Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/n-l6QDSR10CWSrlE2BVN10eYPWw.roa
File: n-l6QDSR10CWSrlE2BVN10eYPWw.roa (raw, json)
Hash identifier: VQvYZeJnFY79eH9oy78Hke9oAVancN4i/bEgPLz0emk=
Subject key identifier: 9F:E9:7A:40:34:91:D7:40:96:4A:B9:44:D8:15:4D:D7:47:98:3D:6C
Certificate issuer: /CN=56641d162079efd3c560a5de9e9226b2f2f0b097
Certificate serial: 0189870C8BD23CA57AEE6302EBFD85580417
Authority key identifier: 56:64:1D:16:20:79:EF:D3:C5:60:A5:DE:9E:92:26:B2:F2:F0:B0:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VmQdFiB579PFYKXenpImsvLwsJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/n-l6QDSR10CWSrlE2BVN10eYPWw.roa
Signing time: Mon 24 Jul 2023 08:38:13 +0000
ROA not before: Mon 24 Jul 2023 08:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 188.214.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:0c:8b:d2:3c:a5:7a:ee:63:02:eb:fd:85:58:04:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56641d162079efd3c560a5de9e9226b2f2f0b097
Validity
Not Before: Jul 24 08:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fe97a403491d740964ab944d8154dd747983d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fe:fb:0c:88:25:8b:8e:31:f5:8d:3e:87:a8:
87:5f:25:8d:31:b2:77:9f:58:25:d0:48:2a:9c:2e:
f7:60:fc:f3:e3:74:79:be:a1:c4:db:d2:17:28:6d:
34:7c:b8:fa:bc:4b:fd:ec:ba:9e:8d:cb:d2:fe:c1:
f7:3c:d0:26:95:ad:fd:28:23:d2:b4:ff:4c:8e:7b:
6b:79:af:09:85:31:eb:78:79:2d:41:16:31:05:9a:
83:a3:a5:cb:9c:27:5f:a7:e2:bf:58:f1:58:f0:21:
a6:ab:4b:6d:fa:53:91:88:d2:11:83:70:07:89:73:
a2:44:79:7c:19:23:8c:97:a2:e4:3d:93:c9:db:94:
83:93:68:39:80:bc:4e:65:95:3a:4d:ce:dd:27:06:
17:df:f4:60:a0:8b:7a:e6:26:18:7f:8a:7f:ff:23:
b1:75:25:be:d1:b2:9c:ec:6f:69:73:8b:f1:3e:87:
91:13:7d:df:84:90:d3:23:21:6a:c7:1e:5b:bb:1d:
7a:46:46:50:e4:ee:d8:63:c3:62:67:6f:f3:34:3e:
ef:22:b0:4e:c7:fe:80:18:f0:b9:b3:fd:79:1d:ce:
2b:46:4a:36:e9:23:78:39:13:17:e6:8c:54:c0:93:
b8:a2:23:36:b4:2c:90:0a:8d:a6:99:01:f7:38:6d:
6a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E9:7A:40:34:91:D7:40:96:4A:B9:44:D8:15:4D:D7:47:98:3D:6C
X509v3 Authority Key Identifier:
keyid:56:64:1D:16:20:79:EF:D3:C5:60:A5:DE:9E:92:26:B2:F2:F0:B0:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmQdFiB579PFYKXenpImsvLwsJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/n-l6QDSR10CWSrlE2BVN10eYPWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/VmQdFiB579PFYKXenpImsvLwsJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.157.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:14:3b:e8:45:b2:1f:eb:cd:59:69:3c:7a:3b:54:4b:7c:34:
