Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Ww_y-37ulxxBj4wRqjpCEnFycNc.roa
File: Ww_y-37ulxxBj4wRqjpCEnFycNc.roa (raw, json)
Hash identifier: ZDo3WsrG5iSnI9+CjfN/LN2oVz9nAwAEHlg40wfGSh8=
Subject key identifier: 5B:0F:F2:FB:7E:EE:97:1C:41:8F:8C:11:AA:3A:42:12:71:72:70:D7
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018B445C12F9B05D4272D9CF2AFC692F5F10
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Ww_y-37ulxxBj4wRqjpCEnFycNc.roa
Signing time: Wed 18 Oct 2023 19:56:06 +0000
ROA not before: Wed 18 Oct 2023 19:56:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.66.26.0/24 maxlen: 24
193.3.20.0/24 maxlen: 24
193.108.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:44:5c:12:f9:b0:5d:42:72:d9:cf:2a:fc:69:2f:5f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Oct 18 19:56:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b0ff2fb7eee971c418f8c11aa3a4212717270d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c4:1c:44:6c:c1:ef:9f:7c:df:83:dc:0c:97:
cb:53:e1:e7:71:f3:4b:71:75:46:f1:ed:3e:15:66:
f8:96:9f:aa:32:4a:78:fc:cd:31:8c:1b:99:2d:fe:
c1:14:a3:9a:54:e5:65:d0:2a:c4:39:c3:21:b5:fb:
da:31:69:45:ce:42:52:3f:71:c7:e6:b6:15:54:83:
5d:f5:be:ce:d1:b0:c7:3e:37:f5:5c:8c:d8:74:26:
57:7f:fb:23:55:86:f8:16:37:d8:ad:47:22:e1:53:
c0:b9:38:a1:6c:2a:a1:1a:00:fb:0a:af:ec:78:10:
a8:34:66:c3:d0:fa:e3:8a:51:2e:7d:81:6a:83:51:
b0:4b:12:cc:d9:99:a1:e2:e3:5d:54:8d:3b:bc:a8:
d5:92:43:6d:00:9c:e2:0f:6c:7d:bf:15:7c:d6:a2:
43:6d:c8:3e:e2:ef:81:f9:cf:15:d5:fa:0d:ed:4f:
05:86:d0:95:3a:fd:e5:0c:96:2e:f4:6a:d8:da:2c:
cc:f1:79:32:b4:33:6e:a7:2b:74:e1:6d:34:72:28:
1a:f4:59:79:ca:92:36:8a:9a:f1:6e:23:9d:f1:70:
21:7a:32:2b:2d:50:a8:b3:60:0a:be:3e:8f:c9:8e:
1e:08:48:5a:e3:80:6e:2f:36:3a:39:56:61:0d:d5:
a6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:0F:F2:FB:7E:EE:97:1C:41:8F:8C:11:AA:3A:42:12:71:72:70:D7
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Ww_y-37ulxxBj4wRqjpCEnFycNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.26.0/24
193.3.20.0/24
193.108.105.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:fe:3b:36:b1:8f:44:9e:31:d4:a5:d3:f6:ed:84:03:09:cc:
be:65:d2:60:02:91:0a:90:94:be:7a:4d:e2:89:ad:d0:a1:55:
d3:f2:77:3a:45:36:60:d0:41:f7:13:cf:96:88:fe:80:a1:e9:
28:97:47:7e:f0:38:d3:5e:75:cc:6b:95:44:d5:fc:d7:72:bd:
6c:7c:b4:e5:c4:34:96:f3:72:25:2f:46:01:dc:0c:1a:17:fc:
69:4a:8d:7d:f7:55:e4:0a:0b:7e:4b:4c:96:11:21:a7:d6:83:
ae:a1:fc:b6:70:34:c2:97:4e:3b:d7:2f:f4:f0:e3:20:ea:9b:
9b:3c:ce:56:ba:7c:a0:44:96:cd:71:d5:58:b3:5b:bf:8b:5b:
aa:92:a9:3f:de:f4:f1:7c:fc:93:2e:ec:fe:68:b4:af:5f:2b:
b7:36:e0:f9:fd:97:42:04:dc:b0:d6:56:fb:af:18:20:9d:96:
8c:b8:a5:13:61:86:11:a3:55:52:34:0e:d6:5d:c3:7a:56:74:
c9:3e:46:c3:c7:1b:fc:38:bb:4d:ff:3e:cc:ce:95:81:26:c8:
6d:5d:99:97:a1:ae:9b:ba:c1:41:6e:f8:79:d3:0e:44:bb:24:
3f:f4:98:07:80:15:f6:cb:7c:c4:32:65:92:b9:2b:a6:47:47:
13:57:96:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtEXBL5sF1CctnPKvxpL18QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMxMDE4MTk1NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjBmZjJmYjdlZWU5NzFjNDE4ZjhjMTFhYTNhNDIxMjcxNzI3MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksQcRGzB759834PcDJfLU+HncfNL
cXVG8e0+FWb4lp+qMkp4/M0xjBuZLf7BFKOaVOVl0CrEOcMhtfvaMWlFzkJSP3HH
5rYVVINd9b7O0bDHPjf1XIzYdCZXf/sjVYb4FjfYrUci4VPAuTihbCqhGgD7Cq/s
eBCoNGbD0PrjilEufYFqg1GwSxLM2Zmh4uNdVI07vKjVkkNtAJziD2x9vxV81qJD
bcg+4u+B+c8V1foN7U8FhtCVOv3lDJYu9GrY2izM8XkytDNupyt04W00ciga9Fl5
ypI2iprxbiOd8XAhejIrLVCos2AKvj6PyY4eCEha44BuLzY6OVZhDdWmSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFsP8vt+7pccQY+MEao6QhJxcnDXMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvV3dfeS0zN3VseHhCajR3UnFqcENFbkZ5Y05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvEIaAwQA
wQMUAwQAwWxpMA0GCSqGSIb3DQEBCwUAA4IBAQB7/js2sY9EnjHUpdP27YQDCcy+
ZdJgApEKkJS+ek3iia3QoVXT8nc6RTZg0EH3E8+WiP6Aoekol0d+8DjTXnXMa5VE
1fzXcr1sfLTlxDSW83IlL0YB3AwaF/xpSo1991XkCgt+S0yWESGn1oOuofy2cDTC
l0471y/08OMg6pubPM5WunygRJbNcdVYs1u/i1uqkqk/3vTxfPyTLuz+aLSvXyu3
NuD5/ZdCBNyw1lb7rxggnZaMuKUTYYYRo1VSNA7WXcN6VnTJPkbDxxv8OLtN/z7M
zpWBJshtXZmXoa6busFBbvh50w5EuyQ/9JgHgBX2y3zEMmWSuSumR0cTV5bp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:21 2024 by rpki-client on console-ams.rpki-client.org