Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8iWKuXjJircTglr-MX2SPn2IvLY.roa
File: 8iWKuXjJircTglr-MX2SPn2IvLY.roa (raw, json)
Hash identifier: hXKM6O/LitnfBqQJVbHHZ0hPxIVDBkmE7M4fxFVFKt0=
Subject key identifier: F2:25:8A:B9:78:C9:8A:B7:13:82:5A:FE:31:7D:92:3E:7D:88:BC:B6
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A6CA36
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8iWKuXjJircTglr-MX2SPn2IvLY.roa
Signing time: Sat 01 Jan 2022 07:57:07 +0000
ROA not before: Sat 01 Jan 2022 07:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39284
IP address blocks: 213.139.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94816822 (0x5a6ca36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2258ab978c98ab713825afe317d923e7d88bcb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4a:f7:c5:eb:26:48:60:7b:b4:3a:af:59:d9:
1f:51:c8:7f:72:3f:c7:e4:6f:80:83:45:e2:5b:b4:
96:9b:93:23:b2:fd:6d:cd:6b:4a:ef:b8:b2:d2:c4:
e1:7f:1d:20:29:1d:14:db:b9:d2:fe:34:f1:5d:60:
83:a7:80:10:32:a0:ff:3c:05:fa:cd:eb:95:83:2a:
45:b0:a1:8d:17:6c:44:59:b5:54:5b:6a:db:f6:c9:
a1:ee:59:53:26:da:59:dc:1a:d2:9b:d1:90:b1:d8:
5e:b2:92:9f:23:b2:54:29:3f:b4:63:d7:c9:7c:b0:
f2:81:94:f5:02:4c:c0:f8:3e:ab:19:4f:92:3f:9c:
1b:57:ce:3f:64:1c:b0:d2:93:3d:21:d9:44:fd:06:
ff:ce:65:6f:ee:af:7e:b8:9b:90:c6:da:88:6c:bb:
8e:6d:b2:37:3b:a7:4a:6d:72:6b:7c:5b:c4:1d:00:
aa:ea:21:1f:2b:27:dc:97:28:ec:64:c8:6f:ba:44:
18:ca:b8:95:5d:37:d7:ab:53:aa:5f:0b:e8:3c:52:
82:cc:d8:31:b7:98:3e:94:b3:a9:b6:86:5b:50:d4:
c3:7b:40:90:ba:bb:17:28:ec:99:b3:6f:8c:73:5c:
cb:11:bc:d7:08:12:40:e6:72:59:13:8b:15:dd:54:
cc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:25:8A:B9:78:C9:8A:B7:13:82:5A:FE:31:7D:92:3E:7D:88:BC:B6
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8iWKuXjJircTglr-MX2SPn2IvLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.200.0/24
Signature Algorithm: sha256WithRSAEncryption
07:f1:2c:9a:19:71:c4:ce:33:42:04:44:b3:08:73:12:78:3e:
34:0c:c3:a5:58:4f:66:b0:09:68:ce:06:47:6e:87:d6:d5:d4:
bd:1a:b8:3b:a7:cb:95:11:b5:f0:4f:f7:56:51:c6:31:70:1f:
76:62:13:68:89:57:12:aa:91:83:ac:97:55:ad:e8:c7:5e:b3:
d2:70:c1:c8:ee:c7:9d:af:8f:88:39:25:de:93:7f:99:7f:b6:
2c:65:48:45:08:67:8d:28:be:0c:53:c5:9b:bb:ff:15:db:42:
a6:a6:7d:f9:d8:e9:e2:a3:96:67:7e:a9:8b:36:ef:dc:c5:a5:
c1:ad:fb:aa:a2:ef:98:18:5f:2a:f3:ff:2e:0a:55:3b:68:33:
63:7d:08:62:7f:5a:c6:61:b0:42:f6:3c:aa:1c:62:7a:a6:44:
3e:67:97:05:d9:81:63:1e:4a:a1:03:9f:62:ea:b0:42:8f:dd:
64:29:b1:0a:0c:91:64:3e:6f:8b:c2:49:03:d6:ae:77:df:9a:
a0:cc:7f:16:d1:e0:b0:a8:8e:d6:bb:e2:9b:03:f6:a1:14:72:
bb:2f:03:8d:c2:31:f1:8f:ba:fa:d4:7a:e6:74:a1:1b:19:0c:
52:7a:18:a4:14:1a:4b:e9:6e:dc:6c:88:6a:ea:47:04:c0:d1:
29:30:e6:bf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBabKNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIyNThhYjk3OGM5
OGFiNzEzODI1YWZlMzE3ZDkyM2U3ZDg4YmNiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAItK98XrJkhge7Q6r1nZH1HIf3I/x+RvgINF4lu0lpuTI7L9
bc1rSu+4stLE4X8dICkdFNu50v408V1gg6eAEDKg/zwF+s3rlYMqRbChjRdsRFm1
VFtq2/bJoe5ZUybaWdwa0pvRkLHYXrKSnyOyVCk/tGPXyXyw8oGU9QJMwPg+qxlP
kj+cG1fOP2QcsNKTPSHZRP0G/85lb+6vfribkMbaiGy7jm2yNzunSm1ya3xbxB0A
quohHysn3Jco7GTIb7pEGMq4lV0316tTql8L6DxSgszYMbeYPpSzqbaGW1DUw3tA
kLq7FyjsmbNvjHNcyxG81wgSQOZyWROLFd1UzCMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTyJYq5eMmKtxOCWv4xfZI+fYi8tjAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
LzhpV0t1WGpKaXJjVGdsci1NWDJTUG4ySXZMWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWLyDANBgkqhkiG9w0BAQsFAAOC
AQEAB/EsmhlxxM4zQgREswhzEng+NAzDpVhPZrAJaM4GR26H1tXUvRq4O6fLlRG1
8E/3VlHGMXAfdmITaIlXEqqRg6yXVa3ox16z0nDByO7Hna+PiDkl3pN/mX+2LGVI
RQhnjSi+DFPFm7v/FdtCpqZ9+djp4qOWZ36pizbv3MWlwa37qqLvmBhfKvP/LgpV
O2gzY30IYn9axmGwQvY8qhxieqZEPmeXBdmBYx5KoQOfYuqwQo/dZCmxCgyRZD5v
i8JJA9aud9+aoMx/FtHgsKiO1rvimwP2oRRyuy8DjcIx8Y+6+tR65nShGxkMUnoY
pBQaS+lu3GyIaupHBMDRKTDmvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org