Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/lu8Bqknbry5Dm2jfYWAKHJOMrrw.roa
File: lu8Bqknbry5Dm2jfYWAKHJOMrrw.roa (raw, json)
Hash identifier: Xw8RavL1PvfH4I3hwNDbCpbIIGPT8g/G4aZV6e8R4u8=
Subject key identifier: 96:EF:01:AA:49:DB:AF:2E:43:9B:68:DF:61:60:0A:1C:93:8C:AE:BC
Certificate issuer: /CN=9a26657e6b25449425b748645e7420c76ac2b3a4
Certificate serial: 018CC4937614F14F040B54B0B862AC98879D
Authority key identifier: 9A:26:65:7E:6B:25:44:94:25:B7:48:64:5E:74:20:C7:6A:C2:B3:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miZlfmslRJQlt0hkXnQgx2rCs6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/lu8Bqknbry5Dm2jfYWAKHJOMrrw.roa
Signing time: Mon 01 Jan 2024 10:30:47 +0000
ROA not before: Mon 01 Jan 2024 10:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 185.207.213.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:76:14:f1:4f:04:0b:54:b0:b8:62:ac:98:87:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a26657e6b25449425b748645e7420c76ac2b3a4
Validity
Not Before: Jan 1 10:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96ef01aa49dbaf2e439b68df61600a1c938caebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:81:15:26:1b:e9:92:49:47:c6:c9:ec:95:fc:
3e:22:ee:ff:68:9e:7a:90:bb:10:c5:b7:d6:93:64:
0c:47:a8:64:e5:c7:95:9b:9a:82:10:0d:24:6e:7e:
96:be:d2:d3:f7:3e:b0:42:9e:a7:f7:6c:b9:73:4f:
50:77:1f:9a:9a:08:4b:f5:32:24:77:50:06:43:01:
49:6a:b7:4b:f2:5e:3e:d0:6e:1e:96:8a:90:1f:26:
8d:76:09:95:39:6e:09:f1:af:07:e8:42:62:49:44:
20:dc:56:e7:42:56:53:6c:c8:05:d3:45:5c:06:eb:
df:23:93:c6:bb:17:66:60:cb:2f:3c:7f:36:0a:85:
2e:97:4a:7b:86:93:a5:cb:2a:d6:1d:64:bc:a7:a8:
45:27:59:1f:64:02:c7:23:e4:2c:99:c7:0e:52:71:
5a:d9:82:d8:83:94:c7:66:3b:a8:f4:a2:da:82:25:
42:f2:b8:49:ae:27:93:e6:7b:9e:89:12:e3:d0:72:
d2:83:7e:e3:59:72:bc:08:98:a1:e4:27:3b:d8:55:
97:91:41:55:0f:d0:cb:63:46:00:56:2c:04:df:a8:
45:96:8a:53:18:a4:42:32:bf:cf:51:a5:fa:13:f3:
e9:d6:56:b2:22:b1:83:e5:fe:88:2f:ad:a9:84:db:
cd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EF:01:AA:49:DB:AF:2E:43:9B:68:DF:61:60:0A:1C:93:8C:AE:BC
X509v3 Authority Key Identifier:
keyid:9A:26:65:7E:6B:25:44:94:25:B7:48:64:5E:74:20:C7:6A:C2:B3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miZlfmslRJQlt0hkXnQgx2rCs6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/lu8Bqknbry5Dm2jfYWAKHJOMrrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/miZlfmslRJQlt0hkXnQgx2rCs6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.213.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ae:f9:1b:cf:f7:0c:53:00:e1:4b:3d:04:5a:16:60:54:f0:
