Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/QmdsJ5fvjKXj7xOhGDg9fIXPRy8.roa
File: QmdsJ5fvjKXj7xOhGDg9fIXPRy8.roa (raw, json)
Hash identifier: 0rHqDKnh0zVUYhTeI1U1MyxZebFoXtE0ICeIfLbQ8fU=
Subject key identifier: 42:67:6C:27:97:EF:8C:A5:E3:EF:13:A1:18:38:3D:7C:85:CF:47:2F
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 018AEFC6D5AC5C2C152D5DBBF85A79C3DB75
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/QmdsJ5fvjKXj7xOhGDg9fIXPRy8.roa
Signing time: Mon 02 Oct 2023 09:44:59 +0000
ROA not before: Mon 02 Oct 2023 09:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 82.206.32.0/21 maxlen: 24
82.206.40.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:c6:d5:ac:5c:2c:15:2d:5d:bb:f8:5a:79:c3:db:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Oct 2 09:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42676c2797ef8ca5e3ef13a118383d7c85cf472f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e5:7f:6a:83:96:ba:a0:24:07:16:5c:9b:cc:
96:88:92:d8:7b:b6:ac:1e:b9:af:59:36:ab:0e:4c:
0b:e6:08:a7:43:06:db:71:6a:bc:d7:e0:6d:6a:e1:
6a:63:b4:23:32:51:a0:bd:34:7b:bd:6e:63:2a:ef:
01:ff:c6:66:6d:2c:94:3a:a6:99:9d:88:36:1d:4e:
ce:c5:e1:3e:b8:c2:9f:4c:b7:68:d5:ff:ff:47:f2:
2d:20:97:30:e0:f6:01:a4:8e:54:1b:de:97:a6:cc:
ca:b1:5f:e7:aa:78:e2:f8:08:fe:71:bd:20:92:b8:
8c:e1:4a:20:59:4f:27:fd:e3:04:00:14:48:40:76:
1a:bf:a7:46:a8:c5:71:a9:ae:90:7f:40:32:23:8d:
71:4a:f3:ec:3d:84:64:e6:4c:e7:e8:58:3a:de:ff:
6e:96:7b:b6:a4:0e:4d:79:f8:eb:eb:0d:33:5e:9b:
82:ab:38:45:38:61:d9:be:ab:23:7b:46:a9:7b:d9:
5a:bb:ae:78:01:5d:f8:84:e8:74:5b:65:43:64:2d:
7a:90:6c:cc:dc:76:34:19:7f:25:9a:07:ad:6e:15:
0d:3d:11:6d:5d:5f:f0:d8:60:08:ae:a5:06:9f:dc:
f4:2f:8f:6a:ea:9f:ae:2e:a4:ee:2a:3e:d7:16:b3:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:67:6C:27:97:EF:8C:A5:E3:EF:13:A1:18:38:3D:7C:85:CF:47:2F
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/QmdsJ5fvjKXj7xOhGDg9fIXPRy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.32.0/20
Signature Algorithm: sha256WithRSAEncryption
29:3d:52:ad:e9:8c:b0:9b:05:c1:06:9c:5e:6e:a1:91:59:12:
a3:c3:0e:cf:e8:8f:3f:67:b0:6e:8c:1e:f6:bc:23:95:42:3e:
06:57:ee:1f:c2:53:cf:c7:a3:6f:bc:85:dc:bd:61:e1:98:72:
27:b8:a5:69:5a:04:a7:18:fd:5e:a4:b3:ac:4d:b0:fe:2a:6d:
1d:09:1b:0e:f0:33:90:d5:07:f0:6d:c1:83:b8:20:cd:3b:57:
0c:9b:d3:80:b9:78:1c:72:6b:77:4d:97:a2:41:07:1f:e1:56:
6e:79:4d:79:95:1d:42:97:9b:ac:7a:80:57:cd:6e:7c:cf:45:
56:a8:2a:cf:5d:84:02:d8:e5:77:2b:46:c8:1c:e9:2e:b6:7b:
76:45:8b:8e:81:1c:49:32:30:0e:f2:3b:0e:45:f9:5a:e9:97:
31:cc:70:7c:52:da:ad:0a:b7:40:54:a9:ad:bd:c8:35:ef:c6:
99:79:0c:af:01:f2:84:be:09:49:ff:6e:b1:b8:23:50:2f:2e:
fa:32:d5:c5:28:9c:62:7b:e5:79:47:86:3f:63:cc:9e:fe:cb:
cc:8f:e5:4c:9e:03:dc:3d:0a:d3:1a:be:fb:da:f8:48:b8:31:
fe:c7:56:34:7a:cb:16:8a:93:43:0c:fb:bf:ae:7e:b1:4c:38:
52:cd:76:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrvxtWsXCwVLV27+Fp5w9t1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjMxMDAyMDk0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY3NmMyNzk3ZWY4Y2E1ZTNlZjEzYTExODM4M2Q3Yzg1Y2Y0NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+V/aoOWuqAkBxZcm8yWiJLYe7as
HrmvWTarDkwL5ginQwbbcWq81+BtauFqY7QjMlGgvTR7vW5jKu8B/8ZmbSyUOqaZ
nYg2HU7OxeE+uMKfTLdo1f//R/ItIJcw4PYBpI5UG96XpszKsV/nqnji+Aj+cb0g
kriM4UogWU8n/eMEABRIQHYav6dGqMVxqa6Qf0AyI41xSvPsPYRk5kzn6Fg63v9u
lnu2pA5Nefjr6w0zXpuCqzhFOGHZvqsje0ape9lau654AV34hOh0W2VDZC16kGzM
3HY0GX8lmgetbhUNPRFtXV/w2GAIrqUGn9z0L49q6p+uLqTuKj7XFrMjKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJnbCeX74yl4+8ToRg4PXyFz0cvMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvUW1kc0o1ZnZqS1hqN3hPaEdEZzlmSVhQUnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUs4gMA0G
CSqGSIb3DQEBCwUAA4IBAQApPVKt6YywmwXBBpxebqGRWRKjww7P6I8/Z7BujB72
vCOVQj4GV+4fwlPPx6NvvIXcvWHhmHInuKVpWgSnGP1epLOsTbD+Km0dCRsO8DOQ
1QfwbcGDuCDNO1cMm9OAuXgccmt3TZeiQQcf4VZueU15lR1Cl5useoBXzW58z0VW
qCrPXYQC2OV3K0bIHOkutnt2RYuOgRxJMjAO8jsORfla6ZcxzHB8UtqtCrdAVKmt
vcg178aZeQyvAfKEvglJ/26xuCNQLy76MtXFKJxie+V5R4Y/Y8ye/svMj+VMngPc
PQrTGr772vhIuDH+x1Y0essWipNDDPu/rn6xTDhSzXa9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:03 2024 by rpki-client on console-ams.rpki-client.org