Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6CVI8CmnlxX6e-5N68dKpZ4HlnU.roa
File: 6CVI8CmnlxX6e-5N68dKpZ4HlnU.roa (raw, json)
Hash identifier: IyRutFFErvhYZZJ12njWlgLsENykHm07agJL1fEFRLM=
Subject key identifier: E8:25:48:F0:29:A7:97:15:FA:7B:EE:4D:EB:C7:4A:A5:9E:07:96:75
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 419013E0
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6CVI8CmnlxX6e-5N68dKpZ4HlnU.roa
Signing time: Sat 01 Jan 2022 10:06:02 +0000
ROA not before: Sat 01 Jan 2022 10:06:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57087
IP address blocks: 188.208.196.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1099961312 (0x419013e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 10:06:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e82548f029a79715fa7bee4debc74aa59e079675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f4:d2:f3:3c:47:83:f0:98:ef:45:e8:d7:22:
c9:12:ff:57:8a:cb:47:15:3a:01:8c:2d:f1:a3:7e:
f8:de:7e:4c:a7:8b:55:97:19:61:5d:08:87:18:ae:
5d:b2:16:f1:3c:31:90:98:ad:ce:98:e1:9a:02:51:
e4:f8:51:2e:f3:9d:4a:4a:20:f2:e3:3f:91:d4:6c:
64:c7:85:b7:2c:4c:0e:77:63:95:38:f1:d8:07:f1:
31:a0:70:2a:ba:02:52:1e:89:0a:a4:2d:d1:92:45:
a3:27:7f:0e:b5:f0:be:ff:6d:dd:77:8f:a2:91:56:
43:4f:a3:ce:bc:d4:38:54:08:7e:d2:33:e7:26:c5:
76:a2:96:83:c6:e2:b1:a8:6c:91:6d:77:35:68:a4:
9f:10:ee:4a:b7:38:3a:e6:7a:71:fe:f1:4d:a2:15:
ed:8e:1f:82:dc:ee:c7:bb:2c:e2:b6:a2:cb:b5:c4:
67:e0:02:bc:a6:9b:d3:d0:9b:5f:51:2e:bb:4e:2c:
17:8c:8b:46:ca:cc:7c:1a:08:39:ca:56:9f:0c:0e:
ec:91:2a:c3:94:d1:fd:08:bc:43:64:8e:98:71:38:
ef:28:f7:db:a6:8d:fb:04:03:75:b5:ac:1a:d3:eb:
0d:61:3b:d3:c9:95:d9:02:20:6c:2d:0c:ef:d2:3a:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:25:48:F0:29:A7:97:15:FA:7B:EE:4D:EB:C7:4A:A5:9E:07:96:75
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6CVI8CmnlxX6e-5N68dKpZ4HlnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
Signature Algorithm: sha256WithRSAEncryption
98:f3:0a:d2:ab:f2:03:81:6c:47:d3:22:0d:8c:bc:ed:45:60:
46:8d:c6:9d:e4:cb:91:09:95:b6:07:8d:83:bd:93:08:bd:72:
68:30:e5:12:c4:46:29:66:5b:3e:59:08:fd:19:f2:22:53:c0:
9d:40:dd:10:6a:c0:e8:df:35:02:1a:58:4f:10:2b:91:1b:0f:
f2:7f:99:80:89:cb:3e:69:6d:ad:f2:a1:eb:34:3d:0f:67:3c:
7b:1f:b4:3c:6b:51:fe:e3:fd:48:99:11:af:f6:4e:ad:df:a0:
1b:c9:01:3a:3d:2f:9d:8d:95:cd:64:8d:07:ec:50:13:97:b9:
30:dc:38:ca:52:ce:4d:12:2c:cb:b7:5c:85:d5:9f:f8:13:25:
e2:d7:a0:46:70:d9:fe:9d:6d:51:7a:0e:56:b1:f5:20:c7:4c:
d2:05:5e:c8:92:42:06:1a:6a:60:3f:a8:9a:65:02:ab:22:d7:
72:6d:8f:b1:74:22:f8:c6:5d:a1:33:08:38:15:3f:da:84:7b:
56:6e:82:60:bb:85:50:9f:82:50:ee:ad:91:e6:86:f5:27:c8:
6b:57:00:67:25:08:9d:83:d9:40:ed:ec:6e:d2:e6:d9:1c:55:
0f:6d:a4:c2:ff:4f:32:f5:4b:2c:f5:2a:bf:d7:5e:4d:ff:9b:
f9:e3:6b:7e
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQZAT4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDEw
MTEwMDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgyNTQ4ZjAyOWE3
OTcxNWZhN2JlZTRkZWJjNzRhYTU5ZTA3OTY3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOz00vM8R4PwmO9F6NciyRL/V4rLRxU6AYwt8aN++N5+TKeL
VZcZYV0IhxiuXbIW8TwxkJitzpjhmgJR5PhRLvOdSkog8uM/kdRsZMeFtyxMDndj
lTjx2AfxMaBwKroCUh6JCqQt0ZJFoyd/DrXwvv9t3XePopFWQ0+jzrzUOFQIftIz
5ybFdqKWg8bisahskW13NWiknxDuSrc4OuZ6cf7xTaIV7Y4fgtzux7ss4raiy7XE
Z+ACvKab09CbX1Euu04sF4yLRsrMfBoIOcpWnwwO7JEqw5TR/Qi8Q2SOmHE47yj3
26aN+wQDdbWsGtPrDWE708mV2QIgbC0M79I6CPsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBToJUjwKaeXFfp77k3rx0qlngeWdTAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS82Q1ZJOENtbmx4WDZlLTVONjhkS3BaNEhsblUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNDEMA0GCSqGSIb3DQEBCwUA
A4IBAQCY8wrSq/IDgWxH0yINjLztRWBGjcad5MuRCZW2B42DvZMIvXJoMOUSxEYp
Zls+WQj9GfIiU8CdQN0QasDo3zUCGlhPECuRGw/yf5mAics+aW2t8qHrND0PZzx7
H7Q8a1H+4/1ImRGv9k6t36AbyQE6PS+djZXNZI0H7FATl7kw3DjKUs5NEizLt1yF
1Z/4EyXi16BGcNn+nW1Reg5WsfUgx0zSBV7IkkIGGmpgP6iaZQKrItdybY+xdCL4
xl2hMwg4FT/ahHtWboJgu4VQn4JQ7q2R5ob1J8hrVwBnJQidg9lA7exu0ubZHFUP
baTC/08y9Uss9Sq/115N/5v542t+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org