Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R7fA8gaRf-JE-JiXXkmz99lZKvk.roa
File: R7fA8gaRf-JE-JiXXkmz99lZKvk.roa (raw, json)
Hash identifier: C7Nj6GA5fi27elDFWXUmSOmoqIhrQZO59yIx57U3PFw=
Subject key identifier: 47:B7:C0:F2:06:91:7F:E2:44:F8:98:97:5E:49:B3:F7:D9:59:2A:F9
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018E51BBE2C71855B59C94D33A47BCB36E5E
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R7fA8gaRf-JE-JiXXkmz99lZKvk.roa
Signing time: Mon 18 Mar 2024 13:24:11 +0000
ROA not before: Mon 18 Mar 2024 13:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64470
IP address blocks: 193.46.204.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.46.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:bb:e2:c7:18:55:b5:9c:94:d3:3a:47:bc:b3:6e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 18 13:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47b7c0f206917fe244f898975e49b3f7d9592af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:04:26:a4:aa:81:1d:f6:1b:c5:d3:b4:74:7b:
b5:19:82:b9:fd:e3:75:fe:8a:5e:f9:e8:d1:30:0b:
35:97:62:fc:1e:7f:a7:fe:7e:cb:9a:ce:d0:72:06:
65:c3:4a:07:47:ed:11:9c:36:0f:a4:21:1a:07:0f:
96:68:d3:0f:cf:df:0c:80:8a:6f:82:b4:3a:4a:b8:
ef:c8:7e:f0:c2:77:44:6e:71:a8:2d:8c:78:07:07:
a8:92:2a:08:0f:79:4e:d4:00:09:d3:0b:da:4d:43:
4a:bb:24:07:00:e0:13:15:3b:fa:71:8a:4d:55:f0:
18:89:e3:b4:d8:e0:49:3f:81:dc:af:78:dd:aa:46:
eb:16:e9:24:75:83:07:c9:72:7f:1c:5b:d5:8c:b7:
0c:b8:50:6b:1a:90:72:a5:ea:24:c0:47:65:57:7d:
b6:a9:b9:11:c7:84:28:47:69:f0:35:ac:bb:10:c5:
67:e4:7d:75:e0:f9:63:0b:2c:24:bc:ac:5c:e9:67:
f2:a2:26:e7:af:05:8e:f6:af:3e:f0:8f:76:c6:c9:
b1:fa:ef:46:79:96:e9:6f:32:39:ef:17:a3:b1:ed:
fe:87:bc:15:cb:67:80:26:9a:4f:dd:69:4c:25:b3:
f7:3f:c4:d4:db:d8:66:1a:93:1a:b5:14:42:47:0b:
2a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B7:C0:F2:06:91:7F:E2:44:F8:98:97:5E:49:B3:F7:D9:59:2A:F9
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R7fA8gaRf-JE-JiXXkmz99lZKvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.204.0/24
193.46.211.0/24
193.46.214.0/24
Signature Algorithm: sha256WithRSAEncryption
06:6f:3a:a8:c1:58:c7:60:ba:c3:59:3d:62:e9:e6:c9:3c:24:
f8:bf:63:be:1a:04:d3:08:62:25:89:fd:8c:75:54:ed:fe:c5:
2a:bc:36:0e:4e:fc:99:38:8e:55:57:a0:60:5b:ec:63:fd:26:
63:b5:67:6f:33:6f:7c:6f:74:65:65:34:21:6d:4e:c6:ff:21:
18:9e:8d:f0:3f:05:16:af:85:97:89:6a:7f:3e:31:3f:42:7f:
20:ae:4f:c8:ec:56:43:bd:4d:ed:76:e3:8b:dc:07:7c:88:45:
27:2b:c4:02:09:4b:cd:c8:4c:4f:ca:ce:b0:f5:49:33:0e:0d:
fa:ce:9f:63:3c:ec:24:e4:7e:fd:c7:79:0d:37:1e:b6:5f:13:
dd:e2:72:66:27:fd:43:81:29:f0:f9:b4:f1:a4:21:d6:d3:3d:
84:69:6d:5b:b9:a2:85:1a:64:2b:64:96:f9:a1:5f:ea:ba:70:
30:ee:18:cb:f7:7d:03:5e:51:71:96:87:b6:04:ac:97:65:bc:
4c:0c:25:ad:82:47:5c:ab:4c:18:a7:53:c4:f7:53:36:d6:f8:
0f:0b:ce:8d:d6:a5:0d:20:25:a7:14:a5:42:29:20:50:21:3d:
66:22:38:b6:51:96:d6:4c:07:0d:e9:17:f0:31:9a:23:32:8f:
cd:de:0d:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5Ru+LHGFW1nJTTOke8s25eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMzE4MTMyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I3YzBmMjA2OTE3ZmUyNDRmODk4OTc1ZTQ5YjNmN2Q5NTkyYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAQmpKqBHfYbxdO0dHu1GYK5/eN1
/ope+ejRMAs1l2L8Hn+n/n7Lms7QcgZlw0oHR+0RnDYPpCEaBw+WaNMPz98MgIpv
grQ6SrjvyH7wwndEbnGoLYx4BweokioID3lO1AAJ0wvaTUNKuyQHAOATFTv6cYpN
VfAYieO02OBJP4Hcr3jdqkbrFukkdYMHyXJ/HFvVjLcMuFBrGpBypeokwEdlV322
qbkRx4QoR2nwNay7EMVn5H114PljCywkvKxc6WfyoibnrwWO9q8+8I92xsmx+u9G
eZbpbzI57xejse3+h7wVy2eAJppP3WlMJbP3P8TU29hmGpMatRRCRwsqvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEe3wPIGkX/iRPiYl15Js/fZWSr5MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUjdmQThnYVJmLUpFLUppWFhrbXo5OWxaS3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwS7MAwQA
wS7TAwQAwS7WMA0GCSqGSIb3DQEBCwUAA4IBAQAGbzqowVjHYLrDWT1i6ebJPCT4
v2O+GgTTCGIlif2MdVTt/sUqvDYOTvyZOI5VV6BgW+xj/SZjtWdvM298b3RlZTQh
bU7G/yEYno3wPwUWr4WXiWp/PjE/Qn8grk/I7FZDvU3tduOL3Ad8iEUnK8QCCUvN
yExPys6w9UkzDg36zp9jPOwk5H79x3kNNx62XxPd4nJmJ/1DgSnw+bTxpCHW0z2E
aW1buaKFGmQrZJb5oV/qunAw7hjL930DXlFxloe2BKyXZbxMDCWtgkdcq0wYp1PE
91M21vgPC86N1qUNICWnFKVCKSBQIT1mIji2UZbWTAcN6RfwMZojMo/N3g0C
-----END CERTIFICATE-----
Generated at Mon Jul 8 16:01:27 2024 by rpki-client on console-ams.rpki-client.org