Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/n_Bl9ttXGOgfewRENpudhF5nbTw.roa
File: n_Bl9ttXGOgfewRENpudhF5nbTw.roa (raw, json)
Hash identifier: JOusygydtkxTdeAcYGrNhVVV2PRlNe0THNhqo4pcgtU=
Subject key identifier: 9F:F0:65:F6:DB:57:18:E8:1F:7B:04:44:36:9B:9D:84:5E:67:6D:3C
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018D1827B422D21FE2CA1B0C77F555560BBA
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/n_Bl9ttXGOgfewRENpudhF5nbTw.roa
Signing time: Wed 17 Jan 2024 16:01:11 +0000
ROA not before: Wed 17 Jan 2024 16:01:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41957
IP address blocks: 146.19.178.0/24 maxlen: 24
176.56.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:27:b4:22:d2:1f:e2:ca:1b:0c:77:f5:55:56:0b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 17 16:01:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ff065f6db5718e81f7b0444369b9d845e676d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:05:ea:20:c8:b0:9d:c3:96:94:20:dd:22:45:
bc:f2:1d:de:64:6e:08:e2:b5:81:78:72:11:1a:bd:
b7:a5:35:da:6f:0b:bc:82:3a:a6:63:32:97:c0:5b:
00:37:3b:35:f7:a5:b0:36:6b:7e:62:86:07:0e:7f:
be:ae:4c:a5:ed:9e:39:3a:b3:c1:b9:4e:51:75:94:
49:60:e3:17:32:98:4c:a5:60:00:ed:e0:8f:d8:a0:
87:0c:f2:52:90:e0:1d:b2:26:6e:67:4d:08:8f:e7:
ee:73:d2:78:ea:e1:7b:d2:00:9d:fe:e3:31:a1:53:
f2:93:2b:05:7e:f4:5b:81:79:e2:6f:dc:a2:8f:cd:
31:54:71:7f:e3:32:60:14:57:6d:ca:e0:8e:b0:e7:
2e:63:26:2a:c7:be:c0:1e:0d:a6:17:0e:81:6a:b5:
ba:08:65:a5:ae:97:3d:14:c4:49:b5:e0:a9:db:21:
05:dd:83:97:1a:83:87:73:61:5f:0b:bf:78:3f:cb:
f1:3e:66:11:5c:c0:e1:fd:66:86:e3:6e:b6:42:4a:
59:85:bf:56:e9:e2:c3:ea:65:8d:ca:47:58:ca:c5:
24:49:e0:ae:30:2b:ad:51:57:6f:de:ec:21:ca:46:
06:4a:b5:b7:82:a7:d1:bc:25:9d:35:10:72:ef:3e:
5b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F0:65:F6:DB:57:18:E8:1F:7B:04:44:36:9B:9D:84:5E:67:6D:3C
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/n_Bl9ttXGOgfewRENpudhF5nbTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.178.0/24
176.56.34.0/24
Signature Algorithm: sha256WithRSAEncryption
56:4c:1e:0a:62:3e:d5:3c:5e:cf:92:ab:32:de:0b:f6:9a:95:
6c:ed:fc:1e:6a:dd:15:22:85:ff:b3:d7:d9:9b:06:5e:5a:0b:
e5:3c:2f:fc:cb:e0:ad:5c:be:1d:58:b5:6a:e5:6c:68:47:f5:
ac:bf:37:dd:79:45:af:ea:14:e0:cc:73:fe:7f:4b:8b:f9:33:
b0:9e:b0:38:2b:48:47:dc:7b:1f:0a:49:e2:fa:3a:36:49:98:
c1:7a:d3:f9:4c:ed:06:5f:41:38:a0:be:10:84:5d:5b:ce:f5:
0b:57:9b:6c:7c:51:17:f4:51:1c:26:97:b7:13:bf:4d:62:04:
59:6b:3f:90:d1:11:e0:59:c9:b0:59:54:d5:d0:55:53:e3:70:
88:0a:48:84:c0:6e:ed:8d:d3:10:46:07:07:c5:89:52:4c:7f:
ac:14:d6:0d:5b:84:d2:a3:31:75:d9:36:8f:3d:6b:25:30:39:
08:a4:10:e8:f6:3c:e7:49:a2:dd:b3:22:0d:46:f9:dc:cd:b2:
a4:36:03:71:34:7b:f5:13:15:ca:7c:e3:a9:5e:c6:7a:1b:5b:
fb:4b:5b:3f:da:7f:38:d8:88:cb:d2:fb:a0:bf:f4:90:48:91:
a3:00:db:00:ba:74:c7:1a:bc:ed:0e:02:ee:6f:70:61:83:65:
78:20:8f:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0YJ7Qi0h/iyhsMd/VVVgu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMTE3MTYwMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmYwNjVmNmRiNTcxOGU4MWY3YjA0NDQzNjliOWQ4NDVlNjc2ZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAXqIMiwncOWlCDdIkW88h3eZG4I
4rWBeHIRGr23pTXabwu8gjqmYzKXwFsANzs196WwNmt+YoYHDn++rkyl7Z45OrPB
uU5RdZRJYOMXMphMpWAA7eCP2KCHDPJSkOAdsiZuZ00Ij+fuc9J46uF70gCd/uMx
oVPykysFfvRbgXnib9yij80xVHF/4zJgFFdtyuCOsOcuYyYqx77AHg2mFw6BarW6
CGWlrpc9FMRJteCp2yEF3YOXGoOHc2FfC794P8vxPmYRXMDh/WaG4262QkpZhb9W
6eLD6mWNykdYysUkSeCuMCutUVdv3uwhykYGSrW3gqfRvCWdNRBy7z5bowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ/wZfbbVxjoH3sERDabnYReZ208MB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvbl9CbDl0dFhHT2dmZXdSRU5wdWRoRjVuYlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhOyAwQA
sDgiMA0GCSqGSIb3DQEBCwUAA4IBAQBWTB4KYj7VPF7Pkqsy3gv2mpVs7fweat0V
IoX/s9fZmwZeWgvlPC/8y+CtXL4dWLVq5WxoR/WsvzfdeUWv6hTgzHP+f0uL+TOw
nrA4K0hH3HsfCkni+jo2SZjBetP5TO0GX0E4oL4QhF1bzvULV5tsfFEX9FEcJpe3
E79NYgRZaz+Q0RHgWcmwWVTV0FVT43CICkiEwG7tjdMQRgcHxYlSTH+sFNYNW4TS
ozF12TaPPWslMDkIpBDo9jznSaLdsyINRvnczbKkNgNxNHv1ExXKfOOpXsZ6G1v7
S1s/2n842IjL0vugv/SQSJGjANsAunTHGrztDgLub3Bhg2V4II8y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org