Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/7q5E7CTdZmTfQg70gy-RjGcULHQ.roa
File: 7q5E7CTdZmTfQg70gy-RjGcULHQ.roa (raw, json)
Hash identifier: 0EX6ckgT0vc7WcQmv/2+2boASO0MQL5/wOPNmvvieKY=
Subject key identifier: EE:AE:44:EC:24:DD:66:64:DF:42:0E:F4:83:2F:91:8C:67:14:2C:74
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0182F03BC1BB435C8C3903E4867B875D90C9
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/7q5E7CTdZmTfQg70gy-RjGcULHQ.roa
Signing time: Tue 30 Aug 2022 19:30:24 +0000
ROA not before: Tue 30 Aug 2022 19:30:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44436
IP address blocks: 194.59.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f0:3b:c1:bb:43:5c:8c:39:03:e4:86:7b:87:5d:90:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Aug 30 19:30:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eeae44ec24dd6664df420ef4832f918c67142c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8d:c7:b1:7e:f6:34:ca:fc:8f:56:23:d2:76:
9c:61:92:9e:e1:9f:05:78:50:12:75:41:05:84:92:
9e:07:70:a7:7e:07:46:48:a7:60:f0:75:70:3d:e2:
fc:99:cb:e5:11:da:41:0a:d8:f6:d8:1b:b4:99:43:
a4:1e:3c:f8:93:4f:d7:c0:09:ed:8a:cd:9c:aa:5e:
e8:56:a6:4a:0e:11:b7:c5:87:96:3e:f6:c1:33:8f:
0b:06:fa:29:93:bb:31:e9:1b:cb:5a:0c:6e:87:e9:
e0:8f:d3:57:3c:f7:ce:be:ba:02:58:e2:aa:00:6d:
a6:9f:07:1d:95:f6:6c:2a:fc:f3:a1:05:7b:4d:58:
15:69:02:03:bd:af:01:82:02:23:c2:3f:a8:9d:82:
c6:01:5b:06:df:c7:ca:25:6a:06:05:0d:1c:96:cc:
3c:5f:63:33:ce:c3:23:f0:2f:7c:30:6b:33:5b:bd:
d2:29:68:ed:c2:7f:4f:62:f6:f0:68:1f:97:99:a3:
c8:87:2e:f1:36:7e:03:ca:fe:84:24:72:9e:74:c5:
5b:79:3e:53:8f:33:f7:91:3b:5f:92:87:56:5a:4c:
0d:fc:04:77:9f:32:4d:04:ee:cb:f5:39:7b:6e:65:
30:8a:b5:59:71:40:18:d1:0a:69:65:1c:46:85:62:
7d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:AE:44:EC:24:DD:66:64:DF:42:0E:F4:83:2F:91:8C:67:14:2C:74
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/7q5E7CTdZmTfQg70gy-RjGcULHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.214.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:87:be:23:4b:22:b1:88:10:9c:8b:96:94:3e:e9:1f:c3:22:
35:5b:22:bc:ca:ce:7c:58:c7:ec:45:85:2a:6b:1a:51:14:56:
19:ae:b2:c4:81:71:2f:15:d1:ef:d4:8a:88:1f:ce:b3:09:2d:
68:51:56:72:ea:dc:c4:f1:9a:d4:34:c3:90:59:7c:11:8e:5f:
da:5c:01:4a:19:58:ed:7e:3c:65:51:27:91:28:ac:8c:96:61:
46:b3:45:ee:95:98:19:19:34:b0:5d:77:17:34:a9:5a:a4:74:
6e:cd:f2:77:da:9f:fc:90:a7:16:fe:cf:87:c2:df:66:2a:de:
b8:b4:af:99:3c:00:06:c3:3d:c6:77:ef:7b:4e:a8:1c:d6:91:
93:9d:fe:8c:ce:46:ae:7e:6c:1e:1b:8d:ce:c8:5f:9c:4e:07:
ab:21:d4:47:9d:bf:05:4b:c7:6c:27:3c:c4:5b:2d:07:6a:6c:
8f:de:0d:20:ef:5c:c2:f4:57:19:e6:53:a8:f4:d5:9f:13:36:
aa:9d:b1:15:ff:9b:9e:e5:ae:65:b0:e7:c2:5f:6b:94:8a:00:
d8:0e:23:b0:2e:8a:9b:fe:6b:a8:45:11:ae:a6:99:40:b2:45:
50:d5:f7:31:14:17:78:15:5f:46:5a:1c:09:0f:36:c6:03:c5:
93:da:e9:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLwO8G7Q1yMOQPkhnuHXZDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIwODMwMTkzMDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWFlNDRlYzI0ZGQ2NjY0ZGY0MjBlZjQ4MzJmOTE4YzY3MTQyYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI3HsX72NMr8j1Yj0nacYZKe4Z8F
eFASdUEFhJKeB3CnfgdGSKdg8HVwPeL8mcvlEdpBCtj22Bu0mUOkHjz4k0/XwAnt
is2cql7oVqZKDhG3xYeWPvbBM48LBvopk7sx6RvLWgxuh+ngj9NXPPfOvroCWOKq
AG2mnwcdlfZsKvzzoQV7TVgVaQIDva8BggIjwj+onYLGAVsG38fKJWoGBQ0clsw8
X2MzzsMj8C98MGszW73SKWjtwn9PYvbwaB+XmaPIhy7xNn4Dyv6EJHKedMVbeT5T
jzP3kTtfkodWWkwN/AR3nzJNBO7L9Tl7bmUwirVZcUAY0QppZRxGhWJ9HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6uROwk3WZk30IO9IMvkYxnFCx0MB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvN3E1RTdDVGRabVRmUWc3MGd5LVJqR2NVTEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjvWMA0G
CSqGSIb3DQEBCwUAA4IBAQBLh74jSyKxiBCci5aUPukfwyI1WyK8ys58WMfsRYUq
axpRFFYZrrLEgXEvFdHv1IqIH86zCS1oUVZy6tzE8ZrUNMOQWXwRjl/aXAFKGVjt
fjxlUSeRKKyMlmFGs0XulZgZGTSwXXcXNKlapHRuzfJ32p/8kKcW/s+Hwt9mKt64
tK+ZPAAGwz3Gd+97Tqgc1pGTnf6MzkaufmweG43OyF+cTgerIdRHnb8FS8dsJzzE
Wy0HamyP3g0g71zC9FcZ5lOo9NWfEzaqnbEV/5ue5a5lsOfCX2uUigDYDiOwLoqb
/muoRRGupplAskVQ1fcxFBd4FV9GWhwJDzbGA8WT2un7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:16 2024 by rpki-client on console-fra.rpki-client.org