Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/G8iK9vqJ9_4jPhGx2UVHCFRsmpg.roa
File: G8iK9vqJ9_4jPhGx2UVHCFRsmpg.roa (raw, json)
Hash identifier: SVRa5RhVjtE7RYLYrvylexsM6ONQHYLBBZHS8h6cwF0=
Subject key identifier: 1B:C8:8A:F6:FA:89:F7:FE:23:3E:11:B1:D9:45:47:08:54:6C:9A:98
Certificate issuer: /CN=56641d162079efd3c560a5de9e9226b2f2f0b097
Certificate serial: 0189870C8B96A3CDBCA61EA2E7BB31AB8AEE
Authority key identifier: 56:64:1D:16:20:79:EF:D3:C5:60:A5:DE:9E:92:26:B2:F2:F0:B0:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VmQdFiB579PFYKXenpImsvLwsJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/G8iK9vqJ9_4jPhGx2UVHCFRsmpg.roa
Signing time: Mon 24 Jul 2023 08:38:13 +0000
ROA not before: Mon 24 Jul 2023 08:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 188.214.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:0c:8b:96:a3:cd:bc:a6:1e:a2:e7:bb:31:ab:8a:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56641d162079efd3c560a5de9e9226b2f2f0b097
Validity
Not Before: Jul 24 08:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bc88af6fa89f7fe233e11b1d9454708546c9a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:3a:39:5e:d0:42:69:c0:91:38:ab:45:f2:
42:2b:0f:a4:7f:4d:46:1e:4b:67:4e:28:f6:82:de:
5d:05:5d:c3:ee:26:fa:e1:fd:45:a7:0f:ad:03:98:
b4:ad:ed:56:f9:25:08:f9:69:5c:ec:2e:3b:df:e9:
7e:68:0a:44:1f:a5:71:33:e8:51:cd:75:ed:03:62:
a3:28:79:da:61:0e:94:70:2e:59:60:c6:c7:ff:af:
68:31:66:3c:26:50:67:6a:64:0f:15:32:bb:82:5a:
0b:da:e7:2c:f8:fc:21:31:a8:b5:bb:31:9b:9e:d7:
e7:18:02:be:77:aa:a6:da:f1:7d:1e:d3:96:c2:89:
df:3e:e9:b1:a0:b6:61:11:50:63:2d:ea:06:0e:be:
fe:d0:0a:a4:72:6b:b2:b2:29:87:e5:ba:33:28:66:
44:1a:cd:2d:80:a4:19:9d:ff:82:76:bf:7f:58:56:
63:5e:48:06:66:b3:76:26:b5:b0:6b:d2:71:47:2a:
a9:9a:f2:d1:2b:ca:f9:34:93:7a:2b:21:78:7b:6d:
cd:10:3f:33:c0:5f:7a:1c:3d:ed:59:cb:b8:bc:5a:
33:e0:5e:2e:01:8b:2a:82:cc:06:92:c8:e1:6e:50:
ce:a6:77:3f:fd:94:2c:c6:63:15:e1:59:b0:cf:b0:
af:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C8:8A:F6:FA:89:F7:FE:23:3E:11:B1:D9:45:47:08:54:6C:9A:98
X509v3 Authority Key Identifier:
keyid:56:64:1D:16:20:79:EF:D3:C5:60:A5:DE:9E:92:26:B2:F2:F0:B0:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmQdFiB579PFYKXenpImsvLwsJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/G8iK9vqJ9_4jPhGx2UVHCFRsmpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/VmQdFiB579PFYKXenpImsvLwsJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.157.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:bb:57:36:d9:00:ef:4a:1a:68:b8:c8:53:e7:74:41:bc:19:
