Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/br4pEOYefbh6OhIVha0UGDOKGPk.roa
File: br4pEOYefbh6OhIVha0UGDOKGPk.roa (raw, json)
Hash identifier: GpNWMV037GdtoLbqVSo5E+RU+0xGig1fOwinpoQEbOY=
Subject key identifier: 6E:BE:29:10:E6:1E:7D:B8:7A:3A:12:15:85:AD:14:18:33:8A:18:F9
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 0191D638E831FB9E7DF7F2518DFB0192B4C7
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/br4pEOYefbh6OhIVha0UGDOKGPk.roa
Signing time: Mon 09 Sep 2024 09:58:59 +0000
ROA not before: Mon 09 Sep 2024 09:58:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209279
IP address blocks: 195.182.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:38:e8:31:fb:9e:7d:f7:f2:51:8d:fb:01:92:b4:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Sep 9 09:58:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ebe2910e61e7db87a3a121585ad1418338a18f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:cd:6f:9a:27:a6:8c:cc:6d:b5:f9:e4:62:d2:
f4:f7:97:fe:2c:86:b0:c0:1a:78:2d:1d:85:29:62:
97:b6:20:b6:8e:37:6a:84:55:5e:cd:46:64:46:8f:
22:da:2a:e3:aa:24:2f:ad:e5:28:9d:e0:70:8f:8a:
cd:7d:db:d3:07:86:3f:40:2f:49:4d:f7:17:93:75:
e8:11:04:ba:86:9f:bc:1e:b7:b0:34:67:9d:50:45:
a4:e5:36:40:50:b3:42:3b:ed:b1:73:2d:6f:13:be:
32:6c:00:5b:e5:62:11:48:5b:be:5b:1d:6b:53:c8:
52:df:f9:97:3b:d4:37:39:1a:47:ed:c6:89:a7:c0:
19:2b:2c:20:1c:4d:80:e1:33:60:de:44:c4:f6:6a:
65:57:41:36:2a:2e:08:bf:b3:43:9b:ec:3e:c1:f9:
56:26:10:9c:05:12:49:57:bf:74:c4:1d:51:32:a3:
f7:1a:9d:08:96:90:ff:0e:9a:c6:59:18:98:20:de:
5e:03:e8:b3:87:7b:c9:c7:84:0f:ee:ee:25:10:2f:
79:1a:7f:bd:f1:2a:03:79:42:34:cd:3b:3c:8b:0a:
17:c2:80:82:85:93:63:8c:de:77:19:73:b3:62:61:
5b:b1:4f:32:ea:59:64:39:7a:3a:70:b8:b3:ca:05:
b6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BE:29:10:E6:1E:7D:B8:7A:3A:12:15:85:AD:14:18:33:8A:18:F9
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/br4pEOYefbh6OhIVha0UGDOKGPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.38.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:cf:83:67:6c:8a:57:f7:68:28:27:d3:d6:48:8f:66:bf:f4:
23:26:ce:f4:6e:4e:e2:61:cc:22:93:92:76:c0:97:b5:97:3e:
59:58:a4:de:a6:d4:90:f2:44:39:2a:91:3e:5d:a9:49:f7:17:
45:a7:1c:e0:22:76:60:8d:7c:51:fc:86:b3:d9:98:89:52:ab:
a7:22:0b:9a:e7:3f:ec:9d:af:6f:e6:c0:5a:1a:85:7c:9d:74:
3d:3e:6f:37:80:af:58:e4:e2:ad:8f:6c:34:7b:45:5d:a3:59:
4e:1a:9f:2c:97:65:24:3b:0b:6a:38:da:b5:0f:0f:17:a8:15:
67:58:db:1e:fd:d7:47:6a:14:57:94:2b:63:12:4e:8c:3b:1c:
b0:29:2f:37:62:6b:26:ea:54:4d:ec:93:c0:a1:6a:23:77:90:
c4:23:2a:b0:07:55:06:6c:79:89:e7:6c:ee:07:de:26:3c:97:
34:a1:dd:77:7d:c8:69:1d:c5:04:f8:db:1a:75:4c:d4:c3:a7:
1b:8a:fe:87:0b:36:0b:5e:ee:c2:3d:88:16:19:ff:a8:d4:2c:
e5:6c:e5:35:ca:4d:fb:bf:f2:6a:87:94:c7:b7:3f:fb:2f:36:
02:f6:85:2f:35:92:80:1c:6f:60:7b:09:4a:99:a6:23:b7:52:
ae:a5:5f:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHWOOgx+5599/JRjfsBkrTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjQwOTA5MDk1ODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWJlMjkxMGU2MWU3ZGI4N2EzYTEyMTU4NWFkMTQxODMzOGExOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8c1vmiemjMxttfnkYtL095f+LIaw
wBp4LR2FKWKXtiC2jjdqhFVezUZkRo8i2irjqiQvreUoneBwj4rNfdvTB4Y/QC9J
TfcXk3XoEQS6hp+8HrewNGedUEWk5TZAULNCO+2xcy1vE74ybABb5WIRSFu+Wx1r
U8hS3/mXO9Q3ORpH7caJp8AZKywgHE2A4TNg3kTE9mplV0E2Ki4Iv7NDm+w+wflW
JhCcBRJJV790xB1RMqP3Gp0IlpD/DprGWRiYIN5eA+izh3vJx4QP7u4lEC95Gn+9
8SoDeUI0zTs8iwoXwoCChZNjjN53GXOzYmFbsU8y6llkOXo6cLizygW2PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6+KRDmHn24ejoSFYWtFBgzihj5MB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvYnI0cEVPWWVmYmg2T2hJVmhhMFVHRE9LR1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7YmMA0G
CSqGSIb3DQEBCwUAA4IBAQDRz4NnbIpX92goJ9PWSI9mv/QjJs70bk7iYcwik5J2
wJe1lz5ZWKTeptSQ8kQ5KpE+XalJ9xdFpxzgInZgjXxR/Iaz2ZiJUqunIgua5z/s
na9v5sBaGoV8nXQ9Pm83gK9Y5OKtj2w0e0Vdo1lOGp8sl2UkOwtqONq1Dw8XqBVn
WNse/ddHahRXlCtjEk6MOxywKS83Ymsm6lRN7JPAoWojd5DEIyqwB1UGbHmJ52zu
B94mPJc0od13fchpHcUE+NsadUzUw6cbiv6HCzYLXu7CPYgWGf+o1CzlbOU1yk37
v/Jqh5THtz/7LzYC9oUvNZKAHG9gewlKmaYjt1KupV/f
-----END CERTIFICATE-----
Generated at Mon Sep 9 14:25:13 2024 by rpki-client on console-fra.rpki-client.org