Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/_Pz4EIRJuEUQ-0pY3K1OO4-M9SA.roa
File: _Pz4EIRJuEUQ-0pY3K1OO4-M9SA.roa (raw, json)
Hash identifier: dDfwjqGC2uQPUVbv/cYYJT4HL6dWL2EX8RFvU4iwqpk=
Subject key identifier: FC:FC:F8:10:84:49:B8:45:10:FB:4A:58:DC:AD:4E:3B:8F:8C:F5:20
Certificate issuer: /CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Certificate serial: 0186A3909EDF39D7281C992B0F841E4107DC
Authority key identifier: 8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/_Pz4EIRJuEUQ-0pY3K1OO4-M9SA.roa
Signing time: Thu 02 Mar 2023 18:23:29 +0000
ROA not before: Thu 02 Mar 2023 18:23:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 194.0.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:90:9e:df:39:d7:28:1c:99:2b:0f:84:1e:41:07:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Validity
Not Before: Mar 2 18:23:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcfcf8108449b84510fb4a58dcad4e3b8f8cf520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c9:3e:64:3a:0b:79:0f:22:6c:7a:c8:83:66:
6d:f7:7c:42:31:0b:46:77:11:55:d6:63:4c:91:3c:
ab:95:d7:f3:a5:1f:da:94:ef:18:24:19:04:1a:d6:
05:af:8c:d3:61:c8:b4:a9:36:a4:47:03:b6:68:9e:
05:36:e9:dd:2d:dc:11:0b:f7:78:84:9d:ec:fe:c7:
83:05:1a:6e:5f:e8:86:b7:4f:bb:50:48:de:e8:1c:
14:d1:63:f6:c2:6a:e5:1d:7a:2e:54:1f:9a:96:60:
bf:5f:a5:a9:4f:c4:90:f9:c0:1e:33:a2:be:b7:c1:
95:52:85:c5:ce:a6:79:5f:f4:46:2a:16:e1:82:3e:
c9:5e:9a:72:a8:41:49:64:7a:b9:28:ed:9f:8c:7a:
72:15:af:e7:76:3d:1a:4e:90:a8:dc:ea:af:73:f0:
d0:7b:4e:27:70:6f:e8:25:e0:60:3d:23:fb:4c:05:
d5:0d:51:da:1a:0b:52:69:8e:1b:a6:50:cc:7a:29:
99:aa:31:15:83:63:25:68:d7:84:5f:61:9c:0d:67:
92:84:b1:71:d5:55:b8:50:04:fc:0c:ec:d2:91:2c:
6b:3f:0c:e7:c1:ae:65:69:00:ed:3d:28:67:cf:5b:
f5:d5:02:1b:93:79:c5:de:c5:6f:f4:6d:77:bd:7b:
c8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:FC:F8:10:84:49:B8:45:10:FB:4A:58:DC:AD:4E:3B:8F:8C:F5:20
X509v3 Authority Key Identifier:
keyid:8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/_Pz4EIRJuEUQ-0pY3K1OO4-M9SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.207.0/24
Signature Algorithm: sha256WithRSAEncryption
92:4d:6c:fa:f7:62:35:7e:20:f5:12:92:c3:ff:65:31:51:f1:
fa:27:5a:bb:c1:a6:7e:d2:de:63:58:9a:76:b3:6c:38:90:9e:
3e:c7:48:0e:34:59:32:5f:9a:3a:44:04:0c:8a:34:e4:9a:d1:
96:31:2f:95:75:c1:f1:1e:ac:7b:55:ef:4c:ac:34:c0:b7:d4:
b4:08:f9:21:1c:37:3d:73:2b:e0:c1:ef:8f:04:a7:02:4f:07:
03:95:1e:61:62:fe:b8:44:59:af:ae:6d:6a:f4:bd:3c:bd:c5:
3a:3b:5a:8d:39:f9:bc:7f:c6:63:4d:67:e6:f1:ba:83:bb:bc:
c7:3e:e9:b7:95:38:20:ba:30:04:e4:45:02:d5:69:08:0c:a0:
0c:b8:dd:fc:d1:af:33:98:dc:d9:f0:75:35:e7:aa:e8:81:b6:
26:e4:3b:97:8d:cd:b3:da:61:7e:69:91:c9:52:32:3b:e5:e9:
89:7a:08:f9:b7:4a:da:d6:05:77:73:14:95:3e:58:99:05:15:
ac:99:90:7a:69:e1:30:56:8a:ae:7b:33:f1:3b:17:02:6d:49:
07:35:a7:3c:22:db:0d:c9:be:a9:94:d7:79:aa:b3:4d:10:70:
11:b6:4f:9f:08:35:96:85:7e:6c:31:a5:6e:bd:bf:08:e2:cc:
37:7a:22:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYajkJ7fOdcoHJkrD4QeQQfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjEzMDhjNmE5NzdkNWNiOTAzYmYyNWE5NjMwOGIwZThj
ZTNiNDYwHhcNMjMwMzAyMTgyMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2ZjZjgxMDg0NDliODQ1MTBmYjRhNThkY2FkNGUzYjhmOGNmNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Mk+ZDoLeQ8ibHrIg2Zt93xCMQtG
dxFV1mNMkTyrldfzpR/alO8YJBkEGtYFr4zTYci0qTakRwO2aJ4FNundLdwRC/d4
hJ3s/seDBRpuX+iGt0+7UEje6BwU0WP2wmrlHXouVB+almC/X6WpT8SQ+cAeM6K+
t8GVUoXFzqZ5X/RGKhbhgj7JXppyqEFJZHq5KO2fjHpyFa/ndj0aTpCo3Oqvc/DQ
e04ncG/oJeBgPSP7TAXVDVHaGgtSaY4bplDMeimZqjEVg2MlaNeEX2GcDWeShLFx
1VW4UAT8DOzSkSxrPwznwa5laQDtPShnz1v11QIbk3nF3sVv9G13vXvIUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPz8+BCESbhFEPtKWNytTjuPjPUgMB8GA1UdIwQY
MBaAFIuxMIxql31cuQO/JaljCLDozjtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMt
MTAxYWJkNzM5MWE2LzEvX1B6NEVJUkp1RVVRLTBwWTNLMU9PNC1NOVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMtMTAxYWJkNzM5MWE2
LzEvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDPMA0G
CSqGSIb3DQEBCwUAA4IBAQCSTWz692I1fiD1EpLD/2UxUfH6J1q7waZ+0t5jWJp2
s2w4kJ4+x0gONFkyX5o6RAQMijTkmtGWMS+VdcHxHqx7Ve9MrDTAt9S0CPkhHDc9
cyvgwe+PBKcCTwcDlR5hYv64RFmvrm1q9L08vcU6O1qNOfm8f8ZjTWfm8bqDu7zH
Pum3lTggujAE5EUC1WkIDKAMuN380a8zmNzZ8HU156rogbYm5DuXjc2z2mF+aZHJ
UjI75emJegj5t0ra1gV3cxSVPliZBRWsmZB6aeEwVoquezPxOxcCbUkHNac8ItsN
yb6plNd5qrNNEHARtk+fCDWWhX5sMaVuvb8I4sw3eiI/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:51 2024 by rpki-client on console-fra.rpki-client.org