33:ba:69:e3:bc:82:0d:f2:3c:32:0e:88:af:bc:d7:6e:da:02:
82:69:8c:f6:c6:0b:12:52:0b:30:a9:1d:4b:04:25:de:76:16:
5a:37:b4:64:a3:44:57:33:9b:39:74:3a:69:d8:bd:40:14:10:
54:ec:61:6e:d4:51:db:01:b6:52:a6:92:d4:96:32:1a:2f:b6:
06:30:ab:c8:65:95:38:4d:f8:eb:ef:25:cc:1c:c9:38:66:29:
6e:9a:dd:42:de:86:03:42:52:5b:58:ea:2e:7c:77:e3:22:51:
17:7a:24:92:3e:ee:5f:c3:85:ce:b4:91:4a:c9:f6:81:33:b1:
d2:e3:2c:cb:18:39:ca:3e:2d:a6:61:26:6e:16:0c:07:7b:d5:
88:23:c3:56:41:f6:63:84:92:6c:6e:79:f3:17:6a:f7:a3:49:
36:e9:d1:37:af:e6:06:21:55:08:8b:bf:98:08:0b:04:dc:ee:
3f:e0:ff:a1:32:57:0f:21:0f:81:38:3b:34:2f:61:f2:06:11:
73:0f:9b:d3:90:3b:a1:45:60:2a:fb:83:4c:35:89:b6:cc:df:
91:a5:a2:63:ee:73:c5:87:a0:c7:08:6c:45:ad:31:8b:91:dc:
5a:85:6f:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmHDIuWo828ph6i57sxq4ruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NjQxZDE2MjA3OWVmZDNjNTYwYTVkZTllOTIyNmIyZjJm
MGIwOTcwHhcNMjMwNzI0MDgzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM4OGFmNmZhODlmN2ZlMjMzZTExYjFkOTQ1NDcwODU0NmM5YTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyU6OV7QQmnAkTirRfJCKw+kf01G
HktnTij2gt5dBV3D7ib64f1Fpw+tA5i0re1W+SUI+Wlc7C473+l+aApEH6VxM+hR
zXXtA2KjKHnaYQ6UcC5ZYMbH/69oMWY8JlBnamQPFTK7gloL2ucs+PwhMai1uzGb
ntfnGAK+d6qm2vF9HtOWwonfPumxoLZhEVBjLeoGDr7+0AqkcmuysimH5bozKGZE
Gs0tgKQZnf+Cdr9/WFZjXkgGZrN2JrWwa9JxRyqpmvLRK8r5NJN6KyF4e23NED8z
wF96HD3tWcu4vFoz4F4uAYsqgswGksjhblDOpnc//ZQsxmMV4Vmwz7CviQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvIivb6iff+Iz4RsdlFRwhUbJqYMB8GA1UdIwQY
MBaAFFZkHRYgee/TxWCl3p6SJrLy8LCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1RZEZpQjU3OVBGWUtYZW5wSW1zdkx3c0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZTQ0YjctYmFmZi00NWYzLWE0ZTkt
MTdmODgxZjc3MWNiLzEvRzhpSzl2cUo5XzRqUGhHeDJVVkhDRlJzbXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZTQ0YjctYmFmZi00NWYzLWE0ZTktMTdmODgxZjc3MWNi
LzEvVm1RZEZpQjU3OVBGWUtYZW5wSW1zdkx3c0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNadMA0G
CSqGSIb3DQEBCwUAA4IBAQCku1c22QDvShpouMhT53RBvBkzumnjvIIN8jwyDoiv
vNdu2gKCaYz2xgsSUgswqR1LBCXedhZaN7Rko0RXM5s5dDpp2L1AFBBU7GFu1FHb
AbZSppLUljIaL7YGMKvIZZU4Tfjr7yXMHMk4Zilumt1C3oYDQlJbWOoufHfjIlEX
eiSSPu5fw4XOtJFKyfaBM7HS4yzLGDnKPi2mYSZuFgwHe9WII8NWQfZjhJJsbnnz
F2r3o0k26dE3r+YGIVUIi7+YCAsE3O4/4P+hMlcPIQ+BODs0L2HyBhFzD5vTkDuh
RWAq+4NMNYm2zN+RpaJj7nPFh6DHCGxFrTGLkdxahW/m
-----END CERTIFICATE-----
Generated at Wed Aug 2 12:40:08 2023 by rpki-client on console-fra.rpki-client.org