Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/DARKBfwGDIWrku3p7YyBhHhp6Wk.roa
File: DARKBfwGDIWrku3p7YyBhHhp6Wk.roa (raw, json)
Hash identifier: fyXeLfoqWyJJDbFS/s14rEGIMCuxIyOmg7RQgpyDSG8=
Subject key identifier: 0C:04:4A:05:FC:06:0C:85:AB:92:ED:E9:ED:8C:81:84:78:69:E9:69
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018BFCF82C578AF8B9A4EA32B8F47E708BA2
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/DARKBfwGDIWrku3p7YyBhHhp6Wk.roa
Signing time: Thu 23 Nov 2023 16:16:44 +0000
ROA not before: Thu 23 Nov 2023 16:16:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201691
IP address blocks: 194.26.195.0/24 maxlen: 24
45.159.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:f8:2c:57:8a:f8:b9:a4:ea:32:b8:f4:7e:70:8b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Nov 23 16:16:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c044a05fc060c85ab92ede9ed8c81847869e969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e2:1d:22:f2:5c:8a:af:b3:fd:36:f1:85:23:
53:ee:2e:f3:fe:86:74:65:0d:39:dd:b4:d8:44:80:
fb:22:82:c9:dd:17:3b:90:18:71:45:0e:2d:ab:62:
58:4c:c7:ed:49:b6:3c:89:f1:38:c1:d2:bc:21:ba:
14:55:e1:8b:aa:80:cd:75:81:5a:1c:08:88:6b:57:
4c:11:d1:6c:1d:0f:d7:2f:ab:6f:86:47:9f:a1:f2:
80:4f:ba:82:24:22:1d:00:98:f4:96:46:29:65:20:
f7:dc:fc:ef:7e:c7:34:87:4d:85:fa:44:e8:65:1b:
c5:e1:a8:e6:35:8a:35:fd:93:8d:a8:16:c9:39:6c:
30:f8:32:3d:bf:dd:06:fb:af:6d:c5:93:d3:ec:de:
76:4b:e5:3a:80:18:eb:d5:da:06:f0:a2:bc:96:14:
e8:28:f2:7a:46:bc:8b:c9:b7:59:ba:b7:cc:dd:9b:
c7:20:9a:2b:b7:a9:1a:80:2c:e0:7a:25:d5:86:ce:
69:c1:d5:51:2d:67:d0:13:26:d3:46:89:08:e5:57:
e2:c1:7b:f2:dc:a8:a3:56:af:b9:36:d9:67:9a:2d:
a6:66:d0:f1:ff:2f:d4:c4:da:08:6e:30:5f:87:3f:
0a:bd:cf:e9:9a:86:cd:17:23:ee:56:ac:eb:2f:e8:
ca:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:04:4A:05:FC:06:0C:85:AB:92:ED:E9:ED:8C:81:84:78:69:E9:69
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/DARKBfwGDIWrku3p7YyBhHhp6Wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.151.0/24
194.26.195.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:a1:1c:93:52:3a:c4:ad:4c:30:01:ad:52:bf:4b:28:97:ed:
66:82:70:24:d6:88:c8:6e:a0:8c:44:73:22:58:fb:44:69:eb:
c9:01:99:07:06:d2:4a:74:a1:be:2d:14:30:04:16:1e:bd:5f:
2b:11:a7:91:9c:b1:a5:5d:55:23:e1:2c:3d:9f:e3:6b:b6:16:
51:9e:14:62:df:ea:4d:76:82:d9:ae:fd:22:3e:19:ad:55:c6:
59:bc:50:73:a6:e0:ee:47:40:22:31:3d:04:07:17:f3:3b:87:
4e:df:34:55:e5:f0:8c:a8:a1:31:6e:a4:b8:a6:4f:5f:12:80:
b7:98:21:a6:3b:75:c2:74:ca:f9:1e:d6:e3:5e:ca:23:a3:15:
c0:92:d4:e2:d5:14:ee:05:12:ba:9c:86:2d:08:19:49:dc:60:
47:c3:a1:64:30:6f:34:62:c6:34:2a:4b:8e:4f:19:62:d2:82:
6f:e2:59:73:b7:dd:57:80:f0:86:7d:8a:6e:24:fd:a1:c6:72:
41:8b:30:b0:8b:55:8c:f0:b2:0c:b4:68:20:3f:c2:22:a2:9d:
00:23:6a:0f:25:7b:f9:00:56:da:9f:2e:51:18:85:ba:03:52:
16:a5:88:81:82:ce:72:79:4a:f4:b9:24:04:13:35:ae:b2:84:
6c:6b:d9:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv8+CxXivi5pOoyuPR+cIuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMxMTIzMTYxNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA0NGEwNWZjMDYwYzg1YWI5MmVkZTllZDhjODE4NDc4NjllOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OIdIvJciq+z/TbxhSNT7i7z/oZ0
ZQ053bTYRID7IoLJ3Rc7kBhxRQ4tq2JYTMftSbY8ifE4wdK8IboUVeGLqoDNdYFa
HAiIa1dMEdFsHQ/XL6tvhkefofKAT7qCJCIdAJj0lkYpZSD33Pzvfsc0h02F+kTo
ZRvF4ajmNYo1/ZONqBbJOWww+DI9v90G+69txZPT7N52S+U6gBjr1doG8KK8lhTo
KPJ6RryLybdZurfM3ZvHIJort6kagCzgeiXVhs5pwdVRLWfQEybTRokI5VfiwXvy
3KijVq+5Ntlnmi2mZtDx/y/UxNoIbjBfhz8Kvc/pmobNFyPuVqzrL+jKbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAwESgX8BgyFq5Lt6e2MgYR4aelpMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvREFSS0Jmd0dESVdya3UzcDdZeUJoSGhwNldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ+XAwQA
whrDMA0GCSqGSIb3DQEBCwUAA4IBAQAMoRyTUjrErUwwAa1Sv0sol+1mgnAk1ojI
bqCMRHMiWPtEaevJAZkHBtJKdKG+LRQwBBYevV8rEaeRnLGlXVUj4Sw9n+NrthZR
nhRi3+pNdoLZrv0iPhmtVcZZvFBzpuDuR0AiMT0EBxfzO4dO3zRV5fCMqKExbqS4
pk9fEoC3mCGmO3XCdMr5HtbjXsojoxXAktTi1RTuBRK6nIYtCBlJ3GBHw6FkMG80
YsY0KkuOTxli0oJv4llzt91XgPCGfYpuJP2hxnJBizCwi1WM8LIMtGggP8Iiop0A
I2oPJXv5AFbany5RGIW6A1IWpYiBgs5yeUr0uSQEEzWusoRsa9lt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:19 2024 by rpki-client on console-ams.rpki-client.org