Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/3aoeqiD9TlEf0EB0fIuTHcc4F3M.roa
File: 3aoeqiD9TlEf0EB0fIuTHcc4F3M.roa (raw, json)
Hash identifier: 50OepPkl+X4DYilCPXeofC+XB8C9GD0+tR89UwW66h8=
Subject key identifier: DD:AA:1E:AA:20:FD:4E:51:1F:D0:40:74:7C:8B:93:1D:C7:38:17:73
Certificate issuer: /CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Certificate serial: 0191374F5E7D5B238ED9130F3565A8209619
Authority key identifier: 7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/3aoeqiD9TlEf0EB0fIuTHcc4F3M.roa
Signing time: Fri 09 Aug 2024 13:23:53 +0000
ROA not before: Fri 09 Aug 2024 13:23:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.54.158.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:4f:5e:7d:5b:23:8e:d9:13:0f:35:65:a8:20:96:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Validity
Not Before: Aug 9 13:23:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddaa1eaa20fd4e511fd040747c8b931dc7381773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:70:6e:aa:b8:03:47:91:d8:1c:ad:3b:6d:4e:
12:9f:a3:d9:72:15:21:bb:5e:a9:41:71:93:ed:69:
94:90:29:f0:bd:ac:ff:9c:46:de:e7:9b:51:27:1e:
8b:3b:c9:6e:6c:cd:f8:ac:02:53:d9:01:d3:87:22:
00:86:7b:bc:1c:fb:ac:2a:5f:1c:e6:52:16:d4:c9:
22:2f:45:db:7d:aa:66:1b:4e:62:e4:c8:c3:e0:74:
68:4e:74:cc:95:08:a6:13:71:df:87:84:f4:bd:30:
ea:38:87:9b:1b:00:a0:f5:5c:33:95:3c:58:78:ca:
11:d1:e9:45:eb:54:9a:58:f2:14:02:38:39:74:d5:
44:23:f4:7b:1e:36:70:40:84:e4:d1:a8:df:8e:2c:
63:fd:da:96:f4:68:0b:61:a3:0a:5c:65:f9:67:c8:
41:85:3a:52:63:5f:d3:57:75:e3:96:b4:68:f0:10:
4f:66:f0:eb:b1:8f:0e:13:8b:a7:18:00:f0:d7:5a:
b1:3d:3d:80:ab:5d:4c:b3:41:60:f7:42:24:f9:ad:
c3:47:ca:3a:7c:a7:5c:6d:0c:5b:b6:24:9f:b1:71:
1d:70:51:6d:b5:8a:53:df:f4:1a:48:18:aa:dc:8d:
05:3f:7c:1d:5d:01:8e:00:36:1f:ed:0a:b0:08:70:
2a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AA:1E:AA:20:FD:4E:51:1F:D0:40:74:7C:8B:93:1D:C7:38:17:73
X509v3 Authority Key Identifier:
keyid:7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/3aoeqiD9TlEf0EB0fIuTHcc4F3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/fNbAI2_01gUJBpV__TgLOHnm7W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:72:c5:59:3c:f8:17:b4:b1:c0:f8:90:b1:bd:23:fe:a6:9b:
98:25:bc:e3:45:9e:dd:9b:b7:b9:24:ce:d9:c0:52:c6:7a:a6:
72:3c:42:e0:67:3f:9b:72:dc:2c:de:ca:29:2b:f0:0d:60:15:
05:9c:cb:3f:11:69:22:a3:ac:42:4a:c2:ab:6f:61:2b:c9:b5:
f2:80:93:1a:3c:2d:f2:01:78:7c:59:cb:d9:1d:ac:b4:3e:b0:
80:54:cf:3a:0d:c1:e6:60:12:09:bf:1d:ed:60:70:52:0f:66:
cf:9e:04:38:92:18:c1:98:17:b6:3d:33:40:87:d3:0f:c9:ce:
4b:a3:db:d4:d4:13:ab:22:b6:d4:7c:6b:5a:9c:66:31:c2:49:
38:7a:7d:e5:c5:97:c5:64:36:1d:13:d3:07:3a:e9:68:49:3d:
81:bd:b6:8b:50:1b:15:89:bd:f5:f5:45:b6:ef:63:1b:c5:ef:
00:38:1f:a2:bd:b7:f4:bb:6b:08:29:d2:a1:08:5b:d0:6c:f4:
31:e5:af:1b:e2:51:8d:1a:72:c5:71:33:31:de:76:df:29:01:
b6:bc:ae:a8:29:1e:ed:b3:a8:02:d3:6b:d8:14:1c:90:c2:d0:
77:71:27:c7:29:3a:30:dc:fa:30:30:01:c6:7c:4c:6a:1b:81:
ba:c7:67:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZE3T159WyOO2RMPNWWoIJYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZDZjMDIzNmZmNGQ2MDUwOTA2OTU3ZmZkMzgwYjM4Nzll
NmVkNmUwHhcNMjQwODA5MTMyMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFhMWVhYTIwZmQ0ZTUxMWZkMDQwNzQ3YzhiOTMxZGM3MzgxNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3BuqrgDR5HYHK07bU4Sn6PZchUh
u16pQXGT7WmUkCnwvaz/nEbe55tRJx6LO8lubM34rAJT2QHThyIAhnu8HPusKl8c
5lIW1MkiL0XbfapmG05i5MjD4HRoTnTMlQimE3Hfh4T0vTDqOIebGwCg9VwzlTxY
eMoR0elF61SaWPIUAjg5dNVEI/R7HjZwQITk0ajfjixj/dqW9GgLYaMKXGX5Z8hB
hTpSY1/TV3XjlrRo8BBPZvDrsY8OE4unGADw11qxPT2Aq11Ms0Fg90Ik+a3DR8o6
fKdcbQxbtiSfsXEdcFFttYpT3/QaSBiq3I0FP3wdXQGOADYf7QqwCHAqXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2qHqog/U5RH9BAdHyLkx3HOBdzMB8GA1UdIwQY
MBaAFHzWwCNv9NYFCQaVf/04Czh55u1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEt
YzgwYzI4OGViZWVhLzEvM2FvZXFpRDlUbEVmMEVCMGZJdVRIY2M0RjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEtYzgwYzI4OGViZWVh
LzEvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjaeMA0G
CSqGSIb3DQEBCwUAA4IBAQCicsVZPPgXtLHA+JCxvSP+ppuYJbzjRZ7dm7e5JM7Z
wFLGeqZyPELgZz+bctws3sopK/ANYBUFnMs/EWkio6xCSsKrb2ErybXygJMaPC3y
AXh8WcvZHay0PrCAVM86DcHmYBIJvx3tYHBSD2bPngQ4khjBmBe2PTNAh9MPyc5L
o9vU1BOrIrbUfGtanGYxwkk4en3lxZfFZDYdE9MHOuloST2BvbaLUBsVib319UW2
72Mbxe8AOB+ivbf0u2sIKdKhCFvQbPQx5a8b4lGNGnLFcTMx3nbfKQG2vK6oKR7t
s6gC02vYFByQwtB3cSfHKTow3PowMAHGfExqG4G6x2cG
-----END CERTIFICATE-----
Generated at Mon Aug 12 16:29:13 2024 by rpki-client on console-fra.rpki-client.org