Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EX92Xa6T0V0Uo4O2Fg5-pdACfJs.roa
File: EX92Xa6T0V0Uo4O2Fg5-pdACfJs.roa (raw, json)
Hash identifier: niiRPc2f310Gqa8OQY/0vL6jYLC8kc0fz7l7qVGFXWU=
Subject key identifier: 11:7F:76:5D:AE:93:D1:5D:14:A3:83:B6:16:0E:7E:A5:D0:02:7C:9B
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 018CC94E619CCB05E1265162570A1DBDF9E3
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EX92Xa6T0V0Uo4O2Fg5-pdACfJs.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41555
IP address blocks: 170.237.95.0/24 maxlen: 24
170.237.8.0/23 maxlen: 23
170.237.6.0/23 maxlen: 23
170.236.180.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:61:9c:cb:05:e1:26:51:62:57:0a:1d:bd:f9:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=117f765dae93d15d14a383b6160e7ea5d0027c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5e:a5:e6:d9:9d:2e:dd:e5:ec:5f:b1:cc:61:
ca:2c:f0:12:61:94:c6:c4:f8:85:cd:3c:ab:2e:0a:
72:64:c4:c7:cd:77:92:a0:e1:33:9c:32:84:d1:62:
c1:43:a0:6c:b5:f7:aa:ed:21:62:a1:2b:44:99:ca:
2b:ce:bc:2e:0a:b1:92:52:c7:20:2d:d5:33:46:47:
ae:c3:58:7d:35:2e:f4:5f:98:1c:a0:dd:65:f7:e1:
88:1f:0c:09:83:3b:1e:f3:93:01:b5:ea:c8:6e:f6:
15:b8:02:b7:9d:fd:42:ff:ad:ea:7c:e3:c7:8d:26:
04:4d:5f:1c:d3:b0:db:3c:16:1a:af:7f:a1:b7:17:
e3:ff:f2:16:3d:6a:60:5c:61:9a:8e:e7:25:a4:55:
d1:85:d3:84:0b:c5:d7:c0:34:0c:31:dc:70:bb:bf:
97:54:05:c2:5b:76:b3:1c:44:76:49:a0:9e:13:fa:
17:b5:a6:a6:56:38:f2:04:f1:b0:84:20:24:d5:0f:
ac:16:67:41:05:26:ea:76:21:ae:9a:77:2b:1b:0c:
5e:e4:ff:96:84:d0:e7:ec:6b:f3:ee:7c:6a:05:d0:
e0:f9:7e:75:97:9c:3d:b9:98:ac:06:05:f6:b1:8c:
5b:14:cc:17:81:89:5c:92:6d:06:d0:d2:14:9c:03:
1e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7F:76:5D:AE:93:D1:5D:14:A3:83:B6:16:0E:7E:A5:D0:02:7C:9B
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EX92Xa6T0V0Uo4O2Fg5-pdACfJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.236.180.0/24
170.237.6.0-170.237.9.255
170.237.95.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:2b:89:8e:3d:0f:ab:c9:a6:d4:fe:63:cd:1d:3b:e6:48:42:
5f:36:37:fc:98:0e:22:51:11:8d:93:13:8f:21:f0:01:b5:17:
80:62:d2:21:d1:3d:97:e6:94:19:11:3a:c2:8e:7c:b2:0d:8d:
bf:97:e1:61:3f:30:cd:60:97:3a:a6:28:cd:43:94:7f:0f:3b:
bc:f8:c5:67:cd:c1:23:0b:5c:23:5f:84:5d:58:ea:82:28:29:
da:56:52:af:9e:eb:cc:c4:4d:6d:5c:f8:fc:d4:7f:06:2c:54:
7f:ed:d8:49:ea:a4:6d:ec:bb:35:9b:dd:99:6a:b2:22:ff:3f:
04:33:7e:d9:46:51:7b:f4:f7:7b:bb:7d:d0:65:1f:9c:70:8e:
22:bb:22:a4:30:c2:e9:6d:b8:cc:36:43:81:f9:3f:c2:c0:9f:
5d:89:c3:44:2e:3c:6c:17:32:d7:f5:7e:e2:59:61:0e:4a:ad:
da:98:78:dd:28:85:34:3a:b9:c3:d3:d5:31:77:d8:9d:63:31:
bc:58:5d:0a:ff:af:2f:c3:b2:fb:32:b4:91:3f:0b:34:53:cb:
23:b4:49:7e:55:1f:0b:84:9a:71:38:88:4d:64:d3:d4:0e:f1:
cc:fa:e7:ce:b6:41:fa:6d:ed:d9:02:46:0b:93:25:23:b2:ef:
b3:82:cc:b4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJTmGcywXhJlFiVwodvfnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTdmNzY1ZGFlOTNkMTVkMTRhMzgzYjYxNjBlN2VhNWQwMDI3YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp16l5tmdLt3l7F+xzGHKLPASYZTG
xPiFzTyrLgpyZMTHzXeSoOEznDKE0WLBQ6Bstfeq7SFioStEmcorzrwuCrGSUscg
LdUzRkeuw1h9NS70X5gcoN1l9+GIHwwJgzse85MBterIbvYVuAK3nf1C/63qfOPH
jSYETV8c07DbPBYar3+htxfj//IWPWpgXGGajuclpFXRhdOEC8XXwDQMMdxwu7+X
VAXCW3azHER2SaCeE/oXtaamVjjyBPGwhCAk1Q+sFmdBBSbqdiGumncrGwxe5P+W
hNDn7Gvz7nxqBdDg+X51l5w9uZisBgX2sYxbFMwXgYlckm0G0NIUnAMeowIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBF/dl2uk9FdFKODthYOfqXQAnybMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvRVg5MlhhNlQwVjBVbzRPMkZnNS1wZEFDZkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAquy0MAwD
BAGq7QYDBAGq7QgDBACq7V8wDQYJKoZIhvcNAQELBQADggEBAGwriY49D6vJptT+
Y80dO+ZIQl82N/yYDiJREY2TE48h8AG1F4Bi0iHRPZfmlBkROsKOfLINjb+X4WE/
MM1glzqmKM1DlH8PO7z4xWfNwSMLXCNfhF1Y6oIoKdpWUq+e68zETW1c+PzUfwYs
VH/t2EnqpG3suzWb3ZlqsiL/PwQzftlGUXv093u7fdBlH5xwjiK7IqQwwultuMw2
Q4H5P8LAn12Jw0QuPGwXMtf1fuJZYQ5KrdqYeN0ohTQ6ucPT1TF32J1jMbxYXQr/
ry/DsvsytJE/CzRTyyO0SX5VHwuEmnE4iE1k09QO8cz65862Qfpt7dkCRguTJSOy
77OCzLQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org