Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9wm27g3qLXz1cWUXY5ZDwL4pgRY.roa
File: 9wm27g3qLXz1cWUXY5ZDwL4pgRY.roa (raw, json)
Hash identifier: mDXipT4XVkA1SPnST5IXvVCEbnNd0O8VbfT1DY26/9M=
Subject key identifier: F7:09:B6:EE:0D:EA:2D:7C:F5:71:65:17:63:96:43:C0:BE:29:81:16
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 01915652E92678D33003E62490ECCBB4E80A
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9wm27g3qLXz1cWUXY5ZDwL4pgRY.roa
Signing time: Thu 15 Aug 2024 13:55:59 +0000
ROA not before: Thu 15 Aug 2024 13:55:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208476
IP address blocks: 185.244.26.0/24 maxlen: 24
185.244.29.0/24 maxlen: 24
185.244.30.0/24 maxlen: 24
185.244.31.0/24 maxlen: 24
194.5.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:56:52:e9:26:78:d3:30:03:e6:24:90:ec:cb:b4:e8:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Aug 15 13:55:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f709b6ee0dea2d7cf5716517639643c0be298116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b8:cd:44:f8:71:7d:8c:4f:e3:57:de:6b:3b:
f7:32:16:5f:39:62:bb:62:0e:3d:13:cc:9f:19:f0:
27:f7:0e:6f:2d:f0:db:84:47:57:95:ef:94:e0:27:
da:0a:09:76:21:e9:82:42:47:b4:d3:74:15:30:f5:
6f:0b:e4:c4:ae:24:e9:46:8b:54:95:08:ea:9f:0d:
a2:c9:f6:6a:9c:a9:83:26:03:2b:cc:33:3c:41:b3:
98:c4:43:d1:c2:c4:b0:45:10:25:b4:0f:11:11:cc:
ba:6c:af:bd:ef:95:13:a0:db:c1:63:3a:9e:2f:78:
c0:d7:97:07:f1:83:26:f9:9e:be:d6:7e:58:a2:a4:
07:ef:9e:34:41:ee:5d:60:d0:d9:f7:ed:18:46:59:
48:43:b2:be:5f:7e:75:5c:c5:cf:6f:d9:af:18:b4:
e9:39:ad:86:27:cb:da:ac:cd:e7:15:5d:e2:d2:bb:
e2:62:26:21:94:5b:13:3c:a5:6e:68:bd:66:7f:ee:
5b:69:24:d0:af:dd:6b:0b:7c:6e:0a:c2:68:f2:f3:
72:0a:78:c1:34:25:2d:76:8f:ec:3f:8e:fb:ed:8a:
f0:3d:48:5a:ca:c6:26:52:a7:25:ea:4a:20:2d:61:
cc:28:e9:f4:c0:9d:85:61:ca:87:ab:42:d7:7f:e7:
14:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:09:B6:EE:0D:EA:2D:7C:F5:71:65:17:63:96:43:C0:BE:29:81:16
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9wm27g3qLXz1cWUXY5ZDwL4pgRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.26.0/24
185.244.29.0-185.244.31.255
194.5.97.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:71:b9:41:57:6d:ff:bb:c2:aa:58:57:9c:27:00:bf:42:1c:
2d:53:10:b0:ce:d9:c2:e9:04:15:75:fc:58:1d:bc:07:9e:42:
c8:0e:99:9a:05:53:98:47:6f:27:71:da:64:03:9a:ac:af:e3:
5a:41:af:07:3b:03:74:f6:18:2e:c1:5c:5e:05:4c:27:4a:46:
fc:46:89:d3:eb:48:54:a4:5d:43:e5:c4:9c:98:d4:2d:00:ee:
9c:79:da:2a:0a:24:d3:ce:d1:df:4b:ec:31:89:d1:9d:c6:5f:
9f:84:ea:2f:15:8f:8f:44:c3:90:a3:26:ae:13:00:72:a0:a6:
e3:92:2e:e0:08:f1:e9:6c:d9:5e:7b:c2:4b:3d:65:b3:59:b5:
3e:ac:c4:18:ee:ca:83:42:3d:b2:b3:8c:a0:a6:80:a7:44:6e:
e7:73:3f:b4:71:09:14:87:c5:f2:ab:7b:f1:01:c2:30:2e:43:
b2:ff:77:ce:d0:6b:d4:56:3c:c3:8c:01:28:e7:a0:da:19:cb:
2e:cf:0a:d7:9c:73:22:1d:fd:fe:9b:6b:04:50:82:b0:cb:c1:
ea:c3:3a:27:25:85:ac:34:d4:af:50:28:64:ea:a9:e3:95:bf:
c8:72:7f:a6:97:ba:ff:70:c8:97:50:bd:38:f4:da:c5:33:0c:
3f:fc:d3:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZFWUukmeNMwA+YkkOzLtOgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwODE1MTM1NTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA5YjZlZTBkZWEyZDdjZjU3MTY1MTc2Mzk2NDNjMGJlMjk4MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbjNRPhxfYxP41feazv3MhZfOWK7
Yg49E8yfGfAn9w5vLfDbhEdXle+U4CfaCgl2IemCQke003QVMPVvC+TEriTpRotU
lQjqnw2iyfZqnKmDJgMrzDM8QbOYxEPRwsSwRRAltA8REcy6bK+975UToNvBYzqe
L3jA15cH8YMm+Z6+1n5YoqQH7540Qe5dYNDZ9+0YRllIQ7K+X351XMXPb9mvGLTp
Oa2GJ8varM3nFV3i0rviYiYhlFsTPKVuaL1mf+5baSTQr91rC3xuCsJo8vNyCnjB
NCUtdo/sP4777YrwPUhaysYmUqcl6kogLWHMKOn0wJ2FYcqHq0LXf+cUKwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPcJtu4N6i189XFlF2OWQ8C+KYEWMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvOXdtMjdnM3FMWHoxY1dVWFk1WkR3TDRwZ1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAufQaMAwD
BAC59B0DBAW59AADBADCBWEwDQYJKoZIhvcNAQELBQADggEBAJxxuUFXbf+7wqpY
V5wnAL9CHC1TELDO2cLpBBV1/FgdvAeeQsgOmZoFU5hHbydx2mQDmqyv41pBrwc7
A3T2GC7BXF4FTCdKRvxGidPrSFSkXUPlxJyY1C0A7px52ioKJNPO0d9L7DGJ0Z3G
X5+E6i8Vj49Ew5CjJq4TAHKgpuOSLuAI8els2V57wks9ZbNZtT6sxBjuyoNCPbKz
jKCmgKdEbudzP7RxCRSHxfKre/EBwjAuQ7L/d87Qa9RWPMOMASjnoNoZyy7PCtec
cyId/f6bawRQgrDLwerDOiclhaw01K9QKGTqqeOVv8hyf6aXuv9wyJdQvTj02sUz
DD/804s=
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:10:13 2024 by rpki-client on console-ams.rpki-client.org