Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/CMsUEEtfEggas9YUzaeE9Wi_zz8.roa
File: CMsUEEtfEggas9YUzaeE9Wi_zz8.roa (raw, json)
Hash identifier: TH/BqMQsHnCegfhFh6JgXoDmPt8IIILKLvM+iqFWSg0=
Subject key identifier: 08:CB:14:10:4B:5F:12:08:1A:B3:D6:14:CD:A7:84:F5:68:BF:CF:3F
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018CC2DB04D42AB4D5F311700CEB17655437
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/CMsUEEtfEggas9YUzaeE9Wi_zz8.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44436
IP address blocks: 194.59.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:04:d4:2a:b4:d5:f3:11:70:0c:eb:17:65:54:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08cb14104b5f12081ab3d614cda784f568bfcf3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:bf:6b:22:4d:0c:61:6d:59:81:c1:d2:96:
67:c8:db:52:89:40:a5:4e:6d:c9:4a:e7:a6:ab:30:
e8:c6:b2:c3:ec:92:1b:59:4c:d7:0e:f5:60:43:76:
3f:08:85:2e:20:4a:56:65:a3:7c:ff:de:8f:b0:ea:
0e:8f:d7:fb:61:a5:ce:e1:8b:13:e5:30:18:f6:44:
8d:c6:cb:24:e0:62:14:7e:e8:b5:3e:5d:91:50:b7:
e9:20:03:68:ca:a5:ee:07:8c:a4:d4:80:64:b3:52:
03:94:ac:88:b9:17:85:90:79:3d:2b:1e:a7:ab:07:
1a:c9:f2:32:4d:70:5e:81:d2:cd:85:de:58:95:03:
6a:0c:af:68:b0:ad:d3:d5:bc:19:f6:a0:81:3f:0d:
4c:e2:99:78:53:b9:9d:af:0e:00:4e:67:e9:78:ee:
4d:8b:42:a9:b2:5d:cb:6f:b0:ff:8e:68:90:cd:33:
64:0a:06:71:b2:fd:22:96:d4:7f:52:a4:89:49:2b:
10:bc:5f:0c:5b:e5:ce:96:a2:17:d4:0e:77:78:08:
60:da:bc:89:de:a1:e9:64:6b:36:84:d2:20:b4:cd:
1c:e5:7d:c9:b6:fa:fb:7e:b6:11:e7:76:8e:cb:8d:
cc:ac:88:e2:92:6e:26:77:6e:19:5e:7b:84:2e:06:
06:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CB:14:10:4B:5F:12:08:1A:B3:D6:14:CD:A7:84:F5:68:BF:CF:3F
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/CMsUEEtfEggas9YUzaeE9Wi_zz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.214.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:55:1b:fc:e4:73:65:86:67:2f:bb:4e:11:6e:31:5d:e8:22:
b6:24:fd:06:51:0e:ca:a5:f7:23:73:01:a8:aa:cb:aa:9c:ed:
c9:57:9c:69:00:72:9e:14:a1:90:ea:1a:0e:27:3c:45:07:cc:
7c:bf:b5:9e:61:37:e1:14:64:9b:e4:01:50:62:75:10:ff:5f:
30:28:0f:1f:8f:2f:b4:3a:07:0c:8d:a1:77:48:2a:68:61:4f:
45:55:be:98:45:09:64:e6:29:84:59:d6:35:54:dc:d7:79:78:
73:73:75:b3:33:54:96:d5:3e:1b:41:cc:51:dd:da:8e:b1:49:
4a:78:85:ae:b9:2c:9a:3c:4d:9e:30:16:1a:73:48:7f:bc:8b:
17:b9:4c:45:f8:ba:ef:4c:28:8a:37:73:ea:90:a2:93:22:ea:
ef:69:aa:3c:68:93:14:15:5e:61:09:f0:4e:61:91:55:3b:db:
73:ea:48:b8:9e:97:16:90:91:40:4d:9f:1d:9b:fe:77:e2:aa:
9a:e7:7e:2e:54:af:fb:79:65:cb:ae:22:8b:70:4a:3e:f5:4d:
02:fb:fd:6e:04:b7:a2:b2:f8:6d:2c:31:f5:41:34:78:39:d3:
6b:05:ea:79:08:bc:36:87:0c:ee:7f:a7:21:22:5d:05:ed:94:
48:b8:d6:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2wTUKrTV8xFwDOsXZVQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGNiMTQxMDRiNWYxMjA4MWFiM2Q2MTRjZGE3ODRmNTY4YmZjZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslu/ayJNDGFtWYHB0pZnyNtSiUCl
Tm3JSuemqzDoxrLD7JIbWUzXDvVgQ3Y/CIUuIEpWZaN8/96PsOoOj9f7YaXO4YsT
5TAY9kSNxssk4GIUfui1Pl2RULfpIANoyqXuB4yk1IBks1IDlKyIuReFkHk9Kx6n
qwcayfIyTXBegdLNhd5YlQNqDK9osK3T1bwZ9qCBPw1M4pl4U7mdrw4ATmfpeO5N
i0Kpsl3Lb7D/jmiQzTNkCgZxsv0iltR/UqSJSSsQvF8MW+XOlqIX1A53eAhg2ryJ
3qHpZGs2hNIgtM0c5X3Jtvr7frYR53aOy43MrIjikm4md24ZXnuELgYGrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjLFBBLXxIIGrPWFM2nhPVov88/MB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvQ01zVUVFdGZFZ2dhczlZVXphZUU5V2lfeno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjvWMA0G
CSqGSIb3DQEBCwUAA4IBAQA/VRv85HNlhmcvu04RbjFd6CK2JP0GUQ7KpfcjcwGo
qsuqnO3JV5xpAHKeFKGQ6hoOJzxFB8x8v7WeYTfhFGSb5AFQYnUQ/18wKA8fjy+0
OgcMjaF3SCpoYU9FVb6YRQlk5imEWdY1VNzXeXhzc3WzM1SW1T4bQcxR3dqOsUlK
eIWuuSyaPE2eMBYac0h/vIsXuUxF+LrvTCiKN3PqkKKTIurvaao8aJMUFV5hCfBO
YZFVO9tz6ki4npcWkJFATZ8dm/534qqa534uVK/7eWXLriKLcEo+9U0C+/1uBLei
svhtLDH1QTR4OdNrBep5CLw2hwzuf6chIl0F7ZRIuNYP
-----END CERTIFICATE-----
Generated at Tue May 14 16:18:17 2024 by rpki-client on console-fra.rpki-client.org