Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/XN9rOWYmW8zCPuG0QIcXHbuI9BM.roa
File: XN9rOWYmW8zCPuG0QIcXHbuI9BM.roa (raw, json)
Hash identifier: xbhDOLWQyQG74U2iCarUk5tWde7//3BjJ2dP44A9k60=
Subject key identifier: 5C:DF:6B:39:66:26:5B:CC:C2:3E:E1:B4:40:87:17:1D:BB:88:F4:13
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 019179856AC6CFB48A8DFAB5EBDA277E4476
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/XN9rOWYmW8zCPuG0QIcXHbuI9BM.roa
Signing time: Thu 22 Aug 2024 09:57:52 +0000
ROA not before: Thu 22 Aug 2024 09:57:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3920
IP address blocks: 185.209.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:79:85:6a:c6:cf:b4:8a:8d:fa:b5:eb:da:27:7e:44:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Aug 22 09:57:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cdf6b3966265bccc23ee1b44087171dbb88f413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:87:2e:7e:c8:15:50:37:24:c5:85:9a:e2:6b:
97:fc:d3:99:7f:6a:a8:3c:a1:75:9c:1e:f6:73:bb:
e6:7e:22:d9:16:ba:c4:70:da:79:c3:10:30:1a:ff:
49:3e:a1:dc:31:b6:48:61:35:10:2c:13:f0:19:4c:
2b:6b:89:11:dd:dd:a8:4c:d5:58:f7:f3:6d:87:3c:
14:c0:63:de:c9:42:26:d4:56:e5:c5:c4:19:39:4e:
2e:ec:a9:20:5f:95:80:f8:91:74:a5:7b:50:4a:5b:
df:06:c5:27:e6:d0:3e:e5:97:01:3c:45:92:38:b1:
0f:84:f6:ea:61:67:43:b8:da:54:24:62:f4:a5:21:
7b:1a:9c:1d:01:67:ae:a6:e2:bb:a8:80:4b:f9:60:
a4:63:b1:0f:9b:2d:51:5f:6c:1e:b6:79:ab:ed:6b:
a8:30:65:09:12:c9:d3:81:50:ca:3b:22:7e:ae:4e:
50:23:52:00:68:1a:b5:ef:c8:57:e6:82:04:dd:ad:
75:3d:69:1d:ab:01:48:07:89:3d:a7:0b:12:e8:2c:
0f:c0:c8:71:f4:d9:e1:da:a7:5a:8f:30:59:64:cb:
2c:9d:45:2e:73:97:19:3c:91:d8:62:b5:b6:1f:35:
f8:4d:5d:a3:5f:ba:e9:18:aa:cb:04:42:97:75:58:
45:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DF:6B:39:66:26:5B:CC:C2:3E:E1:B4:40:87:17:1D:BB:88:F4:13
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/XN9rOWYmW8zCPuG0QIcXHbuI9BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.15.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:62:35:88:a6:5c:40:d7:d2:f7:ef:27:4f:98:10:97:c5:99:
5f:17:7b:1c:53:64:9e:91:e9:9c:fa:74:6a:42:02:a8:11:47:
7b:cc:05:26:55:0b:e0:48:c5:ae:0d:ab:1b:f7:8e:9b:f8:e5:
49:16:9f:32:fc:91:56:92:40:d9:bd:fc:22:16:b3:64:21:40:
6b:32:23:a1:72:39:f2:74:b0:50:53:f1:ce:d3:27:aa:5b:76:
11:2f:28:1b:d9:d1:5e:57:7d:e9:a2:18:9a:88:fe:2b:ce:b3:
82:6e:37:a9:24:ec:7b:80:66:c8:df:06:cf:a0:bd:4c:cf:90:
62:84:ce:3e:71:db:bc:ec:a9:eb:04:76:0f:27:2d:00:c7:95:
14:88:47:18:32:5f:f7:f6:ac:9d:c5:c8:d7:7a:31:b6:ce:b6:
a4:07:0f:c5:d9:c1:bb:9d:75:52:26:af:d2:41:f5:f2:ca:27:
07:8a:af:ac:cc:b7:a0:d8:f8:58:2a:c6:2e:9e:59:eb:5c:40:
5a:da:c1:a9:c1:ee:2c:c7:ae:1d:b2:fa:91:c0:b0:83:e4:f5:
27:ab:d8:16:4b:de:75:be:ee:3b:4c:db:20:77:54:45:e5:79:
bd:39:78:20:98:ad:d3:aa:25:7f:c6:7c:a3:bc:e8:61:91:91:
6b:50:56:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZF5hWrGz7SKjfq169onfkR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2UyYTQ2ZTM0ZjQ5MTQzM2M4YjYyZjMxOWI5MDJiZGRm
ZGU4MzEwHhcNMjQwODIyMDk1NzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RmNmIzOTY2MjY1YmNjYzIzZWUxYjQ0MDg3MTcxZGJiODhmNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYcufsgVUDckxYWa4muX/NOZf2qo
PKF1nB72c7vmfiLZFrrEcNp5wxAwGv9JPqHcMbZIYTUQLBPwGUwra4kR3d2oTNVY
9/NthzwUwGPeyUIm1FblxcQZOU4u7KkgX5WA+JF0pXtQSlvfBsUn5tA+5ZcBPEWS
OLEPhPbqYWdDuNpUJGL0pSF7GpwdAWeupuK7qIBL+WCkY7EPmy1RX2wetnmr7Wuo
MGUJEsnTgVDKOyJ+rk5QI1IAaBq178hX5oIE3a11PWkdqwFIB4k9pwsS6CwPwMhx
9Nnh2qdajzBZZMssnUUuc5cZPJHYYrW2HzX4TV2jX7rpGKrLBEKXdVhFSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzfazlmJlvMwj7htECHFx27iPQTMB8GA1UdIwQY
MBaAFMZ+KkbjT0kUM8i2LzGbkCvd/egxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQt
MDY2ODY2ZjJkZWQwLzEvWE45ck9XWW1XOHpDUHVHMFFJY1hIYnVJOUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQtMDY2ODY2ZjJkZWQw
LzEveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudEPMA0G
CSqGSIb3DQEBCwUAA4IBAQBPYjWIplxA19L37ydPmBCXxZlfF3scU2Sekemc+nRq
QgKoEUd7zAUmVQvgSMWuDasb946b+OVJFp8y/JFWkkDZvfwiFrNkIUBrMiOhcjny
dLBQU/HO0yeqW3YRLygb2dFeV33pohiaiP4rzrOCbjepJOx7gGbI3wbPoL1Mz5Bi
hM4+cdu87KnrBHYPJy0Ax5UUiEcYMl/39qydxcjXejG2zrakBw/F2cG7nXVSJq/S
QfXyyicHiq+szLeg2PhYKsYunlnrXEBa2sGpwe4sx64dsvqRwLCD5PUnq9gWS951
vu47TNsgd1RF5Xm9OXggmK3TqiV/xnyjvOhhkZFrUFb2
-----END CERTIFICATE-----
Generated at Fri Aug 23 12:55:04 2024 by rpki-client on console-ams.rpki-client.org