Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/t68oxkJaHf_MYM1MsmvNKruRxZg.roa
File: t68oxkJaHf_MYM1MsmvNKruRxZg.roa (raw, json)
Hash identifier: 3RTUSy08uMG172jIA0k5yvr96w39eyQI7aSYrdwS280=
Subject key identifier: B7:AF:28:C6:42:5A:1D:FF:CC:60:CD:4C:B2:6B:CD:2A:BB:91:C5:98
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 018DAC62A389669653571C570373EBC44A08
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/t68oxkJaHf_MYM1MsmvNKruRxZg.roa
Signing time: Thu 15 Feb 2024 10:49:21 +0000
ROA not before: Thu 15 Feb 2024 10:49:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207967
IP address blocks: 178.130.132.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:62:a3:89:66:96:53:57:1c:57:03:73:eb:c4:4a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Feb 15 10:49:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7af28c6425a1dffcc60cd4cb26bcd2abb91c598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:69:17:2e:16:f7:30:61:ec:11:2e:f6:b2:a8:
8b:ba:bd:43:d6:ad:93:59:59:e5:18:c5:24:0d:ec:
f8:ab:d3:07:a7:26:c9:e1:d1:5f:2f:50:d9:65:a5:
f9:eb:26:37:55:8d:d5:8b:26:cd:86:19:75:4a:58:
32:1d:10:f1:a7:e8:3d:26:3e:24:0f:01:30:da:12:
86:bf:ba:72:c5:fe:35:ae:c8:ac:d3:c0:75:0b:23:
0e:fa:8c:89:8d:3c:4d:ab:e4:ea:35:cd:a9:3c:2c:
85:96:1a:2c:6f:c4:89:14:14:59:9e:4c:5f:7b:c4:
c8:e9:93:e1:1f:52:b2:fc:3e:fa:4a:9d:3b:29:0e:
8d:27:a9:7c:2c:31:0d:39:29:ca:74:45:2e:9b:d6:
3f:0c:8a:59:08:e8:c0:a8:7b:c6:d3:28:60:db:ed:
5f:eb:49:c7:b7:8b:5b:99:02:c8:4d:9a:c6:27:93:
d2:23:9b:f5:da:53:b9:24:47:f4:81:17:13:05:9a:
4f:05:a8:fc:71:5f:e1:11:93:fb:df:36:f3:3d:7f:
df:d4:46:db:2a:3a:32:30:d1:ed:76:42:3a:c0:06:
d6:bf:09:97:1b:cd:0d:f2:80:0c:12:17:a5:9d:b7:
fe:bf:eb:5e:6c:75:65:34:56:89:3f:b4:f4:ba:9b:
46:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AF:28:C6:42:5A:1D:FF:CC:60:CD:4C:B2:6B:CD:2A:BB:91:C5:98
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/t68oxkJaHf_MYM1MsmvNKruRxZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.130.132.0/22
Signature Algorithm: sha256WithRSAEncryption
68:04:08:e2:2d:73:50:b6:cd:d8:f0:3b:f9:e2:83:89:dc:48:
58:48:2b:e9:64:ad:96:f0:74:89:1f:9a:9a:e6:b5:6b:77:52:
a8:60:73:da:3f:68:ed:45:7d:d5:3f:f2:43:a6:47:09:92:97:
ea:fe:24:bc:01:51:88:68:4e:50:95:85:ef:c0:57:ed:5c:47:
14:46:53:5e:cd:17:4f:ba:dd:12:17:3b:43:2c:73:76:e2:26:
8f:41:0f:e5:d1:c5:c6:da:c8:35:67:41:38:bf:08:7c:7b:be:
ec:19:fe:3e:dc:53:ac:68:f1:e5:bd:a8:f1:d6:60:69:b7:95:
6a:c6:36:cb:7e:50:c2:b0:06:90:c8:b3:ab:36:dc:9d:19:e6:
39:8f:15:17:3e:1b:30:3c:b0:b9:78:a2:9f:80:a7:ba:e5:bf:
36:ad:89:e7:ed:d2:2b:25:e0:69:d0:47:09:2c:29:2a:60:3f:
e5:90:05:70:ca:71:5d:c7:f8:08:dc:f4:eb:70:cd:48:55:57:
b2:f2:7a:c8:9e:74:f3:d8:8a:a5:a7:3a:f4:68:ec:a2:76:1d:
83:df:d9:0f:18:fa:38:14:69:9c:33:1e:5f:91:dd:71:cc:83:
9b:83:f2:85:30:49:93:a7:22:d8:c9:b2:d6:4f:19:4b:82:09:
9b:79:f2:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2sYqOJZpZTVxxXA3PrxEoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjQwMjE1MTA0OTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FmMjhjNjQyNWExZGZmY2M2MGNkNGNiMjZiY2QyYWJiOTFjNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymkXLhb3MGHsES72sqiLur1D1q2T
WVnlGMUkDez4q9MHpybJ4dFfL1DZZaX56yY3VY3ViybNhhl1SlgyHRDxp+g9Jj4k
DwEw2hKGv7pyxf41rsis08B1CyMO+oyJjTxNq+TqNc2pPCyFlhosb8SJFBRZnkxf
e8TI6ZPhH1Ky/D76Sp07KQ6NJ6l8LDENOSnKdEUum9Y/DIpZCOjAqHvG0yhg2+1f
60nHt4tbmQLITZrGJ5PSI5v12lO5JEf0gRcTBZpPBaj8cV/hEZP73zbzPX/f1Ebb
KjoyMNHtdkI6wAbWvwmXG80N8oAMEhelnbf+v+tebHVlNFaJP7T0uptG9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLevKMZCWh3/zGDNTLJrzSq7kcWYMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvdDY4b3hrSmFIZl9NWU0xTXNtdk5LcnVSeFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsoKEMA0G
CSqGSIb3DQEBCwUAA4IBAQBoBAjiLXNQts3Y8Dv54oOJ3EhYSCvpZK2W8HSJH5qa
5rVrd1KoYHPaP2jtRX3VP/JDpkcJkpfq/iS8AVGIaE5QlYXvwFftXEcURlNezRdP
ut0SFztDLHN24iaPQQ/l0cXG2sg1Z0E4vwh8e77sGf4+3FOsaPHlvajx1mBpt5Vq
xjbLflDCsAaQyLOrNtydGeY5jxUXPhswPLC5eKKfgKe65b82rYnn7dIrJeBp0EcJ
LCkqYD/lkAVwynFdx/gI3PTrcM1IVVey8nrInnTz2Iqlpzr0aOyidh2D39kPGPo4
FGmcMx5fkd1xzIObg/KFMEmTpyLYybLWTxlLggmbefLo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org