Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/K03PcFsqzXKZE05gCzT3sNXUQ0M.roa
File: K03PcFsqzXKZE05gCzT3sNXUQ0M.roa (raw, json)
Hash identifier: ZhjOkd+sfMRbH3G6ugzIseKhMMHUyrvTtkQK8d6NBDU=
Subject key identifier: 2B:4D:CF:70:5B:2A:CD:72:99:13:4E:60:0B:34:F7:B0:D5:D4:43:43
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0185729ED84CBEF318C714E432D1FF80DA61
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/K03PcFsqzXKZE05gCzT3sNXUQ0M.roa
Signing time: Mon 02 Jan 2023 13:14:50 +0000
ROA not before: Mon 02 Jan 2023 13:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 87.251.24.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:d8:4c:be:f3:18:c7:14:e4:32:d1:ff:80:da:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 13:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b4dcf705b2acd7299134e600b34f7b0d5d44343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a0:ee:37:ea:74:52:b8:2c:e4:c5:c4:fa:fb:
20:5b:27:be:68:06:8e:c8:57:e8:a1:59:87:f8:60:
c3:29:96:ab:18:da:93:4f:ca:e7:ce:87:35:b4:ef:
98:00:1a:70:8b:f4:01:0b:77:7b:95:8c:05:db:3f:
b9:01:d8:53:81:af:d9:bc:9f:c7:9a:48:e1:11:2b:
38:a5:1e:22:2d:93:e9:53:d0:43:bf:45:49:28:46:
96:fb:7c:b1:14:c1:8f:f0:7e:22:80:28:59:1e:f1:
33:52:f6:66:42:4d:fb:6f:13:9b:b6:b6:18:73:33:
d1:92:df:03:43:3a:b9:be:51:68:5f:22:92:e1:f6:
b5:49:12:6c:f1:8d:e7:e9:45:8b:cb:06:dc:16:a3:
00:85:4b:7b:7a:e5:59:3c:b9:98:47:54:e8:11:cf:
08:ed:8b:25:33:59:ed:b9:8d:eb:65:20:f9:58:0d:
7f:69:99:37:63:0e:59:dd:9e:f8:8e:94:ec:cd:88:
80:39:ab:62:f6:a9:8a:a9:4f:5f:7e:2a:35:2d:c5:
c2:87:e6:f4:da:11:cb:8c:e5:2b:40:63:14:5b:ab:
45:cf:4b:1e:b9:0a:f0:0f:a6:c2:4c:75:0a:f0:d3:
82:2c:ae:5a:3d:46:ac:0e:15:5e:81:ed:30:56:32:
4a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4D:CF:70:5B:2A:CD:72:99:13:4E:60:0B:34:F7:B0:D5:D4:43:43
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/K03PcFsqzXKZE05gCzT3sNXUQ0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.24.0/24
Signature Algorithm: sha256WithRSAEncryption
51:16:b9:3d:48:46:ba:0a:dd:0e:f4:44:ac:8f:d7:03:2f:71:
74:5d:11:b8:f8:37:33:93:91:19:65:7b:62:82:69:3d:74:95:
e1:07:cf:03:23:ce:df:77:18:75:38:01:98:bd:97:77:20:b3:
c2:a9:b0:0e:52:64:f9:dc:3e:17:21:2b:c2:88:bd:b8:ee:0f:
dd:00:3c:92:1d:3e:ed:2f:af:ea:1c:e0:cd:80:78:ff:89:e1:
9f:20:4e:9e:9c:19:2b:e0:de:32:07:3c:e8:6a:a6:91:f4:af:
10:0f:ca:17:bd:1f:c1:cc:dc:86:81:e7:98:e8:14:d4:fd:5f:
46:5c:2b:ff:30:0b:cf:8a:65:31:40:a6:c3:1e:05:4e:47:1a:
21:d5:8d:3b:36:d5:80:19:58:72:93:77:aa:d7:93:06:5b:95:
b5:e5:6d:b6:f8:06:b2:a6:ad:e1:3f:3a:02:a2:4b:0e:1c:8e:
71:30:03:b9:92:8c:66:1c:c7:4c:a9:a0:e6:c5:68:e7:bd:e6:
91:f7:34:7e:84:ee:bf:29:61:9b:65:a6:fd:5f:da:fd:b7:26:
2b:2a:2f:05:06:9e:38:70:95:2c:e5:0e:50:00:92:fd:c7:e2:
eb:2c:35:cd:de:46:df:da:30:46:6f:64:a6:b9:bc:24:e5:2a:
ed:12:fe:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynthMvvMYxxTkMtH/gNphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjMwMTAyMTMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRkY2Y3MDViMmFjZDcyOTkxMzRlNjAwYjM0ZjdiMGQ1ZDQ0MzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6DuN+p0Urgs5MXE+vsgWye+aAaO
yFfooVmH+GDDKZarGNqTT8rnzoc1tO+YABpwi/QBC3d7lYwF2z+5AdhTga/ZvJ/H
mkjhESs4pR4iLZPpU9BDv0VJKEaW+3yxFMGP8H4igChZHvEzUvZmQk37bxObtrYY
czPRkt8DQzq5vlFoXyKS4fa1SRJs8Y3n6UWLywbcFqMAhUt7euVZPLmYR1ToEc8I
7YslM1ntuY3rZSD5WA1/aZk3Yw5Z3Z74jpTszYiAOati9qmKqU9ffio1LcXCh+b0
2hHLjOUrQGMUW6tFz0seuQrwD6bCTHUK8NOCLK5aPUasDhVege0wVjJKTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtNz3BbKs1ymRNOYAs097DV1ENDMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvSzAzUGNGc3F6WEtaRTA1Z0N6VDNzTlhVUTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/sYMA0G
CSqGSIb3DQEBCwUAA4IBAQBRFrk9SEa6Ct0O9ESsj9cDL3F0XRG4+Dczk5EZZXti
gmk9dJXhB88DI87fdxh1OAGYvZd3ILPCqbAOUmT53D4XISvCiL247g/dADySHT7t
L6/qHODNgHj/ieGfIE6enBkr4N4yBzzoaqaR9K8QD8oXvR/BzNyGgeeY6BTU/V9G
XCv/MAvPimUxQKbDHgVORxoh1Y07NtWAGVhyk3eq15MGW5W15W22+Aaypq3hPzoC
oksOHI5xMAO5koxmHMdMqaDmxWjnveaR9zR+hO6/KWGbZab9X9r9tyYrKi8FBp44
cJUs5Q5QAJL9x+LrLDXN3kbf2jBGb2Smubwk5SrtEv6A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org