Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/nlOihjIi5fJTuRDBrpkRze6T6sg.roa
File: nlOihjIi5fJTuRDBrpkRze6T6sg.roa (raw, json)
Hash identifier: GJs0WDcZ5K+t5pVsp/UTiIaiRJ62xkOsMNtruUfsSyA=
Subject key identifier: 9E:53:A2:86:32:22:E5:F2:53:B9:10:C1:AE:99:11:CD:EE:93:EA:C8
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018E3243C3C3B4E3D96324458A0BCA0AE8F3
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/nlOihjIi5fJTuRDBrpkRze6T6sg.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204957
IP address blocks: 193.8.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c3:c3:b4:e3:d9:63:24:45:8a:0b:ca:0a:e8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e53a2863222e5f253b910c1ae9911cdee93eac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:85:e9:08:83:b0:af:37:a7:62:55:06:34:
b5:3e:f6:5d:d2:f8:ac:5a:90:8e:33:31:70:94:9f:
99:b9:db:df:c8:67:7f:1f:4d:66:98:9a:e8:37:f2:
97:87:c1:62:8b:70:c6:87:b1:52:7c:b2:8f:d9:d2:
a2:b2:c4:9f:97:e7:49:83:d3:ab:3e:b5:83:38:4e:
e5:7f:f7:23:bb:86:e1:07:e9:9e:fb:65:3c:a4:3a:
25:25:3f:30:bf:ac:0a:de:fd:b6:a1:86:41:44:46:
0e:bb:9b:d8:41:d8:38:70:92:8b:60:19:da:1e:af:
78:77:c8:d7:dd:19:ee:ee:66:de:d4:30:be:ba:18:
df:92:e4:e2:a0:2a:3a:75:2c:77:43:2d:d2:bd:22:
eb:6c:c8:26:c1:b3:eb:19:69:bd:79:e4:b4:91:1c:
0c:35:8f:b4:39:5a:6f:b7:17:6f:a9:5c:92:3a:7f:
7c:6e:24:1b:34:71:3a:c7:63:43:d6:0f:a5:40:1f:
b2:75:8e:95:55:db:e9:a9:a4:fe:c5:eb:91:95:08:
94:0f:22:99:90:26:27:60:8d:1e:51:43:e1:9d:e8:
ad:64:b2:0f:2f:22:96:78:90:9c:d4:60:0b:f5:89:
77:6a:94:4e:60:99:b4:86:e6:ce:30:b5:0b:ff:ce:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:53:A2:86:32:22:E5:F2:53:B9:10:C1:AE:99:11:CD:EE:93:EA:C8
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/nlOihjIi5fJTuRDBrpkRze6T6sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.75.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:90:ca:a8:c6:52:54:85:45:8e:64:98:6f:b0:08:d2:bd:90:
f0:f7:5d:c8:fe:3a:ff:59:bf:42:c8:87:e6:7b:db:8b:14:95:
95:9b:fd:60:69:6e:7e:cc:bc:10:0a:ac:97:91:fc:aa:fc:56:
0d:84:35:95:17:66:92:dd:81:4e:cb:53:c8:c3:fc:2b:d6:7b:
2a:5c:c3:ad:fd:cb:fa:92:3e:44:18:54:2f:43:42:a7:f0:dd:
84:4d:ef:1b:f4:06:9d:73:61:1f:64:b0:ca:b3:52:de:86:47:
2a:fc:7b:a2:d5:9c:b8:d4:98:f2:5b:9d:9e:8f:86:37:39:5f:
74:e8:5d:98:f1:66:78:cf:e9:7d:c9:ef:61:7e:f8:56:72:8a:
b7:84:2f:6b:35:4f:a4:16:3c:ef:a4:6c:5f:e0:81:88:64:ca:
6d:ca:81:8a:e3:1a:9a:09:4a:b7:5e:b2:84:6e:a9:7b:7e:69:
d2:69:36:e5:72:ef:c2:02:5e:72:f0:fb:06:32:55:35:86:da:
88:ca:1b:44:0b:62:a6:38:2f:14:b7:46:1e:44:82:e5:4a:78:
5f:f1:b8:fc:2b:dc:da:05:74:c1:e0:f2:50:6d:c8:18:74:9f:
6a:26:ce:26:1c:f4:4b:b8:8c:83:49:93:02:28:65:58:b3:ba:
ac:f2:8a:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8PDtOPZYyRFigvKCujzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTUzYTI4NjMyMjJlNWYyNTNiOTEwYzFhZTk5MTFjZGVlOTNlYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZiF6QiDsK83p2JVBjS1PvZd0vis
WpCOMzFwlJ+ZudvfyGd/H01mmJroN/KXh8Fii3DGh7FSfLKP2dKissSfl+dJg9Or
PrWDOE7lf/cju4bhB+me+2U8pDolJT8wv6wK3v22oYZBREYOu5vYQdg4cJKLYBna
Hq94d8jX3Rnu7mbe1DC+uhjfkuTioCo6dSx3Qy3SvSLrbMgmwbPrGWm9eeS0kRwM
NY+0OVpvtxdvqVySOn98biQbNHE6x2ND1g+lQB+ydY6VVdvpqaT+xeuRlQiUDyKZ
kCYnYI0eUUPhneitZLIPLyKWeJCc1GAL9Yl3apROYJm0hubOMLUL/87AxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5TooYyIuXyU7kQwa6ZEc3uk+rIMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvbmxPaWhqSWk1ZkpUdVJEQnJwa1J6ZTZUNnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQhLMA0G
CSqGSIb3DQEBCwUAA4IBAQDTkMqoxlJUhUWOZJhvsAjSvZDw913I/jr/Wb9CyIfm
e9uLFJWVm/1gaW5+zLwQCqyXkfyq/FYNhDWVF2aS3YFOy1PIw/wr1nsqXMOt/cv6
kj5EGFQvQ0Kn8N2ETe8b9Aadc2EfZLDKs1Lehkcq/Hui1Zy41JjyW52ej4Y3OV90
6F2Y8WZ4z+l9ye9hfvhWcoq3hC9rNU+kFjzvpGxf4IGIZMptyoGK4xqaCUq3XrKE
bql7fmnSaTblcu/CAl5y8PsGMlU1htqIyhtEC2KmOC8Ut0YeRILlSnhf8bj8K9za
BXTB4PJQbcgYdJ9qJs4mHPRLuIyDSZMCKGVYs7qs8oru
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org