Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/riNpQ7Ebx5-bRigzciqei7eR_AY.roa
File: riNpQ7Ebx5-bRigzciqei7eR_AY.roa (raw, json)
Hash identifier: FGHs86+F1sIRxKzmW04FrwZiqcRXL3jWxSmoLDVXvcQ=
Subject key identifier: AE:23:69:43:B1:1B:C7:9F:9B:46:28:33:72:2A:9E:8B:B7:91:FC:06
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 018D07FA4D554868B54C01C72B75ED0BA9F9
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/riNpQ7Ebx5-bRigzciqei7eR_AY.roa
Signing time: Sun 14 Jan 2024 12:37:40 +0000
ROA not before: Sun 14 Jan 2024 12:37:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205719
IP address blocks: 194.48.200.0/24 maxlen: 24
2a0f:6287:10::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:07:fa:4d:55:48:68:b5:4c:01:c7:2b:75:ed:0b:a9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Jan 14 12:37:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae236943b11bc79f9b462833722a9e8bb791fc06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c2:75:b5:71:5b:ab:07:7f:c8:50:4a:bd:11:
67:c9:cf:ea:1f:1b:8e:78:cc:84:50:7c:43:81:5d:
1e:d9:de:44:fe:97:88:5d:88:b5:3a:5a:72:1e:dd:
09:92:57:1a:9d:66:36:cc:6d:fa:20:ab:72:7c:eb:
2e:b2:99:38:70:97:47:10:17:4b:e7:9c:8b:1b:14:
39:08:96:d8:3f:a2:d0:a1:7e:a6:ab:d6:36:0a:4b:
cf:cd:4e:d8:ee:2d:63:d7:59:9a:8e:73:1a:40:5e:
1e:8c:79:5b:b8:5f:fa:78:60:79:84:a9:e9:fe:5a:
e0:59:6f:22:76:b6:7f:81:07:c2:1c:32:c0:dc:9c:
34:d4:05:26:13:6a:3f:57:1e:d0:54:18:82:64:46:
7c:11:6b:dd:53:0d:b8:53:10:66:ce:86:82:10:92:
b2:cd:97:94:d0:f9:40:9a:57:d6:63:20:5d:67:6e:
a0:3e:8c:38:95:be:57:23:4f:1e:7e:21:44:d4:12:
3e:47:86:04:da:e9:a5:a1:f5:ac:9b:09:89:f4:74:
be:49:72:1f:48:d8:82:48:00:8d:a8:bd:81:ea:f3:
07:8a:66:e9:8c:89:88:1d:af:08:ac:0a:62:dd:f0:
9a:dc:9d:b6:58:ba:18:07:41:f1:c9:c5:3a:31:14:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:23:69:43:B1:1B:C7:9F:9B:46:28:33:72:2A:9E:8B:B7:91:FC:06
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/riNpQ7Ebx5-bRigzciqei7eR_AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.200.0/24
IPv6:
2a0f:6287:10::/48
Signature Algorithm: sha256WithRSAEncryption
a5:72:fb:55:40:91:e9:db:a1:b7:1b:ce:4c:8a:24:c0:7d:6c:
04:77:ad:77:75:26:d5:b0:23:4f:76:2d:29:31:73:96:29:90:
a4:5d:dc:c4:5e:34:e7:08:6a:57:c5:5f:5c:b9:8d:21:c2:f2:
b3:21:65:0c:04:2a:3c:8c:52:96:e4:21:08:34:16:bf:27:7c:
f2:2e:8b:2f:54:53:fd:d3:40:b6:1c:6f:32:c2:59:d0:e2:eb:
0d:5b:78:eb:fa:b5:7d:c9:4a:79:83:bf:36:53:c0:d4:0c:d4:
2e:8b:0c:5b:fb:35:e0:44:dd:e0:6e:c0:4f:33:e9:f4:47:f4:
70:2e:fc:d7:57:1b:bf:9e:ed:b8:7b:62:da:c8:77:47:c2:f3:
5f:5d:80:24:4e:2f:a3:50:0a:c1:e0:86:f5:26:97:27:45:56:
3c:04:c7:e2:dd:24:ed:5e:af:dd:b3:00:5d:69:d2:ce:96:a9:
8f:2d:d9:48:65:db:26:78:05:45:73:73:73:6b:c4:53:24:82:
7e:5b:49:c0:93:69:df:88:eb:7f:8c:c9:05:f7:99:6e:43:eb:
10:f7:4a:84:7b:f7:2e:55:98:b2:7f:92:9c:ef:d8:40:4b:97:
b2:d8:07:a9:61:a4:6a:4d:59:d4:67:94:4a:02:2e:56:95:f5:
c5:b5:80:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0H+k1VSGi1TAHHK3XtC6n5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjQwMTE0MTIzNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTIzNjk0M2IxMWJjNzlmOWI0NjI4MzM3MjJhOWU4YmI3OTFmYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMJ1tXFbqwd/yFBKvRFnyc/qHxuO
eMyEUHxDgV0e2d5E/peIXYi1OlpyHt0JklcanWY2zG36IKtyfOsuspk4cJdHEBdL
55yLGxQ5CJbYP6LQoX6mq9Y2CkvPzU7Y7i1j11majnMaQF4ejHlbuF/6eGB5hKnp
/lrgWW8idrZ/gQfCHDLA3Jw01AUmE2o/Vx7QVBiCZEZ8EWvdUw24UxBmzoaCEJKy
zZeU0PlAmlfWYyBdZ26gPow4lb5XI08efiFE1BI+R4YE2umlofWsmwmJ9HS+SXIf
SNiCSACNqL2B6vMHimbpjImIHa8IrApi3fCa3J22WLoYB0HxycU6MRQZSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK4jaUOxG8efm0YoM3Iqnou3kfwGMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvcmlOcFE3RWJ4NS1iUmlnemNpcWVpN2VSX0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwjDIMA8E
AgACMAkDBwAqD2KHABAwDQYJKoZIhvcNAQELBQADggEBAKVy+1VAkenbobcbzkyK
JMB9bAR3rXd1JtWwI092LSkxc5YpkKRd3MReNOcIalfFX1y5jSHC8rMhZQwEKjyM
UpbkIQg0Fr8nfPIuiy9UU/3TQLYcbzLCWdDi6w1beOv6tX3JSnmDvzZTwNQM1C6L
DFv7NeBE3eBuwE8z6fRH9HAu/NdXG7+e7bh7YtrId0fC819dgCROL6NQCsHghvUm
lydFVjwEx+LdJO1er92zAF1p0s6WqY8t2Uhl2yZ4BUVzc3NrxFMkgn5bScCTad+I
63+MyQX3mW5D6xD3SoR79y5VmLJ/kpzv2EBLl7LYB6lhpGpNWdRnlEoCLlaV9cW1
gFA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:23 2024 by rpki-client on console-ams.rpki-client.org