Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/0boIRWLZAzeiuYxu2-H_V6ZjpyA.roa
File: 0boIRWLZAzeiuYxu2-H_V6ZjpyA.roa (raw, json)
Hash identifier: KhKMCHmmYJ1SRsMtngtVsDzoMP/CvJd/g6icJBOQT3k=
Subject key identifier: D1:BA:08:45:62:D9:03:37:A2:B9:8C:6E:DB:E1:FF:57:A6:63:A7:20
Certificate issuer: /CN=2cefde30b8a58b322a431f0829ed4ff33b5aac18
Certificate serial: 018CCA29F136634094E6F77CFF5F7613BADF
Authority key identifier: 2C:EF:DE:30:B8:A5:8B:32:2A:43:1F:08:29:ED:4F:F3:3B:5A:AC:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LO_eMLilizIqQx8IKe1P8ztarBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/0boIRWLZAzeiuYxu2-H_V6ZjpyA.roa
Signing time: Tue 02 Jan 2024 12:33:15 +0000
ROA not before: Tue 02 Jan 2024 12:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207856
IP address blocks: 194.28.45.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f1:36:63:40:94:e6:f7:7c:ff:5f:76:13:ba:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cefde30b8a58b322a431f0829ed4ff33b5aac18
Validity
Not Before: Jan 2 12:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1ba084562d90337a2b98c6edbe1ff57a663a720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:03:7f:bd:88:3e:42:5f:8d:f8:c7:69:63:d0:
89:fc:c4:63:65:99:e0:e5:f4:ed:e1:69:f3:94:7f:
b1:af:4c:b5:43:6e:8a:e6:27:13:a6:13:cd:50:1d:
13:ad:2e:e2:48:9c:10:75:89:6b:b7:d8:40:79:e9:
4d:d5:46:32:de:7b:af:7c:78:b8:49:c2:37:4a:b0:
6d:95:9a:0a:94:a6:12:fb:ea:70:6d:d6:9c:30:ac:
f6:7c:81:97:fe:3a:ed:f7:04:58:1d:23:b2:90:6c:
01:bb:08:22:56:e6:2e:0a:8f:71:3b:a9:00:b1:67:
7b:3d:1c:65:b2:69:c0:74:fd:18:24:8f:b6:29:7f:
5f:b6:cc:65:09:d7:71:f4:ae:bc:62:04:c4:0d:61:
1a:6e:1c:15:84:a1:b2:8b:19:0c:e2:42:5b:4d:84:
2c:ae:c4:a4:b8:49:90:b1:e9:07:e1:8b:f4:1e:e4:
f5:cc:6a:e0:cb:bf:7a:c8:0a:46:fc:a6:f6:12:a6:
0a:fd:53:c8:db:0e:ce:38:a4:09:da:ac:41:1f:7b:
43:77:b5:9e:f4:b7:76:6e:74:56:e0:45:21:89:04:
30:8a:89:17:ff:36:6c:8c:ac:a6:a9:7d:cc:9b:7a:
0a:7f:4c:db:e2:16:0e:8f:ff:49:40:26:d7:0d:3f:
73:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BA:08:45:62:D9:03:37:A2:B9:8C:6E:DB:E1:FF:57:A6:63:A7:20
X509v3 Authority Key Identifier:
keyid:2C:EF:DE:30:B8:A5:8B:32:2A:43:1F:08:29:ED:4F:F3:3B:5A:AC:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LO_eMLilizIqQx8IKe1P8ztarBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/0boIRWLZAzeiuYxu2-H_V6ZjpyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/LO_eMLilizIqQx8IKe1P8ztarBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.45.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:78:3b:89:91:44:61:98:f4:a1:64:1e:79:91:9e:67:6c:de:
