Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/cfUN1ozHovJqBe9MuL4ht1d9W_A.roa
File: cfUN1ozHovJqBe9MuL4ht1d9W_A.roa (raw, json)
Hash identifier: bmmtOx6PUxre7ggKHwNrhDbUgNKGYaJwJ0uxDWuldgc=
Subject key identifier: 71:F5:0D:D6:8C:C7:A2:F2:6A:05:EF:4C:B8:BE:21:B7:57:7D:5B:F0
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 0189F4565DC4CA2CCF3D0D5DCC02FD1EC859
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/cfUN1ozHovJqBe9MuL4ht1d9W_A.roa
Signing time: Mon 14 Aug 2023 13:57:28 +0000
ROA not before: Mon 14 Aug 2023 13:57:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 82.206.0.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:56:5d:c4:ca:2c:cf:3d:0d:5d:cc:02:fd:1e:c8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Aug 14 13:57:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71f50dd68cc7a2f26a05ef4cb8be21b7577d5bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e9:d2:53:35:54:c7:6b:aa:ee:09:da:26:bc:
12:aa:3b:71:08:ce:32:58:7e:30:f6:63:07:65:38:
f5:e4:fa:42:b6:7a:fb:7c:65:97:ef:11:8a:df:bb:
cf:48:4f:8f:1f:2c:06:6a:56:e4:f2:30:21:df:f0:
99:36:05:6f:97:4f:0d:6e:dc:26:83:a0:be:36:eb:
1e:e5:a5:cf:3b:36:15:3a:03:d1:e1:7e:d2:51:f2:
a2:07:12:0b:d0:8c:c0:5b:0f:52:43:6a:e3:38:61:
aa:df:e5:1f:69:73:f5:cf:cd:34:d7:b8:63:d6:d8:
b4:97:af:42:cb:0d:03:66:f5:ba:ef:9d:13:08:dc:
cf:0a:be:fc:66:a0:30:11:dd:f4:19:d1:a8:f0:75:
ee:7d:ca:03:07:59:30:ed:8e:1d:47:72:2b:11:76:
e3:19:7a:9f:9c:49:62:f4:af:40:9e:61:3a:a2:95:
3d:c0:20:3f:b4:52:ce:d6:ec:30:24:39:a9:3e:ee:
8b:3c:e7:55:43:83:a5:d6:68:0b:bd:95:39:6a:4b:
b6:af:0a:84:b3:54:fa:94:70:33:bf:5a:13:47:2d:
ea:cd:43:8f:bc:2a:bf:7d:f2:03:8b:83:9a:f1:35:
d2:f0:54:0d:01:ee:ef:d8:7e:3a:c6:a0:90:a2:e8:
c2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F5:0D:D6:8C:C7:A2:F2:6A:05:EF:4C:B8:BE:21:B7:57:7D:5B:F0
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/cfUN1ozHovJqBe9MuL4ht1d9W_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:2b:be:77:d8:8d:5d:77:dd:32:48:88:bc:cc:ea:e3:3f:d2:
4b:b6:3f:76:66:11:25:8a:1e:c4:bf:8a:32:6d:8e:1b:64:8b:
08:f3:1e:ec:52:03:a9:d3:c8:1f:5c:fa:01:07:da:70:ea:44:
aa:2c:8c:f5:26:53:94:18:59:6a:a5:cf:4e:0c:2a:cd:a6:1f:
8a:02:c9:a3:4e:e1:c1:f6:6b:65:99:41:ca:11:c9:6c:d5:cc:
db:f3:f0:1a:f8:79:83:49:a8:e1:c1:45:87:8b:d7:33:ed:82:
52:6a:47:04:ca:dc:34:c8:4d:23:ff:c1:e7:78:72:5f:9d:51:
e4:0d:93:ba:e6:0b:38:43:34:1b:1a:64:9f:79:56:8c:1d:44:
fe:ba:1b:df:fd:2e:35:f7:a3:5b:2e:8e:7c:e2:ee:96:6d:a8:
ee:dc:63:db:26:b5:a1:1b:5c:11:c2:33:59:1b:74:cd:f4:46:
b7:7d:17:ce:b2:03:97:4e:10:f1:d7:48:50:82:a8:66:ec:f7:
2b:d5:52:39:c0:bd:aa:36:75:c3:a2:a3:75:d3:a1:54:f0:f4:
2d:32:9c:31:b4:f1:ff:79:b8:e8:c2:45:41:76:fd:73:15:fc:
8a:df:01:bc:fa:55:c6:ca:b1:af:71:44:cf:ae:5c:0c:3e:c5:
e2:3f:39:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn0Vl3EyizPPQ1dzAL9HshZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjMwODE0MTM1NzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY1MGRkNjhjYzdhMmYyNmEwNWVmNGNiOGJlMjFiNzU3N2Q1YmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+nSUzVUx2uq7gnaJrwSqjtxCM4y
WH4w9mMHZTj15PpCtnr7fGWX7xGK37vPSE+PHywGalbk8jAh3/CZNgVvl08Nbtwm
g6C+Nuse5aXPOzYVOgPR4X7SUfKiBxIL0IzAWw9SQ2rjOGGq3+UfaXP1z80017hj
1ti0l69Cyw0DZvW6750TCNzPCr78ZqAwEd30GdGo8HXufcoDB1kw7Y4dR3IrEXbj
GXqfnEli9K9AnmE6opU9wCA/tFLO1uwwJDmpPu6LPOdVQ4Ol1mgLvZU5aku2rwqE
s1T6lHAzv1oTRy3qzUOPvCq/ffIDi4Oa8TXS8FQNAe7v2H46xqCQoujCHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHH1DdaMx6LyagXvTLi+IbdXfVvwMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvY2ZVTjFvekhvdkpxQmU5TXVMNGh0MWQ5V19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUs4AMA0G
CSqGSIb3DQEBCwUAA4IBAQA7K7532I1dd90ySIi8zOrjP9JLtj92ZhElih7Ev4oy
bY4bZIsI8x7sUgOp08gfXPoBB9pw6kSqLIz1JlOUGFlqpc9ODCrNph+KAsmjTuHB
9mtlmUHKEcls1czb8/Aa+HmDSajhwUWHi9cz7YJSakcEytw0yE0j/8HneHJfnVHk
DZO65gs4QzQbGmSfeVaMHUT+uhvf/S4196NbLo584u6Wbaju3GPbJrWhG1wRwjNZ
G3TN9Ea3fRfOsgOXThDx10hQgqhm7Pcr1VI5wL2qNnXDoqN106FU8PQtMpwxtPH/
ebjowkVBdv1zFfyK3wG8+lXGyrGvcUTPrlwMPsXiPzmS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org