Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/HMLIP0nGCRWnX9W7xR5V8-rboHg.roa
File: HMLIP0nGCRWnX9W7xR5V8-rboHg.roa (raw, json)
Hash identifier: HP3Vml8MmR8LffjqH0TpdeHuW0Af5XvY/Bp4lrQGlD8=
Subject key identifier: 1C:C2:C8:3F:49:C6:09:15:A7:5F:D5:BB:C5:1E:55:F3:EA:DB:A0:78
Certificate issuer: /CN=8387c219c9841ebafaa3d40806c984f9f3e4e461
Certificate serial: 018CC726CB3E168297E92ED17A187AC29E95
Authority key identifier: 83:87:C2:19:C9:84:1E:BA:FA:A3:D4:08:06:C9:84:F9:F3:E4:E4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g4fCGcmEHrr6o9QIBsmE-fPk5GE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/HMLIP0nGCRWnX9W7xR5V8-rboHg.roa
Signing time: Mon 01 Jan 2024 22:30:57 +0000
ROA not before: Mon 01 Jan 2024 22:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196944
IP address blocks: 193.105.142.0/24 maxlen: 24
2001:678:fc0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:cb:3e:16:82:97:e9:2e:d1:7a:18:7a:c2:9e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8387c219c9841ebafaa3d40806c984f9f3e4e461
Validity
Not Before: Jan 1 22:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cc2c83f49c60915a75fd5bbc51e55f3eadba078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3d:8d:d0:63:48:76:65:02:4d:34:57:14:35:
da:7d:25:97:88:91:a2:f6:ee:b1:da:1f:79:9a:3f:
51:a9:61:5c:fa:19:f6:c3:87:22:63:89:fd:dc:a4:
2a:b0:89:31:99:d3:d1:76:0d:f6:db:d6:3a:2c:8e:
b4:61:3e:53:f3:25:62:a8:a0:b2:ab:d9:2b:f9:07:
d9:2d:bb:8f:2a:78:1c:d0:f8:22:d5:1d:71:9a:72:
d7:a5:36:94:b0:65:ff:0a:9d:9e:e0:bd:10:23:1c:
ad:ab:43:84:47:bc:31:61:6b:db:e1:1d:71:d7:c8:
e6:40:3c:44:9f:5f:65:9e:e9:bb:f7:e2:78:d1:b3:
c1:9a:f9:ae:b8:ac:9e:c4:e0:5e:47:bf:21:6d:8f:
bb:11:4b:05:a3:82:9e:e7:ae:9c:5e:e6:af:50:56:
60:46:0e:97:3d:6e:c3:64:6c:f7:87:b6:52:b8:cb:
40:72:a2:4c:45:73:78:d3:4c:64:05:e2:a5:e6:bf:
78:2c:de:4a:ec:af:e7:48:0a:20:b8:e9:f6:6c:dc:
de:68:72:81:02:47:ca:b4:7e:3c:33:ca:f4:b4:90:
71:74:94:36:08:e2:10:b4:bb:d4:81:fa:a7:c3:f8:
b1:37:7f:35:0e:73:91:b9:4a:b8:59:ad:a8:cc:7c:
4d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C2:C8:3F:49:C6:09:15:A7:5F:D5:BB:C5:1E:55:F3:EA:DB:A0:78
X509v3 Authority Key Identifier:
keyid:83:87:C2:19:C9:84:1E:BA:FA:A3:D4:08:06:C9:84:F9:F3:E4:E4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g4fCGcmEHrr6o9QIBsmE-fPk5GE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/HMLIP0nGCRWnX9W7xR5V8-rboHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/g4fCGcmEHrr6o9QIBsmE-fPk5GE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.142.0/24
IPv6:
2001:678:fc0::/48
Signature Algorithm: sha256WithRSAEncryption
