Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/q2snSpVa7HdUmQxIJ-hXjDgiNsk.roa
File: q2snSpVa7HdUmQxIJ-hXjDgiNsk.roa (raw, json)
Hash identifier: 64m2mY3EcdohNAqjgomkxc8z4QeyXmAhzI37SoXlWuw=
Subject key identifier: AB:6B:27:4A:95:5A:EC:77:54:99:0C:48:27:E8:57:8C:38:22:36:C9
Certificate issuer: /CN=6baa05c6f8f9bfd70e3d41fe05bafc50d1253bf5
Certificate serial: 018CC56EA9262FD822E0E4A7B6B6B5A340F7
Authority key identifier: 6B:AA:05:C6:F8:F9:BF:D7:0E:3D:41:FE:05:BA:FC:50:D1:25:3B:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6oFxvj5v9cOPUH-Bbr8UNElO_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/q2snSpVa7HdUmQxIJ-hXjDgiNsk.roa
Signing time: Mon 01 Jan 2024 14:30:12 +0000
ROA not before: Mon 01 Jan 2024 14:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 146.19.204.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a9:26:2f:d8:22:e0:e4:a7:b6:b6:b5:a3:40:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6baa05c6f8f9bfd70e3d41fe05bafc50d1253bf5
Validity
Not Before: Jan 1 14:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab6b274a955aec7754990c4827e8578c382236c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:da:2c:58:83:93:ac:36:49:1a:bc:34:88:27:
54:90:8e:2c:a8:08:7f:31:04:c6:bf:1d:9b:dd:9a:
e3:34:64:a2:61:e3:c6:59:a4:82:ad:88:17:8a:46:
99:cc:e2:c3:28:14:75:75:02:95:8c:83:87:42:82:
7e:c9:94:37:40:80:ce:17:ef:40:fd:9e:50:23:0c:
f9:f9:26:0d:a1:41:00:99:fb:6d:0d:e6:f0:7c:fd:
f9:6a:11:61:ba:41:a6:ab:a4:a5:ea:30:86:60:37:
a6:57:a7:65:46:58:19:5d:1c:e8:da:2e:19:93:0e:
76:60:c3:7d:5e:71:84:56:70:f3:4a:05:7e:ca:21:
06:64:f2:3e:80:55:66:9d:9c:88:96:6e:03:0c:fe:
e5:f9:7a:de:e3:19:9b:fe:9c:50:eb:49:70:64:8e:
a7:88:b6:a2:de:3b:9b:d7:a2:e9:4f:0e:58:69:73:
4c:0c:71:3c:93:6f:73:b9:1f:53:d8:fa:b1:a9:11:
a7:15:52:b7:62:e7:15:a6:64:84:9d:ac:fb:8a:4d:
34:67:07:f4:bb:84:99:10:55:d2:48:cb:88:12:9f:
16:12:e8:8e:2b:2f:90:93:7b:38:a2:cc:8c:7a:68:
83:9e:68:f5:9b:38:3b:46:4d:85:72:fc:38:61:9f:
72:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6B:27:4A:95:5A:EC:77:54:99:0C:48:27:E8:57:8C:38:22:36:C9
X509v3 Authority Key Identifier:
keyid:6B:AA:05:C6:F8:F9:BF:D7:0E:3D:41:FE:05:BA:FC:50:D1:25:3B:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6oFxvj5v9cOPUH-Bbr8UNElO_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/q2snSpVa7HdUmQxIJ-hXjDgiNsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/a6oFxvj5v9cOPUH-Bbr8UNElO_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.204.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:28:a4:8a:5d:0a:26:69:72:28:18:59:8a:26:63:63:8c:2d:
