Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/IOjJgGvv18ohitLFSYjW3JDfrBY.roa
File: IOjJgGvv18ohitLFSYjW3JDfrBY.roa (raw, json)
Hash identifier: eAfCdjKkmDSkwvGQ74f5Bkg3UVw1faShHNl2GR1W29E=
Subject key identifier: 20:E8:C9:80:6B:EF:D7:CA:21:8A:D2:C5:49:88:D6:DC:90:DF:AC:16
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC7955AF52973B5FFF8C97FB7B5133F63
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/IOjJgGvv18ohitLFSYjW3JDfrBY.roa
Signing time: Tue 02 Jan 2024 00:31:43 +0000
ROA not before: Tue 02 Jan 2024 00:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58022
IP address blocks: 188.241.122.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:5a:f5:29:73:b5:ff:f8:c9:7f:b7:b5:13:3f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20e8c9806befd7ca218ad2c54988d6dc90dfac16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:64:20:f5:f9:13:37:85:3f:2f:8c:07:a8:
6f:94:09:85:80:fa:90:56:3b:8e:8d:e8:e6:87:a8:
db:9c:3e:da:ff:b9:82:7c:51:7c:94:a8:1e:d4:b8:
d4:ee:de:f5:a0:0a:16:af:33:c3:5a:58:10:94:e9:
ea:c4:fb:46:74:9c:0a:df:8f:fe:3a:82:f4:04:7f:
7a:2e:19:1f:f8:15:fb:f2:94:9d:8d:87:ee:86:f9:
9e:e9:02:d8:50:df:c8:9b:a7:07:1a:ab:e8:c8:92:
fd:99:e1:ee:a9:7d:65:d7:28:d0:48:62:ac:77:20:
53:12:29:5f:ce:86:39:14:be:45:75:36:1c:ca:97:
a8:ff:78:d7:81:e7:54:fd:a4:02:8c:d3:b8:59:70:
52:da:f4:6f:27:b7:b2:4c:40:53:aa:40:86:45:7c:
a6:81:64:f6:9b:c4:71:5d:a7:28:76:3d:97:83:35:
56:a2:26:bb:dd:ea:0e:5a:ea:9b:5c:b4:59:5d:0f:
50:e9:c5:76:aa:44:0c:87:02:77:09:85:c3:03:5e:
8d:bc:c3:61:cf:76:dd:e1:65:f0:fa:b6:6c:7d:a0:
b5:08:e6:d3:7f:d0:de:2a:39:17:0c:11:10:9a:a9:
e9:44:3a:71:5e:c1:b6:9e:1c:9f:20:c0:20:d7:fe:
b7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E8:C9:80:6B:EF:D7:CA:21:8A:D2:C5:49:88:D6:DC:90:DF:AC:16
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/IOjJgGvv18ohitLFSYjW3JDfrBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.122.0/23
Signature Algorithm: sha256WithRSAEncryption
e2:c0:1c:f0:bb:c2:af:22:cd:43:47:6f:dc:64:46:ca:9e:67:
cf:48:d2:b8:02:5d:07:65:8f:38:93:66:c8:07:90:d7:aa:9c:
41:7c:73:a7:df:69:d5:eb:de:86:ef:24:43:12:89:ed:98:a4:
b7:27:50:8a:f1:2f:c3:4b:a6:4c:d1:30:6e:05:d4:6a:c6:6c:
fb:82:66:0d:a2:77:bb:c8:12:33:37:0b:2b:65:74:61:ed:ae:
ad:ad:cc:ea:42:67:a8:6f:48:bb:65:dc:ec:bb:2c:1b:7d:01:
17:8c:62:d7:84:51:38:31:ca:a5:c5:fc:21:2e:a7:42:8a:f3:
5b:50:a5:40:3d:6d:6e:b3:c5:a7:f7:19:4d:48:65:2a:d2:88:
34:c3:c3:4e:30:55:b9:3b:9b:57:b3:ea:f1:d6:50:ad:2b:d7:
6e:aa:82:ce:93:a2:4b:37:d9:65:71:f7:f4:db:a1:0d:68:41:
b3:8f:62:b6:0f:47:cc:8b:0d:1e:28:d4:d0:42:3d:63:9e:b5:
9a:97:4d:b0:66:30:94:a7:b6:29:d3:3c:fc:0e:a8:75:1b:93:
58:6b:90:0a:00:9a:83:d7:67:a3:0e:52:29:97:05:0b:6c:a1:
dc:eb:0e:51:2d:46:15:4d:00:84:c2:0a:50:3c:7c:c2:a2:82:
44:ee:46:24
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlVr1KXO1//jJf7e1Ez9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGU4Yzk4MDZiZWZkN2NhMjE4YWQyYzU0OTg4ZDZkYzkwZGZhYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVZkIPX5EzeFPy+MB6hvlAmFgPqQ
VjuOjejmh6jbnD7a/7mCfFF8lKge1LjU7t71oAoWrzPDWlgQlOnqxPtGdJwK34/+
OoL0BH96Lhkf+BX78pSdjYfuhvme6QLYUN/Im6cHGqvoyJL9meHuqX1l1yjQSGKs
dyBTEilfzoY5FL5FdTYcypeo/3jXgedU/aQCjNO4WXBS2vRvJ7eyTEBTqkCGRXym
gWT2m8RxXacodj2XgzVWoia73eoOWuqbXLRZXQ9Q6cV2qkQMhwJ3CYXDA16NvMNh
z3bd4WXw+rZsfaC1CObTf9DeKjkXDBEQmqnpRDpxXsG2nhyfIMAg1/63cwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCDoyYBr79fKIYrSxUmI1tyQ36wWMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0lPakpnR3Z2MThvaGl0TEZTWWpXM0pEZnJCWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG88Xow
DQYJKoZIhvcNAQELBQADggEBAOLAHPC7wq8izUNHb9xkRsqeZ89I0rgCXQdljziT
ZsgHkNeqnEF8c6ffadXr3obvJEMSie2YpLcnUIrxL8NLpkzRMG4F1GrGbPuCZg2i
d7vIEjM3CytldGHtrq2tzOpCZ6hvSLtl3Oy7LBt9AReMYteEUTgxyqXF/CEup0KK
81tQpUA9bW6zxaf3GU1IZSrSiDTDw04wVbk7m1ez6vHWUK0r126qgs6Toks32WVx
9/TboQ1oQbOPYrYPR8yLDR4o1NBCPWOetZqXTbBmMJSntinTPPwOqHUbk1hrkAoA
moPXZ6MOUimXBQtsodzrDlEtRhVNAITCClA8fMKigkTuRiQ=
-----END CERTIFICATE-----
Generated at Thu Jan 11 15:19:12 2024 by rpki-client on console-ams.rpki-client.org