Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/EiNvmxZZqDbbbKs_1f1m0aJ4DYQ.roa
File: EiNvmxZZqDbbbKs_1f1m0aJ4DYQ.roa (raw, json)
Hash identifier: dWwYqFEuSANr/780tgy+4okRLAoaPohwzr7lCHPMkQs=
Subject key identifier: 12:23:6F:9B:16:59:A8:36:DB:6C:AB:3F:D5:FD:66:D1:A2:78:0D:84
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018FBEC6121D2C759D80ECD009F26EAF21FC
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/EiNvmxZZqDbbbKs_1f1m0aJ4DYQ.roa
Signing time: Tue 28 May 2024 10:36:42 +0000
ROA not before: Tue 28 May 2024 10:36:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214857
IP address blocks: 217.60.237.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:c6:12:1d:2c:75:9d:80:ec:d0:09:f2:6e:af:21:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: May 28 10:36:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12236f9b1659a836db6cab3fd5fd66d1a2780d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fe:60:3b:27:a7:5c:b9:4d:a8:89:80:cf:9c:
d9:01:5f:07:0a:02:de:38:81:5c:be:1f:9b:d5:a8:
bc:6d:84:89:0c:1b:2f:2a:8e:dd:26:fb:03:45:d5:
71:a1:4e:05:27:70:c5:3d:3d:7a:fa:aa:59:ad:a8:
40:07:21:83:7e:55:43:54:04:ca:43:0f:56:28:8a:
08:19:b4:d0:0f:68:2c:72:17:18:0c:ed:be:1e:e5:
5f:f6:bc:27:2f:d1:f4:f0:de:25:18:29:e5:01:65:
6b:0e:22:a9:26:e5:1f:95:87:4d:dc:e3:8e:b2:2b:
8b:24:d6:29:53:dd:79:49:3c:e4:80:0d:07:a7:b8:
7b:9a:e8:eb:93:33:11:5d:3b:58:cf:60:f4:17:62:
2d:2e:bf:9a:39:28:dc:44:8b:92:aa:db:cc:56:ae:
37:02:75:59:a2:60:f3:89:25:97:d6:9c:b9:50:13:
6b:11:68:a6:02:4b:db:01:7c:11:90:9f:44:6b:db:
91:e1:aa:12:ed:99:39:49:94:b0:ba:5c:7c:bd:3c:
50:4b:90:d2:77:7b:33:bc:84:f4:ea:12:c1:c7:cd:
46:3c:26:93:b5:50:86:8f:16:be:87:29:45:8e:ab:
09:78:4a:42:d9:07:35:a9:41:93:40:65:f0:cd:c0:
11:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:23:6F:9B:16:59:A8:36:DB:6C:AB:3F:D5:FD:66:D1:A2:78:0D:84
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/EiNvmxZZqDbbbKs_1f1m0aJ4DYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.237.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:d4:3d:68:92:78:13:50:82:2e:0e:8c:15:d5:c5:15:df:b7:
e4:28:7e:6f:79:68:6b:72:e0:10:b3:ef:e5:f1:9e:8d:bb:fb:
3c:66:e9:45:e2:d9:a0:c9:c0:87:eb:72:e0:df:b7:97:79:1a:
7e:21:dc:6a:cb:a5:ad:94:d6:5b:90:ae:38:fd:e8:89:e1:c3:
a5:00:c8:af:16:b8:1c:28:38:ac:c8:fd:34:67:4a:dd:1b:05:
a4:6e:c3:db:21:88:54:13:db:df:ea:75:e9:1e:b2:66:5e:ca:
a7:a0:72:91:66:9e:67:e4:f5:26:3c:62:da:e5:c1:70:3b:32:
10:1e:a0:f9:08:21:d7:5f:dd:ec:23:80:75:03:d4:68:f5:58:
86:fb:43:15:c3:f3:6f:14:9b:b7:ce:95:ee:90:0a:d3:2e:b4:
91:f3:9e:9f:98:30:5f:84:2f:b4:1d:7b:1b:23:e3:7b:1d:eb:
eb:2e:f6:07:f6:e4:ad:6f:d5:02:1a:01:f2:ba:0a:7a:f9:05:
17:05:56:60:45:0a:b7:8b:6b:0a:0f:05:a8:d3:c3:a9:1d:7b:
43:34:22:aa:7d:f5:42:02:eb:d3:7c:fb:bf:f8:df:07:ce:9a:
94:28:58:c9:a8:bd:63:7d:86:0c:78:5e:c2:22:16:fe:68:92:
a4:8c:70:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY++xhIdLHWdgOzQCfJuryH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNTI4MTAzNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjIzNmY5YjE2NTlhODM2ZGI2Y2FiM2ZkNWZkNjZkMWEyNzgwZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/5gOyenXLlNqImAz5zZAV8HCgLe
OIFcvh+b1ai8bYSJDBsvKo7dJvsDRdVxoU4FJ3DFPT16+qpZrahAByGDflVDVATK
Qw9WKIoIGbTQD2gschcYDO2+HuVf9rwnL9H08N4lGCnlAWVrDiKpJuUflYdN3OOO
siuLJNYpU915STzkgA0Hp7h7mujrkzMRXTtYz2D0F2ItLr+aOSjcRIuSqtvMVq43
AnVZomDziSWX1py5UBNrEWimAkvbAXwRkJ9Ea9uR4aoS7Zk5SZSwulx8vTxQS5DS
d3szvIT06hLBx81GPCaTtVCGjxa+hylFjqsJeEpC2Qc1qUGTQGXwzcARJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBIjb5sWWag222yrP9X9ZtGieA2EMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvRWlOdm14WlpxRGJiYktzXzFmMW0wYUo0RFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2TztMA0G
CSqGSIb3DQEBCwUAA4IBAQBs1D1okngTUIIuDowV1cUV37fkKH5veWhrcuAQs+/l
8Z6Nu/s8ZulF4tmgycCH63Lg37eXeRp+Idxqy6WtlNZbkK44/eiJ4cOlAMivFrgc
KDisyP00Z0rdGwWkbsPbIYhUE9vf6nXpHrJmXsqnoHKRZp5n5PUmPGLa5cFwOzIQ
HqD5CCHXX93sI4B1A9Ro9ViG+0MVw/NvFJu3zpXukArTLrSR856fmDBfhC+0HXsb
I+N7HevrLvYH9uStb9UCGgHyugp6+QUXBVZgRQq3i2sKDwWo08OpHXtDNCKqffVC
AuvTfPu/+N8HzpqUKFjJqL1jfYYMeF7CIhb+aJKkjHCf
-----END CERTIFICATE-----
Generated at Thu Jul 4 16:48:15 2024 by rpki-client on console-fra.rpki-client.org