8f:87:2d:23:58:2f:4b:31:f7:9c:41:5f:7f:cd:08:b6:e2:a3:
4f:89:83:48:ce:71:d5:f8:61:ab:81:15:b1:bf:ed:d4:f4:7a:
88:5a:b3:5d:13:0b:65:11:7c:52:4a:00:22:07:55:21:9e:2f:
60:a6:72:63:b0:5a:b0:88:f4:8d:16:32:46:24:99:4c:ca:1d:
4d:80:f6:c1:20:ab:13:20:3d:05:7f:2b:35:ad:94:48:45:fc:
4f:bd:ef:cf:24:14:2b:39:75:a0:10:4d:fc:5d:d9:00:7b:86:
68:da:23:7c:f5:60:5d:4d:8c:c5:cd:37:6e:97:1b:63:f7:32:
58:eb:a8:87:e3:4d:b0:85:2e:2a:dd:60:49:97:3b:c2:57:7b:
f1:c9:78:54:a9:0e:45:59:dc:a7:bf:cf:4f:84:ab:d2:ac:8c:
02:9c:50:1e:e8:35:7f:3f:8f:dd:ee:48:ba:5c:8e:14:b7:cf:
fb:00:c9:0b:cf:1c:79:23:2f:c7:1c:c0:1a:23:7a:cb:a4:54:
70:08:1f:7b:39:74:5e:09:6c:8f:1a:60:4b:49:34:a0:01:eb:
c8:2a:9d:39:1b:ea:01:d6:c1:0b:58:62:df:5c:42:91:2e:5d:
e4:e4:3b:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmHDIvSPKV67mMC6/2FWAQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NjQxZDE2MjA3OWVmZDNjNTYwYTVkZTllOTIyNmIyZjJm
MGIwOTcwHhcNMjMwNzI0MDgzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmU5N2E0MDM0OTFkNzQwOTY0YWI5NDRkODE1NGRkNzQ3OTgzZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP77DIgli44x9Y0+h6iHXyWNMbJ3
n1gl0EgqnC73YPzz43R5vqHE29IXKG00fLj6vEv97LqejcvS/sH3PNAmla39KCPS
tP9Mjntrea8JhTHreHktQRYxBZqDo6XLnCdfp+K/WPFY8CGmq0tt+lORiNIRg3AH
iXOiRHl8GSOMl6LkPZPJ25SDk2g5gLxOZZU6Tc7dJwYX3/RgoIt65iYYf4p//yOx
dSW+0bKc7G9pc4vxPoeRE33fhJDTIyFqxx5bux16RkZQ5O7YY8NiZ2/zND7vIrBO
x/6AGPC5s/15Hc4rRko26SN4ORMX5oxUwJO4oiM2tCyQCo2mmQH3OG1qbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/pekA0kddAlkq5RNgVTddHmD1sMB8GA1UdIwQY
MBaAFFZkHRYgee/TxWCl3p6SJrLy8LCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1RZEZpQjU3OVBGWUtYZW5wSW1zdkx3c0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZTQ0YjctYmFmZi00NWYzLWE0ZTkt
MTdmODgxZjc3MWNiLzEvbi1sNlFEU1IxMENXU3JsRTJCVk4xMGVZUFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZTQ0YjctYmFmZi00NWYzLWE0ZTktMTdmODgxZjc3MWNi
LzEvVm1RZEZpQjU3OVBGWUtYZW5wSW1zdkx3c0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNadMA0G
CSqGSIb3DQEBCwUAA4IBAQCmFDvoRbIf681ZaTx6O1RLfDSPhy0jWC9LMfecQV9/
zQi24qNPiYNIznHV+GGrgRWxv+3U9HqIWrNdEwtlEXxSSgAiB1Uhni9gpnJjsFqw
iPSNFjJGJJlMyh1NgPbBIKsTID0Ffys1rZRIRfxPve/PJBQrOXWgEE38XdkAe4Zo
2iN89WBdTYzFzTdulxtj9zJY66iH402whS4q3WBJlzvCV3vxyXhUqQ5FWdynv89P
hKvSrIwCnFAe6DV/P4/d7ki6XI4Ut8/7AMkLzxx5Iy/HHMAaI3rLpFRwCB97OXRe
CWyPGmBLSTSgAevIKp05G+oB1sELWGLfXEKRLl3k5DuH
-----END CERTIFICATE-----
Generated at Wed Aug 2 12:40:08 2023 by rpki-client on console-fra.rpki-client.org