b4:42:7c:74:f6:be:18:50:a0:fd:53:f4:80:62:8f:50:1b:68:
59:dd:d6:61:7a:35:14:46:3d:a1:e0:08:51:94:d2:d5:b6:99:
4a:8b:80:3a:31:7e:b6:c1:26:8e:27:20:79:85:1d:02:19:87:
c3:5b:53:24:8d:51:a1:ab:45:03:9c:77:50:44:72:58:4b:3e:
50:17:2d:1e:4d:6e:47:09:c2:1b:c9:da:67:8c:92:22:d6:fa:
28:56:ba:6f:32:6a:2b:c3:5f:12:b3:23:f2:68:3f:b1:b9:67:
35:95:5a:b9:92:37:74:c8:75:d7:f5:e1:6b:8f:1e:6c:08:39:
82:91:51:5b:d8:9c:24:41:16:78:8a:1f:fa:9f:6f:a2:6c:6e:
3d:32:2a:b8:5d:17:5c:5a:69:92:de:a1:34:19:f7:9b:36:35:
55:7c:3f:52:9a:7c:18:30:30:9a:fd:3b:61:7e:39:4b:94:8b:
cb:f0:39:75:e2:78:f5:ad:fb:27:a8:d9:6c:c3:d6:c6:3c:e4:
5b:d7:ab:c5:07:84:92:ec:1a:89:cf:84:7e:85:d4:c4:79:aa:
c9:e2:9e:62:f6:57:41:09:66:5b:74:3d:67:04:0a:76:3f:ea:
83:2e:b7:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbqkmL9gi4OSntra1o0D3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYWEwNWM2ZjhmOWJmZDcwZTNkNDFmZTA1YmFmYzUwZDEy
NTNiZjUwHhcNMjQwMTAxMTQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZiMjc0YTk1NWFlYzc3NTQ5OTBjNDgyN2U4NTc4YzM4MjIzNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9osWIOTrDZJGrw0iCdUkI4sqAh/
MQTGvx2b3ZrjNGSiYePGWaSCrYgXikaZzOLDKBR1dQKVjIOHQoJ+yZQ3QIDOF+9A
/Z5QIwz5+SYNoUEAmfttDebwfP35ahFhukGmq6Sl6jCGYDemV6dlRlgZXRzo2i4Z
kw52YMN9XnGEVnDzSgV+yiEGZPI+gFVmnZyIlm4DDP7l+Xre4xmb/pxQ60lwZI6n
iLai3jub16LpTw5YaXNMDHE8k29zuR9T2PqxqRGnFVK3YucVpmSEnaz7ik00Zwf0
u4SZEFXSSMuIEp8WEuiOKy+Qk3s4osyMemiDnmj1mzg7Rk2Fcvw4YZ9yGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtrJ0qVWux3VJkMSCfoV4w4IjbJMB8GA1UdIwQY
MBaAFGuqBcb4+b/XDj1B/gW6/FDRJTv1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZvRnh2ajV2OWNPUFVILUJicjhVTkVsT19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZjUxMTktNmRjYy00M2EyLThkYWYt
ZjMyMTFkOTE1MjBkLzEvcTJzblNwVmE3SGRVbVF4SUotaFhqRGdpTnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZjUxMTktNmRjYy00M2EyLThkYWYtZjMyMTFkOTE1MjBk
LzEvYTZvRnh2ajV2OWNPUFVILUJicjhVTkVsT19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPMMA0G
CSqGSIb3DQEBCwUAA4IBAQDHKKSKXQomaXIoGFmKJmNjjC20Qnx09r4YUKD9U/SA
Yo9QG2hZ3dZhejUURj2h4AhRlNLVtplKi4A6MX62wSaOJyB5hR0CGYfDW1MkjVGh
q0UDnHdQRHJYSz5QFy0eTW5HCcIbydpnjJIi1vooVrpvMmorw18SsyPyaD+xuWc1
lVq5kjd0yHXX9eFrjx5sCDmCkVFb2JwkQRZ4ih/6n2+ibG49Miq4XRdcWmmS3qE0
GfebNjVVfD9SmnwYMDCa/TthfjlLlIvL8Dl14nj1rfsnqNlsw9bGPORb16vFB4SS
7BqJz4R+hdTEearJ4p5i9ldBCWZbdD1nBAp2P+qDLrfb
-----END CERTIFICATE-----
Generated at Wed Jun 12 18:13:02 2024 by rpki-client on console-ams.rpki-client.org