Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/PpCVg2F7rO-GprK_VNloJwfrRJI.roa
File: PpCVg2F7rO-GprK_VNloJwfrRJI.roa (raw, json)
Hash identifier: pYDJk0oiW8q4FX7KtHPgRfeehRSDC6q3pV4NiQvYf4c=
Subject key identifier: 3E:90:95:83:61:7B:AC:EF:86:A6:B2:BF:54:D9:68:27:07:EB:44:92
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018F7C4E425D085198D51AD2119F564B3A7F
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/PpCVg2F7rO-GprK_VNloJwfrRJI.roa
Signing time: Wed 15 May 2024 12:50:54 +0000
ROA not before: Wed 15 May 2024 12:50:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 88.151.112.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7c:4e:42:5d:08:51:98:d5:1a:d2:11:9f:56:4b:3a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: May 15 12:50:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e909583617bacef86a6b2bf54d9682707eb4492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d2:5b:02:79:18:1d:af:0d:af:23:d4:34:64:
b2:29:f4:ad:35:4a:6b:0a:af:2a:74:2f:00:87:f8:
cf:b0:bc:b2:1c:3f:61:df:4f:0e:96:d6:64:1e:13:
54:45:65:db:98:d2:1e:5d:06:db:d0:cc:6e:ae:79:
07:61:d7:e2:be:11:b5:23:12:5d:68:85:f3:4f:a9:
a8:5d:7e:0f:ca:0a:9b:0f:c2:30:72:b2:98:b4:ef:
f4:76:b3:d5:f9:ff:c3:1d:ee:06:04:90:dc:16:a6:
75:23:89:df:2b:5e:de:0b:b8:5d:14:b2:8e:e1:11:
30:9c:c4:75:71:8b:43:72:02:00:a9:53:4c:32:a8:
9b:56:bc:2d:c0:e8:d5:d7:e4:eb:0d:cb:38:2e:9b:
e7:c9:4d:6a:e4:1c:2a:22:44:22:57:9c:b5:96:a6:
fb:d1:1c:6d:38:63:0e:5c:40:ab:54:fe:8d:b4:8c:
b0:c2:90:7b:73:ed:7c:05:ef:ff:81:6d:2c:57:55:
96:b3:33:97:ce:15:3f:f3:eb:c5:66:b4:4e:97:e0:
49:96:7a:51:2a:45:e5:cb:10:2d:ea:f2:ad:46:20:
61:b2:4f:f1:01:03:f4:7f:28:25:4a:19:be:36:bb:
f8:8d:c4:f5:63:06:c5:12:ea:7c:d7:b9:68:32:23:
b2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:90:95:83:61:7B:AC:EF:86:A6:B2:BF:54:D9:68:27:07:EB:44:92
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/PpCVg2F7rO-GprK_VNloJwfrRJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.112.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e9:a7:fd:73:2e:b0:ee:af:b4:3a:6a:f8:c6:ec:76:5e:73:
4b:db:00:9a:88:36:46:97:b3:2c:4a:26:30:00:75:60:90:08:
9f:89:ae:d3:14:63:93:3c:f2:dc:82:06:d2:81:5c:27:c6:58:
b6:ef:7a:9e:c7:06:66:e7:09:37:31:a7:c4:d3:bc:02:5b:b4:
4c:1f:8d:96:f1:ac:7c:26:e8:53:3d:ab:ca:83:22:ab:a8:d5:
f8:ed:06:44:0b:56:6c:a0:0d:b2:ef:b2:76:d2:3c:5a:92:26:
5e:f5:e4:86:90:58:a9:a7:0f:92:6f:d5:c2:84:33:fd:d2:b6:
8a:7d:00:af:4b:e5:cf:a8:24:f4:ce:d3:c5:27:8e:93:34:66:
a0:27:94:64:9d:19:2d:8c:56:48:f9:b4:65:a4:68:e7:7e:29:
bf:a3:14:a7:49:ab:6c:83:72:91:12:30:62:00:2c:0c:e9:d0:
62:ab:03:15:83:ef:3c:c8:32:44:18:3c:bf:0e:af:83:7e:38:
30:bf:57:e1:4b:f8:80:8a:3f:07:3f:73:d7:45:f0:e2:21:f2:
77:36:21:01:82:7d:fd:b4:a7:9a:08:e5:1e:71:de:2d:25:cf:
4d:2c:7e:69:c5:83:01:f8:63:99:4a:08:75:f4:cb:f6:56:dc:
60:7b:73:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY98TkJdCFGY1RrSEZ9WSzp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwNTE1MTI1MDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTkwOTU4MzYxN2JhY2VmODZhNmIyYmY1NGQ5NjgyNzA3ZWI0NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9JbAnkYHa8NryPUNGSyKfStNUpr
Cq8qdC8Ah/jPsLyyHD9h308OltZkHhNURWXbmNIeXQbb0MxurnkHYdfivhG1IxJd
aIXzT6moXX4PygqbD8IwcrKYtO/0drPV+f/DHe4GBJDcFqZ1I4nfK17eC7hdFLKO
4REwnMR1cYtDcgIAqVNMMqibVrwtwOjV1+TrDcs4LpvnyU1q5BwqIkQiV5y1lqb7
0RxtOGMOXECrVP6NtIywwpB7c+18Be//gW0sV1WWszOXzhU/8+vFZrROl+BJlnpR
KkXlyxAt6vKtRiBhsk/xAQP0fyglShm+Nrv4jcT1YwbFEup817loMiOyEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6QlYNhe6zvhqayv1TZaCcH60SSMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvUHBDVmcyRjdyTy1HcHJLX1ZObG9Kd2ZyUkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJdwMA0G
CSqGSIb3DQEBCwUAA4IBAQBV6af9cy6w7q+0Omr4xux2XnNL2wCaiDZGl7MsSiYw
AHVgkAifia7TFGOTPPLcggbSgVwnxli273qexwZm5wk3MafE07wCW7RMH42W8ax8
JuhTPavKgyKrqNX47QZEC1ZsoA2y77J20jxakiZe9eSGkFippw+Sb9XChDP90raK
fQCvS+XPqCT0ztPFJ46TNGagJ5RknRktjFZI+bRlpGjnfim/oxSnSatsg3KREjBi
ACwM6dBiqwMVg+88yDJEGDy/Dq+Dfjgwv1fhS/iAij8HP3PXRfDiIfJ3NiEBgn39
tKeaCOUecd4tJc9NLH5pxYMB+GOZSgh19Mv2Vtxge3Nx
-----END CERTIFICATE-----
Generated at Thu Aug 8 12:52:50 2024 by rpki-client on console-ams.rpki-client.org