Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Pg4Y02cjnUhD333Xni3CwQjX__M.roa
File: Pg4Y02cjnUhD333Xni3CwQjX__M.roa (raw, json)
Hash identifier: m5EVrcpTVIndmAx0f6oXhaZzJ+7CnmPOiF/U/qfUniU=
Subject key identifier: 3E:0E:18:D3:67:23:9D:48:43:DF:7D:D7:9E:2D:C2:C1:08:D7:FF:F3
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018B008C69E6CD0BBE835BC294AF543CE948
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Pg4Y02cjnUhD333Xni3CwQjX__M.roa
Signing time: Thu 05 Oct 2023 15:54:43 +0000
ROA not before: Thu 05 Oct 2023 15:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.66.26.0/24 maxlen: 24
193.108.59.0/24 maxlen: 24
193.3.20.0/24 maxlen: 24
193.108.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:8c:69:e6:cd:0b:be:83:5b:c2:94:af:54:3c:e9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Oct 5 15:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e0e18d367239d4843df7dd79e2dc2c108d7fff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d0:4c:87:78:1d:6d:a5:33:4a:73:cf:e5:e5:
43:2d:7b:71:c6:b7:6c:4f:c4:79:5e:88:f2:ce:ce:
21:9a:26:ce:87:2f:a0:97:d1:55:de:54:45:4c:a1:
ce:ea:ba:19:fa:1b:68:63:85:e9:39:4b:1a:d3:7c:
4a:bd:6e:33:43:8b:9f:c9:ac:ac:67:20:25:f1:dd:
eb:d6:0b:91:b7:57:fc:5e:18:8d:52:60:86:76:18:
77:78:d4:24:8a:18:83:90:71:31:8d:1b:0b:a5:44:
ba:3b:c2:1a:41:5e:b3:31:29:c2:a6:b0:b3:ce:3a:
68:ee:32:ca:be:12:10:df:87:50:d0:aa:1a:3a:61:
2e:1d:ac:6f:78:d0:77:a1:9d:f1:5f:64:4e:12:db:
be:4b:d0:75:b8:64:e1:68:70:b6:db:bc:94:8f:fe:
4c:ce:96:5a:a9:37:2e:8d:8c:75:9a:e5:7c:ea:27:
eb:38:cd:02:c6:4c:5a:c4:c9:df:1b:ad:3e:8e:09:
73:ad:c3:35:0d:5f:ed:1e:ad:c4:f0:f0:03:fd:37:
85:b4:52:c9:af:75:98:b0:95:bc:db:c6:30:57:f9:
4e:c8:e9:a4:bd:fe:bc:64:e8:db:c1:70:b6:ed:db:
1c:26:4a:90:4c:4e:9d:21:93:c6:5a:b6:42:b0:62:
0d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:0E:18:D3:67:23:9D:48:43:DF:7D:D7:9E:2D:C2:C1:08:D7:FF:F3
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Pg4Y02cjnUhD333Xni3CwQjX__M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.26.0/24
193.3.20.0/24
193.108.59.0/24
193.108.105.0/24
Signature Algorithm: sha256WithRSAEncryption
67:fa:ed:2e:2a:fd:5e:0c:ba:02:8a:00:0e:6a:c3:13:4e:9e:
73:28:9e:24:aa:99:9b:db:40:90:76:7e:4b:16:12:19:24:9e:
86:45:3b:f9:05:12:fc:fb:18:56:f2:c3:36:d4:e9:d7:d5:b9:
4b:3c:da:49:2d:4f:1e:1b:ea:3a:02:c9:07:4d:c3:4b:71:32:
f9:6c:5f:9c:e7:0c:ff:cd:22:c5:21:e3:fd:04:ff:b2:09:6e:
13:5b:5d:70:d1:0b:98:25:d5:92:52:c9:4b:37:af:2f:99:9c:
60:4a:97:4c:39:7b:02:9c:4e:07:7e:ac:e1:46:cf:aa:4d:5f:
f7:93:f5:34:79:64:71:d2:89:07:ab:c2:9a:b5:95:5e:20:b5:
9c:3e:cc:9d:be:02:34:13:43:2c:e7:b0:7a:98:6a:f6:64:96:
ad:db:83:6f:89:50:84:53:55:5b:10:72:43:6c:2a:99:3f:a6:
01:dc:83:7a:c2:a9:24:b5:3f:15:99:51:30:79:4b:4b:1f:aa:
a7:fa:bc:57:80:f8:1f:40:80:a8:19:3d:f6:a0:eb:75:73:ec:
e5:43:76:06:0e:00:d8:ab:19:4f:7a:a2:8b:23:8a:36:e6:7e:
c7:f7:6b:94:1b:1d:15:02:3c:be:86:73:ef:4c:61:e5:39:61:
5c:92:1e:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsAjGnmzQu+g1vClK9UPOlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMxMDA1MTU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTBlMThkMzY3MjM5ZDQ4NDNkZjdkZDc5ZTJkYzJjMTA4ZDdmZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9BMh3gdbaUzSnPP5eVDLXtxxrds
T8R5Xojyzs4hmibOhy+gl9FV3lRFTKHO6roZ+htoY4XpOUsa03xKvW4zQ4ufyays
ZyAl8d3r1guRt1f8XhiNUmCGdhh3eNQkihiDkHExjRsLpUS6O8IaQV6zMSnCprCz
zjpo7jLKvhIQ34dQ0KoaOmEuHaxveNB3oZ3xX2ROEtu+S9B1uGThaHC227yUj/5M
zpZaqTcujYx1muV86ifrOM0CxkxaxMnfG60+jglzrcM1DV/tHq3E8PAD/TeFtFLJ
r3WYsJW828YwV/lOyOmkvf68ZOjbwXC27dscJkqQTE6dIZPGWrZCsGINQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD4OGNNnI51IQ999154twsEI1//zMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvUGc0WTAyY2puVWhEMzMzWG5pM0N3UWpYX19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAvEIaAwQA
wQMUAwQAwWw7AwQAwWxpMA0GCSqGSIb3DQEBCwUAA4IBAQBn+u0uKv1eDLoCigAO
asMTTp5zKJ4kqpmb20CQdn5LFhIZJJ6GRTv5BRL8+xhW8sM21OnX1blLPNpJLU8e
G+o6AskHTcNLcTL5bF+c5wz/zSLFIeP9BP+yCW4TW11w0QuYJdWSUslLN68vmZxg
SpdMOXsCnE4HfqzhRs+qTV/3k/U0eWRx0okHq8KatZVeILWcPsydvgI0E0Ms57B6
mGr2ZJat24NviVCEU1VbEHJDbCqZP6YB3IN6wqkktT8VmVEweUtLH6qn+rxXgPgf
QICoGT32oOt1c+zlQ3YGDgDYqxlPeqKLI4o25n7H92uUGx0VAjy+hnPvTGHlOWFc
kh6D
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:21 2024 by rpki-client on console-ams.rpki-client.org