:fa:5e:0a:d0:c7:df:b7:68:ea:50:91:
1d:ea:a5:1e:d2:a3:2b:8b:40:3f:5f:74:cf:be:ad:
98:62:e8:5f:c1:01:d1:4f:b4:a3:e1:e8:5d:9a:ef:
a9:09:10:e9:2a:6c:ad:8c:68:6f:c0:04:4d:16:25:
85:e4:62:46:01:e3:26:3e:06:ba:e5:45:08:d3:5f:
73:8b:59:39:43:3c:4b:dc:d4:7c:31:2d:2d:86:73:
75:5f:20:c3:b7:ef:29:11:b9:e0:19:32:13:ac:9b:
08:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5E:5F:AD:A4:D8:D9:68:10:D9:CE:13:DE:F2:18:37:21:98:17:76
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lV5fraTY2WgQ2c4T3vIYNyGYF3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
Signature Algorithm: sha256WithRSAEncryption
22:28:7b:d8:22:3f:31:e0:fa:d2:ce:c5:aa:19:fd:bd:2a:9f:
b7:31:69:57:b8:9e:cb:8b:f8:49:0d:34:50:09:4c:a5:c1:b5:
9c:8d:ac:c4:ec:3d:f9:6f:f3:46:38:b4:43:ca:e5:eb:04:88:
40:02:a1:92:8f:d1:9e:f7:44:25:58:d0:b5:90:63:9b:39:88:
4e:6e:70:98:ef:2e:08:34:ee:b4:29:47:79:04:18:68:20:6f:
e9:56:bc:42:91:2b:d5:d1:9f:d7:3c:f7:f1:9f:d6:9a:e9:0e:
01:9c:88:ce:82:bf:61:30:7b:0e:ae:b8:20:da:d6:db:f9:36:
dc:72:1a:74:1d:ae:d8:4e:07:7d:15:21:85:2b:7e:8c:96:d9:
19:5a:bd:5a:f6:cd:82:3f:a9:07:5c:35:11:87:c9:20:58:4f:
46:de:a7:c6:76:c3:f1:d0:83:97:80:95:ff:53:b4:9a:62:29:
49:e1:d4:65:f5:ef:38:35:1f:34:08:e1:36:27:57:73:3e:9a:
3a:71:6f:de:82:f1:e9:f0:8a:8b:2f:ba:d3:2d:59:96:74:33:
ba:b6:6d:8b:02:4c:0c:a8:0d:5a:f6:b1:54:35:8d:7d:7e:05:
bd:7b:d3:68:f0:6c:89:cc:72:93:4e:e3:4f:f2:da:0b:0b:92:
45:d6:49:f8
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQY06HjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDEw
MTEwMDYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU1ZTVmYWRhNGQ4
ZDk2ODEwZDljZTEzZGVmMjE4MzcyMTk4MTc3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUUyPPJ0CGDA3YCrkwqD9kCaXnl3iywkBiny3bP0uaPR96F
nLbMaadgo5gXGLvFYRoWXYEeNvI81zj2U1Q/LIf9yWdpbvnU7T8wTxTzOcoRvrGr
Ms9Uf0T0TGxpNmrE0RVYbdDlBgOzy10Co+554hgPokdxz1agDMDTh+UrQsjsiA1p
e9mdmcD8qIEQk5FYjXKTdbz/uHmiPvpeCtDH37do6lCRHeqlHtKjK4tAP190z76t
mGLoX8EB0U+0o+HoXZrvqQkQ6SpsrYxob8AETRYlheRiRgHjJj4GuuVFCNNfc4tZ
OUM8S9zUfDEtLYZzdV8gw7fvKRG54BkyE6ybCAUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSVXl+tpNjZaBDZzhPe8hg3IZgXdjAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9sVjVmcmFUWTJXZ1EyYzRUM3ZJWU55R1lGM1kucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNDEMA0GCSqGSIb3DQEBCwUA
A4IBAQAiKHvYIj8x4PrSzsWqGf29Kp+3MWlXuJ7Li/hJDTRQCUylwbWcjazE7D35
b/NGOLRDyuXrBIhAAqGSj9Ge90QlWNC1kGObOYhObnCY7y4INO60KUd5BBhoIG/p
VrxCkSvV0Z/XPPfxn9aa6Q4BnIjOgr9hMHsOrrgg2tbb+Tbcchp0Ha7YTgd9FSGF
K36MltkZWr1a9s2CP6kHXDURh8kgWE9G3qfGdsPx0IOXgJX/U7SaYilJ4dRl9e84
NR80COE2J1dzPpo6cW/egvHp8IqLL7rTLVmWdDO6tm2LAkwMqA1a9rFUNY19fgW9
e9No8GyJzHKTTuNP8toLC5JF1kn4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org