Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/vGl4H-tyS4jf6LhKMX884Hm-p-E.roa
File: vGl4H-tyS4jf6LhKMX884Hm-p-E.roa (raw, json)
Hash identifier: ODUhfiYUsooSkZEqxjLWAjFHUmWWA+xmWFR7hCWns4c=
Subject key identifier: BC:69:78:1F:EB:72:4B:88:DF:E8:B8:4A:31:7F:3C:E0:79:BE:A7:E1
Certificate issuer: /CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Certificate serial: 0185CA2385170F57020997F56273FDF1A087
Authority key identifier: F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/vGl4H-tyS4jf6LhKMX884Hm-p-E.roa
Signing time: Thu 19 Jan 2023 13:06:43 +0000
ROA not before: Thu 19 Jan 2023 13:06:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 185.98.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ca:23:85:17:0f:57:02:09:97:f5:62:73:fd:f1:a0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Validity
Not Before: Jan 19 13:06:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc69781feb724b88dfe8b84a317f3ce079bea7e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e8:fb:6b:10:07:a8:af:c3:82:67:7a:8e:3a:
7a:ac:88:d6:08:e9:a2:7e:75:42:c2:4e:5e:79:7b:
28:ee:ba:dd:46:58:33:fe:d2:78:14:5a:c6:14:8a:
65:df:a8:e3:2f:23:6a:40:66:44:04:27:06:c6:07:
52:d7:ff:1b:77:9d:8a:71:b7:4b:2f:6c:fc:61:33:
e8:57:58:0e:af:4f:2d:27:d3:04:ca:4d:5d:f0:17:
eb:54:7c:d0:75:a6:42:3e:77:18:29:03:50:59:2f:
5e:3a:09:7e:82:fb:1a:5c:59:65:bc:eb:f6:a1:0c:
71:9e:97:61:4e:80:b3:5a:8c:71:67:9d:ae:6b:c5:
ae:63:fc:92:fa:f1:d3:fd:f6:af:7b:a1:51:10:38:
2d:53:b7:55:96:ad:ec:c5:24:57:60:b0:57:b9:73:
0d:c0:bb:c5:15:14:3d:50:4b:07:f4:3b:13:f0:1f:
7c:06:f3:2b:36:b7:f8:67:f4:cf:23:89:0f:b7:dd:
c3:7a:fa:26:08:ba:1d:a4:77:b9:02:cb:1b:36:85:
ff:cc:65:e4:19:32:7f:e8:51:06:a2:f9:e5:e9:bb:
64:1a:83:a6:88:7d:3b:02:46:57:27:59:ca:c3:f9:
b5:5f:61:db:71:04:e4:a9:aa:5d:ca:78:f2:25:89:
72:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:69:78:1F:EB:72:4B:88:DF:E8:B8:4A:31:7F:3C:E0:79:BE:A7:E1
X509v3 Authority Key Identifier:
keyid:F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/vGl4H-tyS4jf6LhKMX884Hm-p-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.217.0/24
Signature Algorithm: sha256WithRSAEncryption
01:5e:1c:24:f5:b3:41:32:e9:75:97:fb:6b:47:d0:67:cd:8d:
23:3a:aa:94:6f:30:7d:75:ef:c5:ff:ef:f0:d4:ad:fd:6e:94:
f8:a4:d1:b2:7c:59:ac:bc:59:a0:8b:78:4d:c5:4d:37:b4:df:
a9:e4:4c:03:f3:96:85:a2:30:cc:75:a5:b3:99:33:9f:81:73:
91:f2:84:ac:a7:ee:16:8a:28:0c:79:6b:91:78:11:b1:ac:91:
4a:82:bf:5d:f5:48:fa:84:4c:6b:7f:b0:21:77:f8:45:3a:29:
e2:89:bc:ee:99:ca:0a:8e:10:7e:1e:8a:4a:d9:2b:16:db:b7:
84:a1:74:53:9c:ec:8f:bb:22:c4:7d:3c:92:89:3b:f3:80:cc:
8c:9b:25:d8:db:d5:04:6c:2a:76:96:b3:7e:fa:0b:47:a3:61:
22:b9:68:1d:0d:45:d8:15:11:ee:a5:b9:58:58:47:1b:f9:4a:
c7:04:6e:8d:88:41:8c:19:73:3a:6b:a6:14:5b:80:6c:67:ec:
c8:96:e0:17:7d:00:fd:a0:8e:ba:a8:69:d6:e8:03:08:2e:c4:
99:02:54:18:31:5a:e6:71:98:17:57:f0:5f:ce:08:8e:96:4c:
8a:3a:8d:db:00:2b:f0:db:4b:d8:e6:b8:05:bd:e1:7c:69:32:
2e:31:93:5c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYXKI4UXD1cCCZf1YnP98aCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Y2FhNzk3YjkwMGZjMzU1ZmMyNDEyNDY3NzUxZWViMmMx
YzY0YmUwHhcNMjMwMTE5MTMwNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzY5NzgxZmViNzI0Yjg4ZGZlOGI4NGEzMTdmM2NlMDc5YmVhN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+j7axAHqK/Dgmd6jjp6rIjWCOmi
fnVCwk5eeXso7rrdRlgz/tJ4FFrGFIpl36jjLyNqQGZEBCcGxgdS1/8bd52KcbdL
L2z8YTPoV1gOr08tJ9MEyk1d8BfrVHzQdaZCPncYKQNQWS9eOgl+gvsaXFllvOv2
oQxxnpdhToCzWoxxZ52ua8WuY/yS+vHT/fave6FREDgtU7dVlq3sxSRXYLBXuXMN
wLvFFRQ9UEsH9DsT8B98BvMrNrf4Z/TPI4kPt93DevomCLodpHe5AssbNoX/zGXk
GTJ/6FEGovnl6btkGoOmiH07AkZXJ1nKw/m1X2HbcQTkqapdynjyJYly4wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLxpeB/rckuI3+i4SjF/POB5vqfhMB8GA1UdIwQY
MBaAFPjKp5e5APw1X8JBJGd1HussHGS+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1NcW5sN2tBX0RWZndrRWtaM1VlNnl3Y1pMNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvMWI1NWNmLWJlOTQtNDlhZC05ZWI4
LTlkYjNkNDRjNmQyZi8xL3ZHbDRILXR5UzRqZjZMaEtNWDg4NEhtLXAtRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDcvMWI1NWNmLWJlOTQtNDlhZC05ZWI4LTlkYjNkNDRjNmQy
Zi8xLzEtTXFubDdrQV9EVmZ3a0VrWjNVZTZ5d2NaTDQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5Ytkw
DQYJKoZIhvcNAQELBQADggEBAAFeHCT1s0Ey6XWX+2tH0GfNjSM6qpRvMH1178X/
7/DUrf1ulPik0bJ8Way8WaCLeE3FTTe036nkTAPzloWiMMx1pbOZM5+Bc5HyhKyn
7haKKAx5a5F4EbGskUqCv131SPqETGt/sCF3+EU6KeKJvO6ZygqOEH4eikrZKxbb
t4ShdFOc7I+7IsR9PJKJO/OAzIybJdjb1QRsKnaWs376C0ejYSK5aB0NRdgVEe6l
uVhYRxv5SscEbo2IQYwZczprphRbgGxn7MiW4Bd9AP2gjrqoadboAwguxJkCVBgx
WuZxmBdX8F/OCI6WTIo6jdsAK/DbS9jmuAW94XxpMi4xk1w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:44 2024 by rpki-client on console-fra.rpki-client.org