Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/T_t661bCYLw7fv-NWHBYahq_jF4.roa
File: T_t661bCYLw7fv-NWHBYahq_jF4.roa (raw, json)
Hash identifier: oLn4cLLJQ8m+MlOl5L0VA1MdOv7PHg3oBhT32EhkcGI=
Subject key identifier: 4F:FB:7A:EB:56:C2:60:BC:3B:7E:FF:8D:58:70:58:6A:1A:BF:8C:5E
Certificate issuer: /CN=f4e018fddfd422517c3069e75658657b40e73601
Certificate serial: 018E669A06D695DC6768630CE190D9D29936
Authority key identifier: F4:E0:18:FD:DF:D4:22:51:7C:30:69:E7:56:58:65:7B:40:E7:36:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OAY_d_UIlF8MGnnVlhle0DnNgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/T_t661bCYLw7fv-NWHBYahq_jF4.roa
Signing time: Fri 22 Mar 2024 14:39:14 +0000
ROA not before: Fri 22 Mar 2024 14:39:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207291
IP address blocks: 141.136.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:9a:06:d6:95:dc:67:68:63:0c:e1:90:d9:d2:99:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e018fddfd422517c3069e75658657b40e73601
Validity
Not Before: Mar 22 14:39:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ffb7aeb56c260bc3b7eff8d5870586a1abf8c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fe:72:d1:a8:d6:97:c2:40:0d:5c:6f:05:92:
44:74:fe:46:5c:dc:a3:99:d4:4a:99:52:da:a5:a4:
9c:7b:16:06:d4:73:b4:ed:72:62:d6:95:59:3d:2e:
51:de:71:97:70:79:79:36:28:18:94:d2:17:66:ea:
f9:52:a6:2e:3e:c7:c8:d4:8c:06:6c:bd:49:f6:80:
b9:47:5b:4b:0b:a2:bf:d5:6c:a1:95:6c:c2:aa:e4:
ff:47:20:c3:24:bb:cd:dd:6d:7c:1f:22:ff:38:de:
1e:65:b9:da:44:03:34:e9:16:0a:e9:1e:5f:a9:93:
2b:d9:2f:bd:af:12:16:17:e8:dc:9e:32:7d:bd:9b:
5f:56:4d:cb:2a:82:77:63:64:93:d9:47:7b:31:70:
2b:69:1c:41:e3:e5:6f:11:5c:68:e1:6a:a1:b9:f6:
86:c4:0d:de:46:7d:5a:7e:0e:72:e1:a2:73:0d:86:
5a:69:5f:64:cc:41:24:b9:df:96:15:eb:56:5d:1a:
65:07:0e:39:ef:56:95:08:75:b0:50:bf:92:4d:b6:
6b:06:3b:1e:2d:f9:6b:43:19:13:0a:83:84:9c:bc:
48:ca:c7:ac:b1:86:76:b4:a3:96:1c:41:29:ea:fd:
b8:7e:fb:85:cd:e7:73:7c:97:90:79:92:7f:fd:2c:
60:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FB:7A:EB:56:C2:60:BC:3B:7E:FF:8D:58:70:58:6A:1A:BF:8C:5E
X509v3 Authority Key Identifier:
keyid:F4:E0:18:FD:DF:D4:22:51:7C:30:69:E7:56:58:65:7B:40:E7:36:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OAY_d_UIlF8MGnnVlhle0DnNgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/T_t661bCYLw7fv-NWHBYahq_jF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/9OAY_d_UIlF8MGnnVlhle0DnNgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.136.38.0/24
Signature Algorithm: sha256WithRSAEncryption
