Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/nNAiU29ivgVOcTYnaslS-7WEj2c.roa
File: nNAiU29ivgVOcTYnaslS-7WEj2c.roa (raw, json)
Hash identifier: EYLq1iSRHFGwgdPE8JWvk7ua6RzPIGzJrNvjz5/s2U8=
Subject key identifier: 9C:D0:22:53:6F:62:BE:05:4E:71:36:27:6A:C9:52:FB:B5:84:8F:67
Certificate issuer: /CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Certificate serial: 3714466D
Authority key identifier: 26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/nNAiU29ivgVOcTYnaslS-7WEj2c.roa
Signing time: Sat 01 Jan 2022 13:59:04 +0000
ROA not before: Sat 01 Jan 2022 13:59:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199185
IP address blocks: 188.64.148.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924075629 (0x3714466d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Validity
Not Before: Jan 1 13:59:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cd022536f62be054e7136276ac952fbb5848f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:83:ba:eb:73:87:82:0b:35:41:e0:f9:84:c0:
48:b8:68:46:f1:19:8c:69:7a:80:5b:ec:00:7c:6e:
43:c0:21:16:4b:10:e3:96:1c:9d:9d:3d:01:4d:f2:
db:ad:25:3b:34:b8:c7:8d:7a:e7:12:c8:6c:c0:0f:
ce:a9:da:10:78:a3:a3:9e:2b:bb:e8:92:fd:73:30:
08:6d:8a:11:e6:66:70:13:01:2c:ed:17:0a:bb:2a:
34:18:ad:69:8a:0c:0d:38:f8:77:80:5a:57:f5:3c:
2d:5a:e0:43:31:cb:9f:35:8c:0c:f4:a6:7b:5f:9f:
17:5c:1d:0b:30:c5:70:fa:7b:bc:8f:3c:70:19:4b:
39:4a:25:ea:d6:3e:71:ea:d0:86:a1:77:34:38:66:
8a:73:cf:bf:a2:60:e1:c9:d0:fb:40:75:8e:17:26:
cf:e2:9e:a5:36:e1:fd:3a:cf:e3:e6:03:7b:27:7d:
ac:16:b9:0b:22:73:d4:8e:d4:f7:50:af:9c:1c:42:
e0:ae:fb:4e:db:93:f1:c1:4a:11:0a:c2:41:73:c2:
f1:e4:b3:d6:9c:dc:5f:cb:55:f4:cd:94:bd:ca:1e:
3a:d8:2b:61:d3:0f:1e:56:bf:ff:95:9f:81:89:a8:
a8:49:a9:22:7b:3f:36:d0:ed:3d:4a:67:58:34:bf:
32:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D0:22:53:6F:62:BE:05:4E:71:36:27:6A:C9:52:FB:B5:84:8F:67
X509v3 Authority Key Identifier:
keyid:26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/nNAiU29ivgVOcTYnaslS-7WEj2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.148.0/24
Signature Algorithm: sha256WithRSAEncryption
61:e0:10:0c:cb:ee:3f:77:93:1a:57:3b:3f:7d:f6:fb:40:3e:
4a:ee:0c:22:06:6a:5c:4c:6a:b1:f6:47:2e:dc:b6:9c:fa:69:
59:4e:92:26:5a:c5:4d:25:5a:14:f5:7b:19:4d:6b:54:e9:b5:
18:03:40:0e:14:2a:d1:9f:7a:91:ce:df:bb:c0:f5:f1:40:74:
4b:49:ac:90:91:64:97:27:a4:a0:ba:d3:61:75:01:79:ea:07:
d5:06:9d:01:da:d2:7e:5b:0b:b5:53:40:98:13:df:02:cb:34:
04:ea:00:33:7a:60:f7:24:ad:86:5d:32:1a:69:54:2b:60:13:
60:a6:1b:bd:1f:27:8d:84:b1:0c:a5:a6:2c:9e:b4:a5:2a:d1:
87:cd:91:a0:1b:23:40:b6:c2:0c:6a:68:6a:07:15:15:98:57:
6d:12:bb:7c:86:d8:32:bb:b5:bf:a1:d8:10:66:be:fe:6f:d2:
8b:e6:9b:33:c7:6a:a4:8a:d0:56:a3:08:a3:10:d8:b0:84:3d:
71:32:8e:5c:ea:55:87:4e:81:44:bd:64:d0:02:df:ba:3b:30:
2b:0a:86:69:ab:8c:27:69:44:39:68:98:a4:b6:d1:52:23:00:
01:92:c8:da:72:15:ad:2a:5e:b2:d5:e9:f1:b4:30:6d:ae:28:
ca:d8:fc:9d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENxRGbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjlmNGY3MTQzYjQwNjc4MDVjYmE5YTQwZjYzOTczMmVlN2Q0MmU1MB4XDTIyMDEw
MTEzNTkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNkMDIyNTM2ZjYy
YmUwNTRlNzEzNjI3NmFjOTUyZmJiNTg0OGY2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJODuutzh4ILNUHg+YTASLhoRvEZjGl6gFvsAHxuQ8AhFksQ
45YcnZ09AU3y260lOzS4x4165xLIbMAPzqnaEHijo54ru+iS/XMwCG2KEeZmcBMB
LO0XCrsqNBitaYoMDTj4d4BaV/U8LVrgQzHLnzWMDPSme1+fF1wdCzDFcPp7vI88
cBlLOUol6tY+cerQhqF3NDhminPPv6Jg4cnQ+0B1jhcmz+KepTbh/TrP4+YDeyd9
rBa5CyJz1I7U91CvnBxC4K77TtuT8cFKEQrCQXPC8eSz1pzcX8tV9M2UvcoeOtgr
YdMPHla//5WfgYmoqEmpIns/NtDtPUpnWDS/MrsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSc0CJTb2K+BU5xNidqyVL7tYSPZzAfBgNVHSMEGDAWgBQmn09xQ7QGeAXL
qaQPY5cy7n1C5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pwOVBjVU8wQm5nRnk2bWtEMk9YTXU1OVF1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvYzkwODYwLTgxMzgtNDMzYy1iMjRmLTkyYzc4MGNhMzI2MC8x
L25OQWlVMjlpdmdWT2NUWW5hc2xTLTdXRWoyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
YzkwODYwLTgxMzgtNDMzYy1iMjRmLTkyYzc4MGNhMzI2MC8xL0pwOVBjVU8wQm5n
Rnk2bWtEMk9YTXU1OVF1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxAlDANBgkqhkiG9w0BAQsFAAOC
AQEAYeAQDMvuP3eTGlc7P332+0A+Su4MIgZqXExqsfZHLty2nPppWU6SJlrFTSVa
FPV7GU1rVOm1GANADhQq0Z96kc7fu8D18UB0S0mskJFklyekoLrTYXUBeeoH1Qad
AdrSflsLtVNAmBPfAss0BOoAM3pg9ySthl0yGmlUK2ATYKYbvR8njYSxDKWmLJ60
pSrRh82RoBsjQLbCDGpoagcVFZhXbRK7fIbYMru1v6HYEGa+/m/Si+abM8dqpIrQ
VqMIoxDYsIQ9cTKOXOpVh06BRL1k0ALfujswKwqGaauMJ2lEOWiYpLbRUiMAAZLI
2nIVrSpestXp8bQwba4oytj8nQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:57 2024 by rpki-client on console-fra.rpki-client.org