Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/wVfua82Z9dGO3TletgA7rMRGsHQ.roa
File: wVfua82Z9dGO3TletgA7rMRGsHQ.roa (raw, json)
Hash identifier: AFXwXQWIcoJmaLQGybMFFoFw7Xt6mroXPlaG4TPJxyo=
Subject key identifier: C1:57:EE:6B:CD:99:F5:D1:8E:DD:39:5E:B6:00:3B:AC:C4:46:B0:74
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 018CC6B815AABC3B913950F93C33174631C0
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/wVfua82Z9dGO3TletgA7rMRGsHQ.roa
Signing time: Mon 01 Jan 2024 20:30:01 +0000
ROA not before: Mon 01 Jan 2024 20:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203953
IP address blocks: 89.150.128.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:15:aa:bc:3b:91:39:50:f9:3c:33:17:46:31:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Jan 1 20:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c157ee6bcd99f5d18edd395eb6003bacc446b074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fa:45:31:3c:c0:34:47:cb:b7:6f:91:c8:44:
a2:31:53:97:75:07:d8:08:24:82:ab:56:75:0a:77:
34:be:0c:29:84:a4:16:5b:8d:80:f7:c7:bc:35:0f:
8f:db:9a:19:a5:dd:1e:0d:46:cd:4e:d4:39:66:5a:
93:86:c7:4b:08:70:e5:aa:65:7b:2e:ec:7a:5d:25:
53:04:a8:3a:93:2d:9c:e7:ed:6c:70:19:26:2a:f1:
e0:cb:d6:2a:73:74:6f:30:b5:c6:57:48:13:2b:28:
ba:66:a3:4e:71:5d:ac:86:81:9d:d2:c9:ed:d7:6c:
7d:5b:fa:54:01:9e:ac:5f:1c:1e:35:c0:aa:10:8d:
80:f4:4d:1b:60:95:cc:04:86:5e:2a:e9:30:64:2d:
67:c9:5a:05:15:a5:77:ad:2e:44:2c:6e:35:32:71:
c8:57:e8:a6:20:61:a4:cc:38:f7:d7:58:16:dd:f7:
41:22:d8:0c:98:56:c5:8b:2a:9a:ca:dd:b5:fb:d7:
e8:c7:5c:b9:cc:eb:40:fb:93:3e:a0:f3:35:ce:9a:
15:77:93:2a:05:95:33:87:15:99:7a:91:9a:00:b5:
bc:17:20:b6:c3:49:e8:29:29:ad:e0:43:f8:72:67:
8e:54:db:00:46:8f:5c:03:cd:4a:f9:b3:c6:78:71:
50:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:57:EE:6B:CD:99:F5:D1:8E:DD:39:5E:B6:00:3B:AC:C4:46:B0:74
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/wVfua82Z9dGO3TletgA7rMRGsHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4d:ba:98:4a:85:20:9d:ac:03:f8:09:32:4d:ac:4f:1e:ba:2b:
1a:26:6d:4b:36:c2:80:c0:b5:88:fb:ce:0d:c0:79:a7:df:b1:
dc:22:17:08:ef:81:46:b2:f1:17:b4:46:8a:dd:7a:7d:76:5e:
7d:7a:26:37:44:cb:a5:a7:5f:0e:45:9d:35:5a:bc:dd:e9:4d:
1f:5b:ef:cf:ef:6d:25:f4:a3:72:9a:14:67:40:71:c6:a2:67:
91:da:4a:0e:50:b8:87:08:59:d3:21:a8:6a:44:6c:cc:a3:f2:
c9:35:e2:a7:5f:8c:36:5b:66:71:99:bf:5c:1d:92:fa:46:98:
6c:df:6f:71:6f:79:c6:01:7d:75:6d:1e:2a:39:1d:92:84:f3:
78:9c:75:97:0b:8d:d1:7a:a8:a0:c7:1d:a4:d1:a1:74:b0:d2:
6d:41:2b:2e:b7:c1:a6:85:d0:9b:b5:01:2f:ee:52:86:75:74:
74:eb:32:10:d9:b9:d3:d3:af:ad:54:54:cd:29:6f:ea:46:ee:
60:4d:9f:8d:db:18:a5:88:62:63:a8:62:70:9a:43:33:48:ac:
f5:c7:d9:86:ed:4d:24:bd:2b:cf:f6:30:dc:81:24:fe:c2:a1:
ea:fc:f9:24:77:d5:54:d0:7b:0c:99:c5:f0:a5:f0:15:d9:33:
17:cb:b9:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuBWqvDuROVD5PDMXRjHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjQwMTAxMjAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTU3ZWU2YmNkOTlmNWQxOGVkZDM5NWViNjAwM2JhY2M0NDZiMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/pFMTzANEfLt2+RyESiMVOXdQfY
CCSCq1Z1Cnc0vgwphKQWW42A98e8NQ+P25oZpd0eDUbNTtQ5ZlqThsdLCHDlqmV7
Lux6XSVTBKg6ky2c5+1scBkmKvHgy9Yqc3RvMLXGV0gTKyi6ZqNOcV2shoGd0snt
12x9W/pUAZ6sXxweNcCqEI2A9E0bYJXMBIZeKukwZC1nyVoFFaV3rS5ELG41MnHI
V+imIGGkzDj311gW3fdBItgMmFbFiyqayt21+9fox1y5zOtA+5M+oPM1zpoVd5Mq
BZUzhxWZepGaALW8FyC2w0noKSmt4EP4cmeOVNsARo9cA81K+bPGeHFQnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFX7mvNmfXRjt05XrYAO6zERrB0MB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvd1ZmdWE4Mlo5ZEdPM1RsZXRnQTdyTVJHc0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGWZaAMA0G
CSqGSIb3DQEBCwUAA4IBAQBNuphKhSCdrAP4CTJNrE8euisaJm1LNsKAwLWI+84N
wHmn37HcIhcI74FGsvEXtEaK3Xp9dl59eiY3RMulp18ORZ01Wrzd6U0fW+/P720l
9KNymhRnQHHGomeR2koOULiHCFnTIahqRGzMo/LJNeKnX4w2W2Zxmb9cHZL6Rphs
329xb3nGAX11bR4qOR2ShPN4nHWXC43Reqigxx2k0aF0sNJtQSsut8GmhdCbtQEv
7lKGdXR06zIQ2bnT06+tVFTNKW/qRu5gTZ+N2xiliGJjqGJwmkMzSKz1x9mG7U0k
vSvP9jDcgST+wqHq/Pkkd9VU0HsMmcXwpfAV2TMXy7mw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:00 2024 by rpki-client on console-fra.rpki-client.org