Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/SU9OymUkJaIFYk2PKlGu5D4S2Wc.roa
File: SU9OymUkJaIFYk2PKlGu5D4S2Wc.roa (raw, json)
Hash identifier: m+6dr80HQRKIBn4Dro00yZYHf2jTNLl6gp+plrb9tIg=
Subject key identifier: 49:4F:4E:CA:65:24:25:A2:05:62:4D:8F:2A:51:AE:E4:3E:12:D9:67
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 04723155
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/SU9OymUkJaIFYk2PKlGu5D4S2Wc.roa
Signing time: Tue 31 May 2022 07:28:10 +0000
ROA not before: Tue 31 May 2022 07:28:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25116
IP address blocks: 188.215.64.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74592597 (0x4723155)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: May 31 07:28:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=494f4eca652425a205624d8f2a51aee43e12d967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d5:5a:43:3b:76:ed:b0:31:69:8e:50:1c:0c:
cc:9a:7a:6e:c3:6f:ad:14:b8:49:80:65:48:3a:86:
3d:f6:18:fa:28:14:82:ed:c1:3c:0e:c6:63:c8:bb:
d7:00:7e:d3:87:ad:32:58:ae:e2:fb:3a:51:aa:78:
7c:20:dd:b2:0c:ff:9c:6c:f7:fb:d3:14:35:e2:36:
2d:10:ca:c3:ea:e9:e0:31:1f:f9:b4:bc:fd:54:80:
31:ce:2a:57:62:23:14:c0:da:2c:d0:84:d3:03:1d:
a9:c2:69:e8:46:eb:0a:a3:32:12:e7:cf:82:41:ce:
f8:36:46:de:e6:fb:c0:4b:03:b9:ad:96:d2:ca:c6:
3a:49:d2:c1:f9:a6:10:0d:1e:79:12:68:8f:0d:2c:
f5:c6:4f:79:0e:9c:f1:38:f9:f7:dd:4a:42:1a:5b:
71:5a:90:d8:0a:da:d3:62:8f:63:04:72:99:4f:91:
8c:66:1f:22:61:0d:09:45:2e:0f:06:cb:7d:69:e4:
a6:72:39:e0:e2:d9:70:64:49:d4:fd:42:8f:2e:6f:
c8:ef:9c:f3:83:44:ba:dc:8f:99:bc:c2:51:a1:b4:
f3:71:2d:75:78:1b:8d:41:c5:73:ee:d8:4e:82:98:
81:ca:7e:7c:4b:7d:87:e3:02:ab:96:d3:72:45:13:
fc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4F:4E:CA:65:24:25:A2:05:62:4D:8F:2A:51:AE:E4:3E:12:D9:67
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/SU9OymUkJaIFYk2PKlGu5D4S2Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.215.64.0/24
Signature Algorithm: sha256WithRSAEncryption
51:a6:3b:5c:5b:d8:db:0d:4f:8a:e1:3a:43:a0:66:c4:32:75:
81:4a:c1:ff:97:69:55:7d:95:64:4a:f7:c5:15:b5:1d:e5:47:
c8:a1:15:66:dd:2e:62:49:da:69:c5:77:7a:b9:20:ef:f3:d2:
64:26:e3:9c:0d:6e:56:17:7e:08:cd:81:88:b3:5b:14:f9:e9:
40:43:e3:51:8e:9a:7a:73:b4:9f:ff:8f:be:0c:63:41:8d:27:
3d:8a:a1:60:74:bc:e3:70:2e:cc:48:4b:73:4b:38:e7:d0:b1:
33:68:a3:ce:89:b4:97:c7:b7:79:e8:d7:55:f1:31:0c:c2:0d:
44:e6:34:30:dd:3f:05:d7:01:2a:d6:9e:58:c6:75:dc:67:9f:
1d:34:e3:21:50:4f:5a:d7:1c:c8:38:c8:b1:f0:3c:0a:48:fb:
07:09:2d:44:c8:6b:ba:87:35:18:8c:df:f6:a4:8d:59:c1:43:
3c:ff:65:6a:27:90:56:2f:60:5b:98:56:20:40:03:41:5d:fb:
47:a7:2e:3c:3c:c7:1b:af:8d:e7:ea:72:63:c1:a7:1f:1c:57:
2b:73:9d:87:b1:c5:fd:ef:56:2a:59:d5:2f:c9:63:c4:4d:dc:
99:41:ea:09:3b:2c:71:3d:a6:1c:4d:3b:b9:3b:96:5c:f2:5d:
40:16:cd:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBHIxVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDhhZjQ4NWI0ZmQwZjAzNzE3Y2Q0YTcwOWVmMTFjNjFkM2VmNDZlMB4XDTIyMDUz
MTA3MjgxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk0ZjRlY2E2NTI0
MjVhMjA1NjI0ZDhmMmE1MWFlZTQzZTEyZDk2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPVWkM7du2wMWmOUBwMzJp6bsNvrRS4SYBlSDqGPfYY+igU
gu3BPA7GY8i71wB+04etMliu4vs6Uap4fCDdsgz/nGz3+9MUNeI2LRDKw+rp4DEf
+bS8/VSAMc4qV2IjFMDaLNCE0wMdqcJp6EbrCqMyEufPgkHO+DZG3ub7wEsDua2W
0srGOknSwfmmEA0eeRJojw0s9cZPeQ6c8Tj5991KQhpbcVqQ2Ara02KPYwRymU+R
jGYfImENCUUuDwbLfWnkpnI54OLZcGRJ1P1Cjy5vyO+c84NEutyPmbzCUaG083Et
dXgbjUHFc+7YToKYgcp+fEt9h+MCq5bTckUT/K8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRJT07KZSQlogViTY8qUa7kPhLZZzAfBgNVHSMEGDAWgBRAivSFtP0PA3F8
1KcJ7xHGHT70bjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJcjBoYlQ5RHdOeGZOU25DZThSeGgwLTlHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZTExNzFjLTUyNzAtNDljZC05Mzc5LWI5NWIwOGEyM2FlMS8x
L1NVOU95bVVrSmFJRllrMlBLbEd1NUQ0UzJXYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZTExNzFjLTUyNzAtNDljZC05Mzc5LWI5NWIwOGEyM2FlMS8xL1FJcjBoYlQ5RHdO
eGZOU25DZThSeGgwLTlHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALzXQDANBgkqhkiG9w0BAQsFAAOC
AQEAUaY7XFvY2w1PiuE6Q6BmxDJ1gUrB/5dpVX2VZEr3xRW1HeVHyKEVZt0uYkna
acV3erkg7/PSZCbjnA1uVhd+CM2BiLNbFPnpQEPjUY6aenO0n/+PvgxjQY0nPYqh
YHS843AuzEhLc0s459CxM2ijzom0l8e3eejXVfExDMINROY0MN0/BdcBKtaeWMZ1
3GefHTTjIVBPWtccyDjIsfA8Ckj7BwktRMhruoc1GIzf9qSNWcFDPP9laieQVi9g
W5hWIEADQV37R6cuPDzHG6+N5+pyY8GnHxxXK3Odh7HF/e9WKlnVL8ljxE3cmUHq
CTsscT2mHE07uTuWXPJdQBbNiA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-fra.rpki-client.org