Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/i_Rznfzs9-GsDjO5dtgeBxIhJSU.roa
File: i_Rznfzs9-GsDjO5dtgeBxIhJSU.roa (raw, json)
Hash identifier: 3xHSQoVMkR40bZSIZByp+NAJJPcNDRqbz8myR6qYVuQ=
Subject key identifier: 8B:F4:73:9D:FC:EC:F7:E1:AC:0E:33:B9:76:D8:1E:07:12:21:25:25
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018CC500C7A1F4B4044C7E99F5F0A03FCCBC
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/i_Rznfzs9-GsDjO5dtgeBxIhJSU.roa
Signing time: Mon 01 Jan 2024 12:30:11 +0000
ROA not before: Mon 01 Jan 2024 12:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210421
IP address blocks: 193.107.21.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c7:a1:f4:b4:04:4c:7e:99:f5:f0:a0:3f:cc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jan 1 12:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bf4739dfcecf7e1ac0e33b976d81e0712212525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:98:08:93:2d:da:81:e9:cc:2c:c5:db:6f:f1:
fb:46:68:87:3a:be:26:e7:1b:e4:b8:5d:6d:4b:4b:
02:cb:7a:67:21:33:4f:49:38:9a:e2:c4:5d:59:af:
89:7f:35:7c:7e:c8:42:d9:eb:69:0b:23:73:b1:89:
da:a4:0c:8b:7a:f4:56:73:10:41:42:44:80:d3:98:
80:ac:47:38:6f:4f:a4:1c:5e:c4:54:7b:27:4a:1e:
44:3f:a7:ce:80:47:f3:71:e9:2d:2a:32:cd:07:24:
bd:67:30:a3:a9:f0:59:6b:df:04:ea:9c:bf:23:45:
87:15:00:63:dc:c1:22:36:ca:98:fe:f4:8f:09:28:
96:ca:35:0a:03:4a:24:cd:74:bc:df:d7:e5:90:55:
ff:12:95:80:42:bc:28:6f:ab:f7:f1:3b:c2:31:55:
a0:f3:2d:f2:51:31:0e:26:db:d8:7e:eb:73:b5:ec:
c3:b4:e7:f2:d6:f5:c6:41:28:cb:9e:97:7a:8d:bf:
68:01:e8:c4:d4:dc:7c:e0:7f:a3:2d:13:1e:5e:39:
ed:8e:16:eb:4d:75:29:e2:f8:7c:ee:2b:69:f9:f6:
0e:f2:51:ff:1b:ad:df:64:b2:1f:88:37:e1:0b:e0:
34:cf:8b:61:f6:0a:97:ba:51:ed:49:2b:e0:e3:76:
27:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F4:73:9D:FC:EC:F7:E1:AC:0E:33:B9:76:D8:1E:07:12:21:25:25
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/i_Rznfzs9-GsDjO5dtgeBxIhJSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.21.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a2:13:27:d0:4d:09:99:05:44:66:35:e3:75:a0:59:78:72:
53:13:2e:ae:0b:95:85:54:5f:9d:73:f2:53:53:87:91:6e:81:
72:c9:b9:d8:17:9b:c7:30:55:ca:53:46:17:b7:81:9e:25:2a:
b1:cd:b2:69:01:a0:ca:4f:f8:04:34:9c:e5:a4:75:18:a9:8d:
a3:44:01:b7:c9:4d:89:99:ec:06:89:97:61:b1:18:49:05:59:
7e:dd:0b:6f:49:56:fa:9d:04:f7:5f:b8:6c:5b:d5:69:0e:9a:
1d:ec:66:7b:ba:38:7c:27:e1:e9:82:22:01:d8:e4:f9:60:71:
d6:83:29:5f:4a:84:fd:3b:56:ca:d7:b5:f9:87:b1:19:40:82:
62:25:c7:23:04:d7:21:ed:38:32:57:1a:cd:da:d4:d7:2d:d2:
a7:49:e7:ad:97:25:b3:e0:1e:5f:cc:7c:57:64:55:e0:06:49:
16:8f:79:85:1e:0e:3c:24:31:5d:79:83:12:5d:6d:b5:ca:fd:
49:4c:c2:43:82:24:25:f9:69:df:6d:23:9e:8e:ce:13:56:0c:
6a:7f:ac:9c:1d:82:4b:2f:5b:a1:17:b0:42:72:00:5f:8c:a2:
f0:a9:e5:b5:07:3a:7f:60:40:36:97:eb:75:6f:0c:75:6e:0a:
19:40:c5:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAMeh9LQETH6Z9fCgP8y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQwMTAxMTIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY0NzM5ZGZjZWNmN2UxYWMwZTMzYjk3NmQ4MWUwNzEyMjEyNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJgIky3agenMLMXbb/H7RmiHOr4m
5xvkuF1tS0sCy3pnITNPSTia4sRdWa+JfzV8fshC2etpCyNzsYnapAyLevRWcxBB
QkSA05iArEc4b0+kHF7EVHsnSh5EP6fOgEfzcektKjLNByS9ZzCjqfBZa98E6py/
I0WHFQBj3MEiNsqY/vSPCSiWyjUKA0okzXS839flkFX/EpWAQrwob6v38TvCMVWg
8y3yUTEOJtvYfutztezDtOfy1vXGQSjLnpd6jb9oAejE1Nx84H+jLRMeXjntjhbr
TXUp4vh87itp+fYO8lH/G63fZLIfiDfhC+A0z4th9gqXulHtSSvg43YnhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIv0c5387PfhrA4zuXbYHgcSISUlMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvaV9Sem5menM5LUdzRGpPNWR0Z2VCeEloSlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWsVMA0G
CSqGSIb3DQEBCwUAA4IBAQBjohMn0E0JmQVEZjXjdaBZeHJTEy6uC5WFVF+dc/JT
U4eRboFyybnYF5vHMFXKU0YXt4GeJSqxzbJpAaDKT/gENJzlpHUYqY2jRAG3yU2J
mewGiZdhsRhJBVl+3QtvSVb6nQT3X7hsW9VpDpod7GZ7ujh8J+HpgiIB2OT5YHHW
gylfSoT9O1bK17X5h7EZQIJiJccjBNch7TgyVxrN2tTXLdKnSeetlyWz4B5fzHxX
ZFXgBkkWj3mFHg48JDFdeYMSXW21yv1JTMJDgiQl+WnfbSOejs4TVgxqf6ycHYJL
L1uhF7BCcgBfjKLwqeW1Bzp/YEA2l+t1bwx1bgoZQMVH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:21 2024 by rpki-client on console-ams.rpki-client.org