Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/wX9KPxYdc4c_QLqwWwhiy6IXJr0.roa
File: wX9KPxYdc4c_QLqwWwhiy6IXJr0.roa (raw, json)
Hash identifier: i+p9+/XoLIFkAHOAvjg7kTwAtnrdQJCxqvo7Q7CjQ+I=
Subject key identifier: C1:7F:4A:3F:16:1D:73:87:3F:40:BA:B0:5B:08:62:CB:A2:17:26:BD
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018F819BB18133711E90D4FB3B2B40E3EBD0
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/wX9KPxYdc4c_QLqwWwhiy6IXJr0.roa
Signing time: Thu 16 May 2024 13:33:35 +0000
ROA not before: Thu 16 May 2024 13:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 83.138.54.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:9b:b1:81:33:71:1e:90:d4:fb:3b:2b:40:e3:eb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: May 16 13:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c17f4a3f161d73873f40bab05b0862cba21726bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a0:7f:dd:d4:c7:a6:66:a8:c2:c4:07:44:81:
f6:62:1f:40:dc:81:1e:fa:0e:1f:59:45:f9:ff:d2:
67:ec:35:4b:48:c6:5c:95:88:f1:f3:a9:4c:09:19:
3c:65:20:5c:d6:0c:ef:2c:42:d2:bd:b1:89:d5:8b:
e4:8c:03:bd:70:c1:99:46:a1:25:2c:3f:f1:64:aa:
16:1d:c1:3e:2f:a9:ee:a2:12:e4:1e:47:ca:5b:df:
6c:6e:11:7c:ca:75:21:be:35:94:85:5e:30:a3:c5:
13:53:5e:81:b9:84:c0:38:f3:f9:8e:8d:c4:c8:90:
26:3e:23:d1:80:37:6e:39:71:5b:08:1e:54:26:a7:
e1:54:32:26:fb:4b:f6:20:60:d4:6e:50:d8:ac:ec:
6d:3e:fe:4d:f5:b2:a8:12:a0:f5:c3:3c:45:8b:47:
89:ef:98:63:1d:a7:a2:33:ba:c8:ad:b5:19:21:4f:
13:ed:15:c3:ff:14:ae:1a:fd:29:6e:94:d0:29:13:
88:cf:f1:fe:ba:34:3e:8e:cd:be:07:bf:ac:73:e2:
09:ce:3a:3b:67:ba:d7:d6:d5:a3:44:69:60:bd:9d:
38:51:3b:02:91:6b:d7:44:5d:13:0f:2b:12:6c:db:
56:0f:2c:73:d6:f1:f3:85:e7:05:99:6f:5c:28:c1:
7e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7F:4A:3F:16:1D:73:87:3F:40:BA:B0:5B:08:62:CB:A2:17:26:BD
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/wX9KPxYdc4c_QLqwWwhiy6IXJr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.138.54.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:25:e4:0c:2e:71:31:14:6b:6e:67:0c:ed:6f:c7:e6:dd:83:
f6:be:cd:0c:70:31:bb:5d:6c:22:e5:0a:b2:ea:f1:5a:8d:95:
3f:bf:24:4d:8c:0a:57:a5:56:cf:6f:3a:0b:66:4e:fb:91:2e:
9d:9b:7a:95:8c:47:65:b0:9d:e7:b2:60:ba:1d:8b:2f:5f:8c:
a2:32:c9:ba:cf:cb:3e:82:49:76:4b:0d:36:7a:59:4d:72:97:
ce:f8:fb:ae:f2:de:c6:35:de:cd:1d:66:b4:17:bf:5e:58:5e:
fa:a9:5b:53:fa:4b:2a:06:34:13:b4:fe:eb:e8:f2:96:f0:04:
03:ee:87:64:74:33:16:fd:5a:05:b7:8e:b1:9a:7f:80:39:5d:
6c:4a:1c:7c:1e:e9:1c:a7:11:f6:02:c8:ec:af:ee:87:11:b4:
86:39:ce:2b:d1:b4:b1:20:5c:4a:30:d9:d0:c0:eb:f5:70:44:
22:1c:2e:f6:a5:a3:d9:a8:76:8c:a3:83:40:4b:68:c5:3d:79:
6e:25:58:02:b9:fb:bb:81:26:c8:98:9e:33:dd:d4:e1:ae:fc:
96:1e:5f:4b:21:84:de:e2:55:f4:eb:08:4e:b1:6c:e2:5c:15:
ca:24:8b:23:ff:db:59:58:ae:e8:88:8c:0f:24:c6:3f:f5:4c:
e9:92:92:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+Bm7GBM3EekNT7OytA4+vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwNTE2MTMzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTdmNGEzZjE2MWQ3Mzg3M2Y0MGJhYjA1YjA4NjJjYmEyMTcyNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKB/3dTHpmaowsQHRIH2Yh9A3IEe
+g4fWUX5/9Jn7DVLSMZclYjx86lMCRk8ZSBc1gzvLELSvbGJ1YvkjAO9cMGZRqEl
LD/xZKoWHcE+L6nuohLkHkfKW99sbhF8ynUhvjWUhV4wo8UTU16BuYTAOPP5jo3E
yJAmPiPRgDduOXFbCB5UJqfhVDIm+0v2IGDUblDYrOxtPv5N9bKoEqD1wzxFi0eJ
75hjHaeiM7rIrbUZIU8T7RXD/xSuGv0pbpTQKROIz/H+ujQ+js2+B7+sc+IJzjo7
Z7rX1tWjRGlgvZ04UTsCkWvXRF0TDysSbNtWDyxz1vHzhecFmW9cKMF+OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMF/Sj8WHXOHP0C6sFsIYsuiFya9MB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvd1g5S1B4WWRjNGNfUUxxd1d3aGl5NklYSnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU4o2MA0G
CSqGSIb3DQEBCwUAA4IBAQCmJeQMLnExFGtuZwztb8fm3YP2vs0McDG7XWwi5Qqy
6vFajZU/vyRNjApXpVbPbzoLZk77kS6dm3qVjEdlsJ3nsmC6HYsvX4yiMsm6z8s+
gkl2Sw02ellNcpfO+Puu8t7GNd7NHWa0F79eWF76qVtT+ksqBjQTtP7r6PKW8AQD
7odkdDMW/VoFt46xmn+AOV1sShx8HukcpxH2Asjsr+6HEbSGOc4r0bSxIFxKMNnQ
wOv1cEQiHC72paPZqHaMo4NAS2jFPXluJVgCufu7gSbImJ4z3dThrvyWHl9LIYTe
4lX06whOsWziXBXKJIsj/9tZWK7oiIwPJMY/9UzpkpIz
-----END CERTIFICATE-----
Generated at Wed Aug 14 16:07:25 2024 by rpki-client on console-fra.rpki-client.org