Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/wgbyBmH_-_dSuXJeJuaE0jHj258.roa
File: wgbyBmH_-_dSuXJeJuaE0jHj258.roa (raw, json)
Hash identifier: r7k1tgsCMeME+bh/MEt+RJ19Hd+n2NxoYKqjGHSpyh8=
Subject key identifier: C2:06:F2:06:61:FF:FB:F7:52:B9:72:5E:26:E6:84:D2:31:E3:DB:9F
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018B27E8E43BB714C31461B0BF452E0240BD
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/wgbyBmH_-_dSuXJeJuaE0jHj258.roa
Signing time: Fri 13 Oct 2023 07:20:55 +0000
ROA not before: Fri 13 Oct 2023 07:20:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 195.242.243.0/24 maxlen: 24
185.81.183.0/24 maxlen: 24
93.114.62.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:e8:e4:3b:b7:14:c3:14:61:b0:bf:45:2e:02:40:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Oct 13 07:20:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c206f20661fffbf752b9725e26e684d231e3db9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:bb:03:21:81:83:85:d9:8d:da:1e:c4:d7:b6:
ce:dd:41:d8:94:3d:7f:11:f7:20:c0:c3:a7:2d:8c:
f0:32:00:ab:a1:04:22:01:68:dd:58:e9:d7:6f:98:
d8:cc:4e:a2:da:68:dc:d3:14:e7:f2:24:67:06:de:
5e:1e:1a:6c:97:ef:c5:77:0a:5f:67:a0:3a:f5:b0:
5a:b0:93:c0:03:f4:69:76:cc:19:0b:dd:d9:f0:4b:
85:4c:c1:ea:40:85:5b:41:de:ee:52:96:94:c7:55:
0c:f8:9a:08:9b:e3:62:5e:a5:a4:87:80:e0:ef:eb:
0f:10:74:8b:8c:99:6c:00:b3:a5:2d:da:92:e3:1c:
b8:28:44:53:48:dd:fa:bb:08:04:ab:bd:42:1a:1c:
e8:93:ec:49:6b:ed:40:1d:3d:97:7e:e6:f9:60:a8:
5d:e1:57:fb:3f:86:48:57:cd:a1:06:c8:e7:23:05:
e5:af:a8:9a:4b:56:2d:36:2a:e8:9f:14:4f:69:ef:
1b:8b:d2:0c:da:3b:dd:b5:c6:15:59:23:fb:d3:70:
44:48:15:cb:c3:e8:7d:11:52:52:76:51:6e:70:8b:
12:da:bc:33:bb:90:3c:0e:52:f5:28:19:17:34:55:
52:b0:63:83:9e:d6:af:7e:e1:52:fa:db:16:46:9d:
b9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:06:F2:06:61:FF:FB:F7:52:B9:72:5E:26:E6:84:D2:31:E3:DB:9F
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/wgbyBmH_-_dSuXJeJuaE0jHj258.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.62.0/24
185.81.183.0/24
195.242.243.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:ab:a5:42:79:4a:31:fb:a3:24:35:1c:90:5c:38:fc:25:62:
9e:e3:b7:a8:da:f6:6d:2e:55:57:6c:24:1a:41:49:82:cc:45:
5c:bf:f8:09:6d:89:84:03:f9:50:f9:b1:64:84:01:12:b9:9c:
e8:92:18:4a:83:a0:ad:29:49:4f:74:c7:f7:8b:f8:61:77:e5:
01:20:1c:7b:d3:d4:a3:9a:78:cd:21:0a:b0:5d:f2:33:b0:1e:
fb:8e:a6:cf:d9:7c:3a:9f:5a:18:95:5f:53:0c:da:2d:ff:17:
a4:c1:47:46:4b:37:12:7e:3a:92:9c:ae:58:7d:1e:2d:ef:eb:
87:35:76:fd:52:f6:41:9b:7d:36:a7:83:1b:40:fe:2d:e7:7f:
ac:54:2c:9b:5e:55:1a:a8:fc:33:70:20:ce:2b:59:92:5f:5f:
5e:c5:e4:de:3a:02:63:6d:73:2b:7e:e8:0a:b7:e9:d8:ab:ee:
5c:89:13:5b:25:24:dc:22:e2:44:ff:36:3a:c8:b5:ac:29:6c:
b1:90:c3:2c:a2:09:9b:9c:61:4c:9e:3b:03:fa:72:79:59:05:
d2:aa:79:89:f0:3c:14:c3:0b:93:b9:3c:b6:30:8b:10:6c:25:
24:77:b3:f7:21:89:a5:96:80:2f:5b:f0:e2:8d:62:c1:9f:64:
d6:1c:14:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsn6OQ7txTDFGGwv0UuAkC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMDEzMDcyMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjA2ZjIwNjYxZmZmYmY3NTJiOTcyNWUyNmU2ODRkMjMxZTNkYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rsDIYGDhdmN2h7E17bO3UHYlD1/
EfcgwMOnLYzwMgCroQQiAWjdWOnXb5jYzE6i2mjc0xTn8iRnBt5eHhpsl+/Fdwpf
Z6A69bBasJPAA/RpdswZC93Z8EuFTMHqQIVbQd7uUpaUx1UM+JoIm+NiXqWkh4Dg
7+sPEHSLjJlsALOlLdqS4xy4KERTSN36uwgEq71CGhzok+xJa+1AHT2Xfub5YKhd
4Vf7P4ZIV82hBsjnIwXlr6iaS1YtNironxRPae8bi9IM2jvdtcYVWSP703BESBXL
w+h9EVJSdlFucIsS2rwzu5A8DlL1KBkXNFVSsGODntavfuFS+tsWRp25KwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMIG8gZh//v3UrlyXibmhNIx49ufMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvd2dieUJtSF8tX2RTdVhKZUp1YUUwakhqMjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXI+AwQA
uVG3AwQAw/LzMA0GCSqGSIb3DQEBCwUAA4IBAQCeq6VCeUox+6MkNRyQXDj8JWKe
47eo2vZtLlVXbCQaQUmCzEVcv/gJbYmEA/lQ+bFkhAESuZzokhhKg6CtKUlPdMf3
i/hhd+UBIBx709SjmnjNIQqwXfIzsB77jqbP2Xw6n1oYlV9TDNot/xekwUdGSzcS
fjqSnK5YfR4t7+uHNXb9UvZBm302p4MbQP4t53+sVCybXlUaqPwzcCDOK1mSX19e
xeTeOgJjbXMrfugKt+nYq+5ciRNbJSTcIuJE/zY6yLWsKWyxkMMsogmbnGFMnjsD
+nJ5WQXSqnmJ8DwUwwuTuTy2MIsQbCUkd7P3IYmlloAvW/DijWLBn2TWHBSX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:32 2025 by rpki-client