Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/8Ot1XZXEz94IPMjPTWJ67R8MqZ4.roa
File: 8Ot1XZXEz94IPMjPTWJ67R8MqZ4.roa (raw, json)
Hash identifier: tvs8oXay25/pCmZMumARahVUGAB/Zn151kICCNEn1X8=
Subject key identifier: F0:EB:75:5D:95:C4:CF:DE:08:3C:C8:CF:4D:62:7A:ED:1F:0C:A9:9E
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 018CC8017C42712A9FE2E55EE9C033287C72
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/8Ot1XZXEz94IPMjPTWJ67R8MqZ4.roa
Signing time: Tue 02 Jan 2024 02:29:49 +0000
ROA not before: Tue 02 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 193.162.78.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7c:42:71:2a:9f:e2:e5:5e:e9:c0:33:28:7c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Jan 2 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0eb755d95c4cfde083cc8cf4d627aed1f0ca99e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b4:25:ab:56:dd:32:c1:5d:de:82:71:4b:81:
5e:6d:c7:91:74:86:b3:c9:99:f5:a3:aa:5f:28:cc:
98:8a:20:e7:f9:52:43:88:55:c9:7d:a9:53:05:e0:
02:09:d8:cb:ce:7d:39:ae:2c:ef:92:0f:f8:e0:fa:
b3:02:71:d2:65:d5:d8:e9:2a:05:2d:51:eb:55:e3:
db:93:35:35:0b:38:1c:63:4d:7d:09:16:0c:b4:d5:
46:da:44:0d:79:1a:eb:96:7a:a9:52:b1:40:15:ed:
8f:63:ec:7d:dd:f9:03:f7:e0:f2:7f:31:c0:a6:dc:
92:bb:ae:e7:de:10:eb:4c:c0:28:2e:15:af:b3:bc:
b9:f4:96:ca:81:c4:20:ce:2e:71:2e:2c:57:5f:02:
39:95:f3:16:75:5a:78:53:ac:69:e0:ad:94:93:b0:
ac:86:9f:39:e7:bb:9f:a4:99:65:61:66:4b:ae:91:
e7:95:8a:a9:17:24:70:98:4c:45:05:9d:f8:96:32:
8d:1e:b8:3e:75:df:4b:2c:98:4a:ca:22:7e:d0:49:
54:15:4a:c7:e4:90:75:bf:c9:56:70:41:8d:89:9f:
29:c1:ac:3f:c4:25:b4:5b:94:37:c2:59:a4:10:65:
82:4f:ed:02:63:47:c6:e4:59:bb:45:bc:5f:c6:69:
96:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EB:75:5D:95:C4:CF:DE:08:3C:C8:CF:4D:62:7A:ED:1F:0C:A9:9E
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/8Ot1XZXEz94IPMjPTWJ67R8MqZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.162.78.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:1f:4f:99:39:8b:dc:3a:3a:2b:4f:e3:f5:3c:03:71:c0:2a:
0c:5a:e9:25:ad:0d:8f:6c:88:5e:d1:7c:f5:67:43:93:4b:16:
ad:9e:f2:7e:16:b8:55:95:d0:b3:b9:f6:18:c6:9e:30:52:4c:
e9:3c:5f:2a:f0:e4:8c:54:1a:5f:3c:72:04:08:89:a2:fd:bb:
7b:c8:d8:ae:f7:c1:a8:be:d4:9b:03:21:5d:f3:c5:fe:a9:d3:
16:3d:16:41:60:71:f6:7a:a0:a5:ae:75:ba:86:15:b4:51:f0:
8e:b3:61:e3:fe:d2:44:b7:1a:d7:db:c8:e6:0f:36:b5:c2:70:
18:ba:be:71:34:22:59:c2:d1:57:b7:2e:ae:df:71:b0:cc:d4:
2d:19:08:bd:e1:22:13:68:1e:bd:d3:f0:26:cc:a3:e5:27:14:
c2:10:ea:aa:e0:f5:13:4f:38:3f:d3:f5:b0:4f:76:0e:48:46:
e7:8c:96:b9:9c:b7:55:14:88:55:83:f6:cf:1c:10:5f:1e:d6:
01:ac:1c:fb:bd:35:a1:a1:b9:3b:0c:1f:a5:4f:22:90:9c:e3:
7e:a8:f6:69:37:e6:2a:0a:57:bb:c8:43:af:88:0c:fa:51:ac:
ff:53:4c:d2:a5:2b:74:cc:63:71:35:da:9b:d0:8e:7e:f9:17:
aa:36:13:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAXxCcSqf4uVe6cAzKHxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjQwMTAyMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGViNzU1ZDk1YzRjZmRlMDgzY2M4Y2Y0ZDYyN2FlZDFmMGNhOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrQlq1bdMsFd3oJxS4FebceRdIaz
yZn1o6pfKMyYiiDn+VJDiFXJfalTBeACCdjLzn05rizvkg/44PqzAnHSZdXY6SoF
LVHrVePbkzU1CzgcY019CRYMtNVG2kQNeRrrlnqpUrFAFe2PY+x93fkD9+DyfzHA
ptySu67n3hDrTMAoLhWvs7y59JbKgcQgzi5xLixXXwI5lfMWdVp4U6xp4K2Uk7Cs
hp8557ufpJllYWZLrpHnlYqpFyRwmExFBZ34ljKNHrg+dd9LLJhKyiJ+0ElUFUrH
5JB1v8lWcEGNiZ8pwaw/xCW0W5Q3wlmkEGWCT+0CY0fG5Fm7RbxfxmmWIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDrdV2VxM/eCDzIz01ieu0fDKmeMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvOE90MVhaWEV6OTRJUE1qUFRXSjY3UjhNcVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaJOMA0G
CSqGSIb3DQEBCwUAA4IBAQCgH0+ZOYvcOjorT+P1PANxwCoMWuklrQ2PbIhe0Xz1
Z0OTSxatnvJ+FrhVldCzufYYxp4wUkzpPF8q8OSMVBpfPHIECImi/bt7yNiu98Go
vtSbAyFd88X+qdMWPRZBYHH2eqClrnW6hhW0UfCOs2Hj/tJEtxrX28jmDza1wnAY
ur5xNCJZwtFXty6u33GwzNQtGQi94SITaB690/AmzKPlJxTCEOqq4PUTTzg/0/Ww
T3YOSEbnjJa5nLdVFIhVg/bPHBBfHtYBrBz7vTWhobk7DB+lTyKQnON+qPZpN+Yq
Cle7yEOviAz6Uaz/U0zSpSt0zGNxNdqb0I5++ReqNhPP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org