1d:6b:97:2b:d3:46:5b:c3:fb:40:da:b7:29:9b:4d:a8:fb:ef:
ee:56:86:98:77:42:b5:51:e5:db:48:bf:f0:a9:66:13:82:ce:
54:16:de:a5:4e:bd:70:70:5f:80:c2:d8:f3:09:33:79:f8:c9:
47:a3:4a:13:a5:e7:e8:e1:c0:06:d8:5b:c0:93:38:cd:69:f0:
e6:e1:ce:b3:a5:03:66:f5:63:05:94:4f:ab:25:88:9e:1c:a9:
0b:b0:c8:70:48:24:bc:ef:d5:f3:c0:f3:9f:77:1f:34:a0:70:
bf:39:e0:4f:34:ae:68:74:8a:64:4b:d2:75:64:63:be:42:2d:
0c:01:a3:76:47:af:41:2a:2e:27:d3:78:ac:e2:d9:a2:76:df:
29:de:99:af:24:68:15:a0:88:df:27:b2:5f:15:f0:49:8d:9f:
5d:59:4d:d4:d3:59:94:0e:03:75:63:83:23:12:36:1f:10:9a:
da:dc:94:7c:f6:95:bd:e5:42:5c:68:fc:ad:bf:97:f8:e1:97:
bd:79:a4:e4:06:36:13:26:cb:0f:a4:8e:fb:17:cd:e9:35:56:
6c:0f:7e:25:f5:4e:25:db:a3:f4:bb:8a:74:59:bb:3b:14:32:
de:cf:7f:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk3YU8U8EC1SwuGKsmIedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjY2NTdlNmIyNTQ0OTQyNWI3NDg2NDVlNzQyMGM3NmFj
MmIzYTQwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmVmMDFhYTQ5ZGJhZjJlNDM5YjY4ZGY2MTYwMGExYzkzOGNhZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIEVJhvpkklHxsnslfw+Iu7/aJ56
kLsQxbfWk2QMR6hk5ceVm5qCEA0kbn6WvtLT9z6wQp6n92y5c09Qdx+amghL9TIk
d1AGQwFJardL8l4+0G4eloqQHyaNdgmVOW4J8a8H6EJiSUQg3FbnQlZTbMgF00Vc
BuvfI5PGuxdmYMsvPH82CoUul0p7hpOlyyrWHWS8p6hFJ1kfZALHI+QsmccOUnFa
2YLYg5THZjuo9KLagiVC8rhJrieT5nueiRLj0HLSg37jWXK8CJih5Cc72FWXkUFV
D9DLY0YAViwE36hFlopTGKRCMr/PUaX6E/Pp1layIrGD5f6IL62phNvNzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbvAapJ268uQ5to32FgChyTjK68MB8GA1UdIwQY
MBaAFJomZX5rJUSUJbdIZF50IMdqwrOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlabGZtc2xSSlFsdDBoa1huUWd4MnJDczZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZWRkZjItN2Q3Yy00NGEzLWIwZmQt
MTEwYjc2OGJmNGMwLzEvbHU4QnFrbmJyeTVEbTJqZllXQUtISk9NcnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZWRkZjItN2Q3Yy00NGEzLWIwZmQtMTEwYjc2OGJmNGMw
LzEvbWlabGZtc2xSSlFsdDBoa1huUWd4MnJDczZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc/VMA0G
CSqGSIb3DQEBCwUAA4IBAQATrvkbz/cMUwDhSz0EWhZgVPAda5cr00Zbw/tA2rcp
m02o++/uVoaYd0K1UeXbSL/wqWYTgs5UFt6lTr1wcF+AwtjzCTN5+MlHo0oTpefo
4cAG2FvAkzjNafDm4c6zpQNm9WMFlE+rJYieHKkLsMhwSCS879XzwPOfdx80oHC/
OeBPNK5odIpkS9J1ZGO+Qi0MAaN2R69BKi4n03is4tmidt8p3pmvJGgVoIjfJ7Jf
FfBJjZ9dWU3U01mUDgN1Y4MjEjYfEJra3JR89pW95UJcaPytv5f44Ze9eaTkBjYT
JssPpI77F83pNVZsD34l9U4l26P0u4p0Wbs7FDLez3/l
-----END CERTIFICATE-----
Generated at Mon Feb 19 18:02:52 2024 by rpki-client on console-ams.rpki-client.org