24:fe:a1:65:69:7f:4c:3e:99:35:b1:1e:74:fa:89:17:36:49:
5a:ea:fe:64:ba:83:d6:cf:c0:f8:f1:16:d0:3e:31:e2:4d:d8:
26:53:1d:9c:c2:5d:d1:18:b9:86:0b:58:69:b1:89:6a:28:1d:
8e:48:bd:d9:66:bb:38:96:c3:28:0a:57:b0:63:5f:52:f0:5d:
2d:f6:15:3d:7f:3c:02:38:18:b4:69:c8:74:41:82:87:e4:ba:
f4:06:0c:cc:b8:65:db:76:61:82:b4:61:2d:57:a5:36:65:d2:
97:9f:66:6a:78:0a:2d:30:3a:88:72:9f:9f:1e:3e:d5:27:a5:
69:3c:d4:b2:5b:12:93:a4:37:be:08:87:9c:b6:ba:10:03:d3:
8f:ed:65:83:39:23:45:31:81:68:2c:d9:82:fa:61:05:95:66:
56:37:a9:28:34:15:b4:78:16:3d:aa:c0:e2:c0:1e:20:32:3a:
80:bf:51:3f:05:b5:a5:aa:d5:ed:cc:7a:31:d3:8c:79:be:43:
a5:18:5d:62:b7:4d:f4:fd:58:d0:93:b8:64:ac:5c:e1:aa:fb:
31:d8:b3:dd:23:eb:26:45:64:4c:b6:59:0f:77:b9:ae:0d:56:
47:a2:a3:eb:bc:3a:35:3d:01:aa:45:02:81:4b:11:3a:2d:90:
13:31:f9:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5mmgbWldxnaGMM4ZDZ0pk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTAxOGZkZGZkNDIyNTE3YzMwNjllNzU2NTg2NTdiNDBl
NzM2MDEwHhcNMjQwMzIyMTQzOTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZiN2FlYjU2YzI2MGJjM2I3ZWZmOGQ1ODcwNTg2YTFhYmY4YzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/5y0ajWl8JADVxvBZJEdP5GXNyj
mdRKmVLapaScexYG1HO07XJi1pVZPS5R3nGXcHl5NigYlNIXZur5UqYuPsfI1IwG
bL1J9oC5R1tLC6K/1WyhlWzCquT/RyDDJLvN3W18HyL/ON4eZbnaRAM06RYK6R5f
qZMr2S+9rxIWF+jcnjJ9vZtfVk3LKoJ3Y2ST2Ud7MXAraRxB4+VvEVxo4WqhufaG
xA3eRn1afg5y4aJzDYZaaV9kzEEkud+WFetWXRplBw4571aVCHWwUL+STbZrBjse
LflrQxkTCoOEnLxIysessYZ2tKOWHEEp6v24fvuFzedzfJeQeZJ//Sxg5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/7eutWwmC8O37/jVhwWGoav4xeMB8GA1UdIwQY
MBaAFPTgGP3f1CJRfDBp51ZYZXtA5zYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9BWV9kX1VJbEY4TUdublZsaGxlMERuTmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hZDZmNWYtNTNiNS00ZTA3LTk0YjQt
NzBmOTRkNWVlNWZjLzEvVF90NjYxYkNZTHc3ZnYtTldIQllhaHFfakY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hZDZmNWYtNTNiNS00ZTA3LTk0YjQtNzBmOTRkNWVlNWZj
LzEvOU9BWV9kX1VJbEY4TUdublZsaGxlMERuTmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjYgmMA0G
CSqGSIb3DQEBCwUAA4IBAQAk/qFlaX9MPpk1sR50+okXNkla6v5kuoPWz8D48RbQ
PjHiTdgmUx2cwl3RGLmGC1hpsYlqKB2OSL3ZZrs4lsMoClewY19S8F0t9hU9fzwC
OBi0ach0QYKH5Lr0BgzMuGXbdmGCtGEtV6U2ZdKXn2ZqeAotMDqIcp+fHj7VJ6Vp
PNSyWxKTpDe+CIectroQA9OP7WWDOSNFMYFoLNmC+mEFlWZWN6koNBW0eBY9qsDi
wB4gMjqAv1E/BbWlqtXtzHox04x5vkOlGF1it030/VjQk7hkrFzhqvsx2LPdI+sm
RWRMtlkPd7muDVZHoqPrvDo1PQGqRQKBSxE6LZATMfkF
-----END CERTIFICATE-----
Generated at Fri Jun 14 09:35:07 2024 by rpki-client on console-fra.rpki-client.org