10:c0:35:67:c4:f4:13:9d:46:60:e1:86:29:98:fe:15:9c:53:
36:ca:09:f4:90:4c:d8:b6:bc:2f:33:20:4e:b9:6e:cb:dc:b1:
a8:70:39:c5:27:be:d1:3a:e9:4c:78:c0:9d:0f:0f:7e:98:20:
43:c1:d7:76:00:9f:34:57:92:cd:d4:1c:41:1e:51:8a:ab:03:
23:11:99:73:b9:13:51:dd:0f:13:bd:08:60:47:30:94:06:c6:
63:8e:2e:35:af:46:ac:61:40:2b:bc:0b:26:d0:87:56:b1:fe:
cc:e1:f7:f2:87:9b:f4:83:cb:39:c8:02:80:11:2d:e1:05:b5:
e1:f7:95:f1:db:76:2b:cf:55:e8:d5:0d:79:9d:0e:59:c7:a5:
32:5d:ef:20:b6:df:b3:cf:e4:e6:33:06:12:22:f8:4e:ab:12:
e5:c1:ea:78:f8:1f:cb:ce:02:c6:7e:9d:ff:93:b4:a4:5b:43:
7a:67:fc:27:76:27:fe:90:e2:87:5a:73:98:5a:53:5e:a0:4e:
58:24:d0:d1:5f:95:5a:b4:3f:52:98:79:35:14:ef:c8:71:38:
9d:bb:4d:ff:4f:58:2d:9c:72:de:f9:17:90:71:b4:b4:56:dc:
9a:da:5b:48:e8:c6:77:54:5e:f7:3c:f4:bb:4c:08:d9:d0:20:
55:47:35:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJss+FoKX6S7Rehh6wp6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzODdjMjE5Yzk4NDFlYmFmYWEzZDQwODA2Yzk4NGY5ZjNl
NGU0NjEwHhcNMjQwMTAxMjIzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2MyYzgzZjQ5YzYwOTE1YTc1ZmQ1YmJjNTFlNTVmM2VhZGJhMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgT2N0GNIdmUCTTRXFDXafSWXiJGi
9u6x2h95mj9RqWFc+hn2w4ciY4n93KQqsIkxmdPRdg3229Y6LI60YT5T8yViqKCy
q9kr+QfZLbuPKngc0Pgi1R1xmnLXpTaUsGX/Cp2e4L0QIxytq0OER7wxYWvb4R1x
18jmQDxEn19lnum79+J40bPBmvmuuKyexOBeR78hbY+7EUsFo4Ke566cXuavUFZg
Rg6XPW7DZGz3h7ZSuMtAcqJMRXN400xkBeKl5r94LN5K7K/nSAoguOn2bNzeaHKB
AkfKtH48M8r0tJBxdJQ2COIQtLvUgfqnw/ixN381DnORuUq4Wa2ozHxNZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBzCyD9JxgkVp1/Vu8UeVfPq26B4MB8GA1UdIwQY
MBaAFIOHwhnJhB66+qPUCAbJhPnz5ORhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzRmQ0djbUVIcnI2bzlRSUJzbUUtZlBrNUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lZDMwNTQtMGE5Ny00OTdjLTk3MDMt
YmM5MWMwNjcwZDAzLzEvSE1MSVAwbkdDUlduWDlXN3hSNVY4LXJib0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lZDMwNTQtMGE5Ny00OTdjLTk3MDMtYmM5MWMwNjcwZDAz
LzEvZzRmQ0djbUVIcnI2bzlRSUJzbUUtZlBrNUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwWmOMA8E
AgACMAkDBwAgAQZ4D8AwDQYJKoZIhvcNAQELBQADggEBABDANWfE9BOdRmDhhimY
/hWcUzbKCfSQTNi2vC8zIE65bsvcsahwOcUnvtE66Ux4wJ0PD36YIEPB13YAnzRX
ks3UHEEeUYqrAyMRmXO5E1HdDxO9CGBHMJQGxmOOLjWvRqxhQCu8CybQh1ax/szh
9/KHm/SDyznIAoARLeEFteH3lfHbdivPVejVDXmdDlnHpTJd7yC237PP5OYzBhIi
+E6rEuXB6nj4H8vOAsZ+nf+TtKRbQ3pn/Cd2J/6Q4odac5haU16gTlgk0NFflVq0
P1KYeTUU78hxOJ27Tf9PWC2cct75F5BxtLRW3JraW0joxndUXvc89LtMCNnQIFVH
Na4=
-----END CERTIFICATE-----
Generated at Thu Jun 20 12:17:53 2024 by rpki-client on console-ams.rpki-client.org