Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vLOXb0bKHLJTO1a61m2TUNKsDU.roa
File: 6vLOXb0bKHLJTO1a61m2TUNKsDU.roa (raw, json)
Hash identifier: BSQQvPFo2Df26oXOC6StOPX7ZMvMvjCzmcJrTGuBN9U=
Subject key identifier: EA:F2:CE:5D:BD:1B:28:72:C9:4C:ED:5A:EB:59:B6:4D:43:4A:B0:35
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018A83D55335F4FA6D1156037B8A0B46ED70
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vLOXb0bKHLJTO1a61m2TUNKsDU.roa
Signing time: Mon 11 Sep 2023 10:41:50 +0000
ROA not before: Mon 11 Sep 2023 10:41:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 85.204.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:d5:53:35:f4:fa:6d:11:56:03:7b:8a:0b:46:ed:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Sep 11 10:41:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaf2ce5dbd1b2872c94ced5aeb59b64d434ab035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:98:26:41:2e:2c:13:0d:15:42:be:f4:60:3b:
99:ab:32:58:86:f1:89:fe:d2:70:71:16:c9:95:cc:
8e:7d:ee:dc:8d:89:15:fb:31:4a:96:d6:66:3b:ef:
1a:75:d6:1a:79:d4:cf:40:bc:2f:f8:24:60:f6:ac:
49:42:cd:e5:e8:40:e0:4e:64:50:85:2b:55:5e:5e:
38:9e:85:59:6d:09:48:b6:60:96:5e:b9:fd:4e:7b:
9d:87:37:6e:10:11:66:78:8c:ba:55:c3:00:51:62:
ad:d6:b9:c2:42:d5:4d:b0:61:76:d4:b3:99:b3:1d:
4e:e8:4d:e8:26:9c:4e:3c:55:b1:9f:1c:28:b2:4b:
c2:3b:76:ab:23:d4:6f:60:6f:16:4f:c8:2c:b1:53:
ec:57:ac:58:ae:d7:ae:ad:af:55:8d:06:8e:2b:38:
52:fa:c1:ee:c3:96:e8:5c:66:a4:47:3c:8b:e6:3a:
07:e7:95:24:02:c0:2e:75:03:53:e6:f6:6a:0d:54:
8e:e0:d1:84:f0:fa:ff:37:19:b7:e2:4d:e1:25:36:
ec:a9:b5:3b:01:d9:c1:5c:dc:ba:ed:47:b5:bf:51:
78:e2:9d:c2:90:c0:89:a1:de:c5:68:8f:71:15:58:
b8:1d:54:aa:b9:89:ce:1a:35:0f:eb:19:c6:9e:35:
5f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F2:CE:5D:BD:1B:28:72:C9:4C:ED:5A:EB:59:B6:4D:43:4A:B0:35
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vLOXb0bKHLJTO1a61m2TUNKsDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.79.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:79:c7:b6:86:2a:34:e2:43:29:39:d4:d7:42:6f:fd:0f:c6:
2e:ee:8e:2c:12:f7:11:e9:cc:32:30:db:7a:f4:de:31:de:32:
ac:79:c5:ac:ad:09:84:ac:90:b7:93:0b:83:eb:0c:e0:54:76:
99:20:3e:6f:76:a0:0b:2b:42:52:69:61:88:04:55:01:a6:b9:
cf:a5:16:9d:4a:15:96:38:e2:98:dd:04:8e:e9:c6:ff:dc:43:
a9:08:06:f3:40:cd:1d:34:8d:69:53:ec:3a:f3:13:b4:34:3a:
27:5a:c8:6f:35:13:2f:7f:9b:9a:0b:f8:a8:c1:9b:a6:42:8e:
59:05:60:32:0b:fc:b8:30:73:0f:49:25:67:e5:c7:5d:79:66:
a8:fb:20:a6:e9:5d:9f:f5:7d:f3:01:d8:9e:95:30:a5:59:39:
d9:31:d2:cd:33:7b:39:e8:b6:d2:1a:28:57:2b:57:54:89:94:
a3:86:d1:f9:da:fe:94:7d:e3:a8:61:b0:13:2a:f1:c8:be:42:
23:0b:02:cc:5b:b6:5a:64:e2:4c:c9:ea:ed:44:ed:9c:99:6d:
52:88:78:9b:82:87:0e:df:58:58:6b:45:0d:02:e8:50:47:36:
f6:87:9c:3d:0c:ee:54:2d:b7:ff:af:18:13:8d:af:78:53:bc:
15:07:cd:3e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYqD1VM19PptEVYDe4oLRu1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwOTExMTA0MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWYyY2U1ZGJkMWIyODcyYzk0Y2VkNWFlYjU5YjY0ZDQzNGFiMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJgmQS4sEw0VQr70YDuZqzJYhvGJ
/tJwcRbJlcyOfe7cjYkV+zFKltZmO+8addYaedTPQLwv+CRg9qxJQs3l6EDgTmRQ
hStVXl44noVZbQlItmCWXrn9TnudhzduEBFmeIy6VcMAUWKt1rnCQtVNsGF21LOZ
sx1O6E3oJpxOPFWxnxwoskvCO3arI9RvYG8WT8gssVPsV6xYrteura9VjQaOKzhS
+sHuw5boXGakRzyL5joH55UkAsAudQNT5vZqDVSO4NGE8Pr/Nxm34k3hJTbsqbU7
AdnBXNy67Ue1v1F44p3CkMCJod7FaI9xFVi4HVSquYnOGjUP6xnGnjVfRwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOryzl29GyhyyUztWutZtk1DSrA1MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzZ2TE9YYjBiS0hMSlRPMWE2MW0yVFVOS3NEVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVzE8w
DQYJKoZIhvcNAQELBQADggEBAD95x7aGKjTiQyk51NdCb/0Pxi7ujiwS9xHpzDIw
23r03jHeMqx5xaytCYSskLeTC4PrDOBUdpkgPm92oAsrQlJpYYgEVQGmuc+lFp1K
FZY44pjdBI7pxv/cQ6kIBvNAzR00jWlT7DrzE7Q0OidayG81Ey9/m5oL+KjBm6ZC
jlkFYDIL/Lgwcw9JJWflx115Zqj7IKbpXZ/1ffMB2J6VMKVZOdkx0s0zeznottIa
KFcrV1SJlKOG0fna/pR946hhsBMq8ci+QiMLAsxbtlpk4kzJ6u1E7ZyZbVKIeJuC
hw7fWFhrRQ0C6FBHNvaHnD0M7lQtt/+vGBONr3hTvBUHzT4=
-----END CERTIFICATE-----
Generated at Thu Oct 26 11:46:22 2023 by rpki-client on console-fra.rpki-client.org