Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/4P7jt43L4J8zd1a1sIOgdMJxe5w.roa
File: 4P7jt43L4J8zd1a1sIOgdMJxe5w.roa (raw, json)
Hash identifier: zn98l+UaNcGOZPlyY7ODTJq3fjJJanT+/ush5nZvrbk=
Subject key identifier: E0:FE:E3:B7:8D:CB:E0:9F:33:77:56:B5:B0:83:A0:74:C2:71:7B:9C
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018B4E73D53B0627D76BF356D8D58EBA4DEE
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/4P7jt43L4J8zd1a1sIOgdMJxe5w.roa
Signing time: Fri 20 Oct 2023 18:58:15 +0000
ROA not before: Fri 20 Oct 2023 18:58:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.66.26.0/24 maxlen: 24
193.108.59.0/24 maxlen: 24
193.3.20.0/24 maxlen: 24
193.108.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:73:d5:3b:06:27:d7:6b:f3:56:d8:d5:8e:ba:4d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Oct 20 18:58:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0fee3b78dcbe09f337756b5b083a074c2717b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2d:c4:f0:95:46:1b:43:a1:a5:e1:f9:ed:aa:
5a:27:51:99:d4:1d:3e:65:4d:19:df:eb:75:99:b0:
53:9b:56:d7:d3:cf:e8:7e:61:77:ae:ab:7f:c0:ca:
f5:2a:91:ac:e7:35:3e:41:0e:32:30:4e:00:d6:23:
cb:db:75:72:5c:f5:65:2b:35:37:c8:7e:3d:6a:da:
b2:08:8e:aa:d4:26:96:c8:9d:2a:27:a3:8c:58:cd:
17:c1:3b:02:dc:64:ca:6d:b4:8f:66:1f:c1:86:f4:
33:f6:4b:f5:0a:87:47:93:e4:8e:63:7a:a7:5c:30:
4a:46:64:ce:57:7d:49:06:0d:73:e9:c3:a4:fb:3f:
1f:bc:ff:18:1b:a5:ef:83:d6:37:f1:1f:20:5f:23:
cc:0f:bd:16:a3:7f:9a:03:af:f6:49:26:8e:b2:b0:
07:87:ef:96:ab:1c:9f:57:72:70:f5:87:e9:54:08:
a0:1b:a3:4d:c8:48:2f:31:b0:3b:ea:32:e7:d5:dc:
5b:25:90:20:ae:e9:c2:ec:1f:86:37:f4:25:27:63:
91:66:cb:d0:e5:47:87:2d:96:e1:f0:41:ce:97:f7:
c1:ae:83:55:fb:cf:a9:52:a9:6d:f0:fb:01:11:9a:
16:05:4d:2a:88:87:fc:51:a3:af:2a:aa:d1:f6:f0:
4f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FE:E3:B7:8D:CB:E0:9F:33:77:56:B5:B0:83:A0:74:C2:71:7B:9C
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/4P7jt43L4J8zd1a1sIOgdMJxe5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.26.0/24
193.3.20.0/24
193.108.59.0/24
193.108.105.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:7d:7d:bd:f1:bd:be:a5:e6:31:15:2f:fa:15:26:3c:2d:da:
8f:d0:8c:0e:e6:de:f8:07:4b:fd:1b:0e:24:49:ba:c0:0f:07:
bc:96:46:03:9f:58:b6:ac:f6:f6:9e:6c:a3:ae:02:56:ed:88:
23:b2:b6:ee:37:1e:c6:dc:68:02:5f:ce:65:eb:45:3f:5b:c6:
95:eb:b0:61:b7:77:7d:92:29:d2:1a:d3:1a:7c:7a:9b:25:9c:
87:f6:2c:6d:c9:09:02:0a:4c:5b:9c:af:85:56:e7:d6:90:9b:
28:3b:35:89:4d:5f:49:21:07:d2:9f:fe:28:72:6b:e2:07:49:
d3:13:59:b8:ae:18:79:7b:e7:54:98:a1:bd:db:a6:88:31:47:
c0:d9:29:99:8a:44:3c:ac:d6:d1:5b:e8:22:2c:46:00:5e:d2:
64:58:b7:4e:21:1b:fc:c8:1a:38:25:b5:16:48:18:26:d4:d4:
54:16:ab:4b:e3:28:12:89:c7:d9:fa:b2:a7:34:70:82:3f:fd:
20:53:a0:c5:2f:90:59:34:f0:49:ba:d3:ea:8d:ad:89:ce:d7:
ac:ec:4b:35:6e:ed:1c:f1:4b:96:bc:f0:c6:1f:f6:1b:dc:93:
0c:dc:50:da:4e:d2:79:84:73:ea:a3:04:06:88:ef:42:69:8a:
97:fd:63:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtOc9U7BifXa/NW2NWOuk3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMxMDIwMTg1ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGZlZTNiNzhkY2JlMDlmMzM3NzU2YjViMDgzYTA3NGMyNzE3YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC3E8JVGG0OhpeH57apaJ1GZ1B0+
ZU0Z3+t1mbBTm1bX08/ofmF3rqt/wMr1KpGs5zU+QQ4yME4A1iPL23VyXPVlKzU3
yH49atqyCI6q1CaWyJ0qJ6OMWM0XwTsC3GTKbbSPZh/BhvQz9kv1CodHk+SOY3qn
XDBKRmTOV31JBg1z6cOk+z8fvP8YG6Xvg9Y38R8gXyPMD70Wo3+aA6/2SSaOsrAH
h++WqxyfV3Jw9YfpVAigG6NNyEgvMbA76jLn1dxbJZAgrunC7B+GN/QlJ2ORZsvQ
5UeHLZbh8EHOl/fBroNV+8+pUqlt8PsBEZoWBU0qiIf8UaOvKqrR9vBPDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOD+47eNy+CfM3dWtbCDoHTCcXucMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvNFA3anQ0M0w0Sjh6ZDFhMXNJT2dkTUp4ZTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAvEIaAwQA
wQMUAwQAwWw7AwQAwWxpMA0GCSqGSIb3DQEBCwUAA4IBAQBcfX298b2+peYxFS/6
FSY8LdqP0IwO5t74B0v9Gw4kSbrADwe8lkYDn1i2rPb2nmyjrgJW7YgjsrbuNx7G
3GgCX85l60U/W8aV67Bht3d9kinSGtMafHqbJZyH9ixtyQkCCkxbnK+FVufWkJso
OzWJTV9JIQfSn/4ocmviB0nTE1m4rhh5e+dUmKG926aIMUfA2SmZikQ8rNbRW+gi
LEYAXtJkWLdOIRv8yBo4JbUWSBgm1NRUFqtL4ygSicfZ+rKnNHCCP/0gU6DFL5BZ
NPBJutPqja2Jztes7Es1bu0c8UuWvPDGH/Yb3JMM3FDaTtJ5hHPqowQGiO9CaYqX
/WPv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:21 2024 by rpki-client on console-ams.rpki-client.org