d4:99:2f:c9:5e:cf:09:6b:3d:9f:95:92:50:3c:b9:02:1c:59:
ca:df:08:46:33:3a:51:e7:6f:5b:d9:c6:c3:f3:5f:af:de:e1:
f0:26:79:84:de:bd:bb:53:a1:d7:20:be:5e:c6:ae:0e:b9:86:
97:88:00:49:13:ff:bf:ef:cf:a5:16:68:f7:fe:d9:46:15:06:
d3:01:83:87:8e:04:92:c0:27:fb:2e:0c:3c:94:8c:50:3a:2e:
2f:9f:ab:cc:97:8e:b1:c5:80:48:37:2b:89:a1:98:22:b5:3e:
b0:b9:9c:ef:d8:7f:4b:45:f1:99:3c:a5:a2:bd:5a:5c:30:48:
76:6c:e5:fb:7f:ff:f4:aa:a4:6a:7a:17:15:30:00:c6:32:e0:
af:d5:11:41:42:11:0e:13:3a:00:00:34:58:82:88:3c:ba:c5:
9f:22:f8:31:a6:14:11:1b:58:13:ae:6f:4f:c2:6e:d9:7c:4c:
42:a0:01:48:9e:15:4b:0c:3b:b7:61:e3:4d:3e:16:53:5e:5b:
2d:41:d3:97:3b:a8:17:05:57:87:02:e0:db:02:9f:69:57:65:
46:a2:a7:f1:e0:cd:1c:b6:23:d0:12:17:13:03:6a:d9:c6:c3:
f9:71:22:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKfE2Y0CU5vd8/192E7rfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWZkZTMwYjhhNThiMzIyYTQzMWYwODI5ZWQ0ZmYzM2I1
YWFjMTgwHhcNMjQwMTAyMTIzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWJhMDg0NTYyZDkwMzM3YTJiOThjNmVkYmUxZmY1N2E2NjNhNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgN/vYg+Ql+N+MdpY9CJ/MRjZZng
5fTt4WnzlH+xr0y1Q26K5icTphPNUB0TrS7iSJwQdYlrt9hAeelN1UYy3nuvfHi4
ScI3SrBtlZoKlKYS++pwbdacMKz2fIGX/jrt9wRYHSOykGwBuwgiVuYuCo9xO6kA
sWd7PRxlsmnAdP0YJI+2KX9ftsxlCddx9K68YgTEDWEabhwVhKGyixkM4kJbTYQs
rsSkuEmQsekH4Yv0HuT1zGrgy796yApG/Kb2EqYK/VPI2w7OOKQJ2qxBH3tDd7We
9Ld2bnRW4EUhiQQwiokX/zZsjKymqX3Mm3oKf0zb4hYOj/9JQCbXDT9zpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNG6CEVi2QM3ormMbtvh/1emY6cgMB8GA1UdIwQY
MBaAFCzv3jC4pYsyKkMfCCntT/M7WqwYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9fZU1MaWxpeklxUXg4SUtlMVA4enRhckJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zM2EwZjktMTE3OC00YTZkLWI5NjQt
ZmY3NjVmODUzMWQ1LzEvMGJvSVJXTFpBemVpdVl4dTItSF9WNlpqcHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zM2EwZjktMTE3OC00YTZkLWI5NjQtZmY3NjVmODUzMWQ1
LzEvTE9fZU1MaWxpeklxUXg4SUtlMVA4enRhckJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhwtMA0G
CSqGSIb3DQEBCwUAA4IBAQCceDuJkURhmPShZB55kZ5nbN7UmS/JXs8Jaz2flZJQ
PLkCHFnK3whGMzpR529b2cbD81+v3uHwJnmE3r27U6HXIL5exq4OuYaXiABJE/+/
78+lFmj3/tlGFQbTAYOHjgSSwCf7Lgw8lIxQOi4vn6vMl46xxYBINyuJoZgitT6w
uZzv2H9LRfGZPKWivVpcMEh2bOX7f//0qqRqehcVMADGMuCv1RFBQhEOEzoAADRY
gog8usWfIvgxphQRG1gTrm9Pwm7ZfExCoAFInhVLDDu3YeNNPhZTXlstQdOXO6gX
BVeHAuDbAp9pV2VGoqfx4M0ctiPQEhcTA2rZxsP5cSIH
-----END CERTIFICATE-----
Generated at Wed Jul 3 14:35:16 2024 by rpki-client on console-ams.rpki-client.org