Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/s8jCY-peQNVMJkD8J-nbZ0UBys8.roa
File: s8jCY-peQNVMJkD8J-nbZ0UBys8.roa (raw, json)
Hash identifier: Sw91iqQA0WcWv8Yy27SBq+VrHN/C29aCuXV8P3kRe0U=
Subject key identifier: B3:C8:C2:63:EA:5E:40:D5:4C:26:40:FC:27:E9:DB:67:45:01:CA:CF
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC79551B06944F6F3CFB3E70A7661A683
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/s8jCY-peQNVMJkD8J-nbZ0UBys8.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49468
IP address blocks: 128.0.44.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:51:b0:69:44:f6:f3:cf:b3:e7:0a:76:61:a6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3c8c263ea5e40d54c2640fc27e9db674501cacf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:00:6c:11:4b:e0:7d:b7:a3:13:2b:68:a8:59:
46:2e:68:fa:ec:a7:7a:9a:96:1e:83:88:84:ac:8d:
f5:2d:0f:c4:38:d8:dc:c1:70:99:fd:f2:a0:26:e5:
24:49:cc:02:74:e7:5c:db:bb:98:04:60:e3:9f:8a:
e8:23:18:11:f9:b2:65:c7:2f:22:d4:c9:d4:24:93:
44:7b:9a:a8:d5:c1:2c:27:a9:33:d7:69:66:0f:4b:
d1:75:7a:99:8d:0f:70:ba:a1:67:bb:d2:b6:8a:62:
1f:61:0e:97:3e:7f:f7:d1:53:67:6c:a5:96:1d:8c:
46:6c:60:98:29:89:68:0b:cf:d8:fa:0d:45:cf:f1:
08:99:0b:1b:fd:79:c4:08:71:fe:22:a7:82:4f:a6:
55:be:c8:df:70:54:51:b1:d0:58:18:c4:54:aa:ab:
de:0a:0c:6e:9f:9e:d9:c5:4a:04:cf:7c:d8:f7:66:
93:b3:6c:25:9e:0a:af:57:65:68:51:da:e1:7b:72:
af:66:d6:bc:5f:bd:91:94:24:75:3d:7a:dc:9d:10:
36:0a:fc:54:f7:48:7b:99:51:8a:49:94:bd:17:ff:
ac:b6:8a:fa:84:7f:df:22:30:36:24:2f:d0:c8:0f:
c0:4e:9b:88:3f:94:8f:63:99:7e:7a:b8:fa:a8:e4:
78:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C8:C2:63:EA:5E:40:D5:4C:26:40:FC:27:E9:DB:67:45:01:CA:CF
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/s8jCY-peQNVMJkD8J-nbZ0UBys8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.44.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:95:94:6b:a2:40:4d:02:ca:9f:39:e1:34:94:58:46:27:35:
e7:63:5b:3b:27:f2:ba:52:2b:9e:2f:4e:00:b5:43:66:53:89:
8d:19:70:9e:17:d7:62:b2:ff:f5:61:32:8a:df:e6:2b:60:a3:
8e:93:fe:fd:3d:56:f5:ee:97:8b:99:0c:2a:a2:95:f2:b4:1b:
5a:95:b4:c2:37:d8:82:35:4d:cc:c6:c7:15:17:fd:4f:e8:b6:
34:92:62:3a:86:84:fa:7b:a4:60:09:48:4c:2c:5e:c2:2a:a7:
f5:38:95:40:4e:81:91:58:f3:ae:96:bf:e1:6b:f2:16:15:b3:
b1:0e:61:09:19:2b:24:27:0f:7a:39:f2:c9:dc:04:b3:32:a9:
0f:f3:94:74:c6:49:e9:9c:84:b0:a3:db:c5:c2:f0:01:1e:f4:
42:6a:01:b9:de:63:53:b1:4c:00:49:09:d1:8a:81:5d:27:19:
e8:fc:41:8d:d9:3c:48:b9:be:7b:3b:f3:67:3a:9e:f7:32:d4:
c2:d1:45:2f:bb:a2:83:7e:7d:64:a6:b9:e3:d9:03:b8:1f:45:
8c:33:57:85:4a:81:7f:ae:7c:45:d6:35:03:c5:d6:38:ac:f9:
69:bf:8b:bf:44:61:cb:ff:40:ba:81:4c:1a:19:7d:31:a9:e2:
06:f4:c3:12
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlVGwaUT288+z5wp2YaaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M4YzI2M2VhNWU0MGQ1NGMyNjQwZmMyN2U5ZGI2NzQ1MDFjYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gBsEUvgfbejEytoqFlGLmj67Kd6
mpYeg4iErI31LQ/EONjcwXCZ/fKgJuUkScwCdOdc27uYBGDjn4roIxgR+bJlxy8i
1MnUJJNEe5qo1cEsJ6kz12lmD0vRdXqZjQ9wuqFnu9K2imIfYQ6XPn/30VNnbKWW
HYxGbGCYKYloC8/Y+g1Fz/EImQsb/XnECHH+IqeCT6ZVvsjfcFRRsdBYGMRUqqve
Cgxun57ZxUoEz3zY92aTs2wlngqvV2VoUdrhe3KvZta8X72RlCR1PXrcnRA2CvxU
90h7mVGKSZS9F/+stor6hH/fIjA2JC/QyA/ATpuIP5SPY5l+erj6qOR4QQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLPIwmPqXkDVTCZA/Cfp22dFAcrPMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL3M4akNZLXBlUU5WTUprRDhKLW5iWjBVQnlzOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACAACww
DQYJKoZIhvcNAQELBQADggEBAKmVlGuiQE0Cyp854TSUWEYnNedjWzsn8rpSK54v
TgC1Q2ZTiY0ZcJ4X12Ky//VhMorf5itgo46T/v09VvXul4uZDCqilfK0G1qVtMI3
2II1TczGxxUX/U/otjSSYjqGhPp7pGAJSEwsXsIqp/U4lUBOgZFY866Wv+Fr8hYV
s7EOYQkZKyQnD3o58sncBLMyqQ/zlHTGSemchLCj28XC8AEe9EJqAbneY1OxTABJ
CdGKgV0nGej8QY3ZPEi5vns782c6nvcy1MLRRS+7ooN+fWSmuePZA7gfRYwzV4VK
gX+ufEXWNQPF1jis+Wm/i79EYcv/QLqBTBoZfTGp4gb0wxI=
-----END CERTIFICATE-----
Generated at Thu Mar 7 16:57:45 2024 by rpki-client on console-fra.rpki-client.org