Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/98c304-6532-4ac6-a162-c0a25b10902a/1/beUn0cJL2bJB9VVKqeILlolpwVo.roa
File: beUn0cJL2bJB9VVKqeILlolpwVo.roa (raw, json)
Hash identifier: iPtSQYvrqXCbXxDqUonvidYtxR6DmFZ4AhL2P+MU2EA=
Subject key identifier: 6D:E5:27:D1:C2:4B:D9:B2:41:F5:55:4A:A9:E2:0B:96:89:69:C1:5A
Certificate issuer: /CN=7273cdacc1e28f0213dfb28f3dfd8b9cbdd3c62e
Certificate serial: 018DF3C8DC001C96FD5767F4144AFE55A9A6
Authority key identifier: 72:73:CD:AC:C1:E2:8F:02:13:DF:B2:8F:3D:FD:8B:9C:BD:D3:C6:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnPNrMHijwIT37KPPf2LnL3Txi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/98c304-6532-4ac6-a162-c0a25b10902a/1/beUn0cJL2bJB9VVKqeILlolpwVo.roa
Signing time: Thu 29 Feb 2024 07:34:03 +0000
ROA not before: Thu 29 Feb 2024 07:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208141
IP address blocks: 84.234.118.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:c8:dc:00:1c:96:fd:57:67:f4:14:4a:fe:55:a9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7273cdacc1e28f0213dfb28f3dfd8b9cbdd3c62e
Validity
Not Before: Feb 29 07:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6de527d1c24bd9b241f5554aa9e20b968969c15a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cd:12:52:6d:24:cd:59:30:bd:bf:0f:eb:c1:
b5:38:08:55:3a:dc:e5:57:29:0c:c6:95:92:79:ac:
b1:0c:e9:c7:14:4b:ed:62:56:18:13:28:9b:20:6c:
68:14:e1:57:75:e9:7d:d4:1b:fd:3e:3c:68:14:5d:
a8:ec:f7:5d:0c:b7:b1:eb:1d:be:61:fc:24:8d:0e:
f4:ee:86:0d:7c:70:6f:f8:97:58:0e:95:3a:5f:f8:
c3:2a:5c:67:37:99:14:f3:29:15:63:95:dc:2b:38:
3d:33:81:fb:c3:79:80:d3:57:11:29:5b:fe:aa:f4:
c0:93:4c:30:b5:f3:07:05:7a:aa:72:31:f9:ba:52:
9c:06:2d:e9:4f:31:9e:63:c0:a2:0a:0e:ee:8c:0f:
8b:c4:39:6e:35:f9:4c:3b:98:c4:95:ec:89:54:79:
37:67:ec:50:e2:91:25:b4:80:8f:96:65:9e:d1:b0:
07:52:55:4a:43:8a:b0:af:6a:bb:7b:42:25:53:6c:
4e:88:57:0a:62:0d:2b:dc:8e:55:64:8f:a4:45:7e:
d3:99:65:39:fa:01:9e:65:cb:5f:82:36:a3:22:ba:
24:83:b3:1e:79:72:b8:9b:33:b0:12:cb:e5:1f:62:
37:b8:8b:c5:b2:47:b3:a6:c8:d2:27:66:2f:05:ad:
3c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E5:27:D1:C2:4B:D9:B2:41:F5:55:4A:A9:E2:0B:96:89:69:C1:5A
X509v3 Authority Key Identifier:
keyid:72:73:CD:AC:C1:E2:8F:02:13:DF:B2:8F:3D:FD:8B:9C:BD:D3:C6:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnPNrMHijwIT37KPPf2LnL3Txi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/98c304-6532-4ac6-a162-c0a25b10902a/1/beUn0cJL2bJB9VVKqeILlolpwVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/98c304-6532-4ac6-a162-c0a25b10902a/1/cnPNrMHijwIT37KPPf2LnL3Txi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.118.0/23
Signature Algorithm: sha256WithRSAEncryption
72:43:6c:a8:57:7b:5b:56:46:d3:ad:0b:25:8f:52:41:c6:56:
95:d4:c1:33:d2:04:68:5d:b5:1c:f7:b3:b6:19:76:de:ab:8c:
c2:97:48:53:db:55:0e:1a:78:0d:af:09:4a:a8:ab:55:6b:67:
35:a6:1c:dd:c9:de:48:d4:7e:39:c1:28:0e:a4:09:88:17:b7:
40:50:29:c7:c1:b0:ae:18:ca:4c:c6:a1:5d:cc:2b:89:53:39:
27:b3:9e:94:92:a3:af:7c:cb:d4:90:bd:bc:93:f9:a9:51:26:
b2:d4:e8:ee:dd:0e:ba:55:89:c9:ad:76:a4:3f:f0:72:56:e1:
7a:d3:c8:79:17:5f:7f:cd:4b:99:79:a6:81:7c:98:72:ab:b4:
b7:13:1e:ba:98:5d:ef:36:18:94:34:37:3b:98:b6:db:b4:81:
1f:ed:71:f3:d2:22:85:c2:1f:4a:bf:2a:00:d3:25:0a:af:ee:
a8:08:bd:d5:1b:1e:e3:af:af:1b:f4:f8:9b:5f:76:4d:ec:1e:
55:52:94:7d:75:f4:19:52:b3:08:21:9f:42:cf:b3:c1:57:14:
d3:83:97:a2:74:4e:19:56:6e:9c:ed:30:1a:62:d6:6c:20:b7:
3e:cd:2f:45:1c:a4:96:d9:e7:b0:bb:7b:1c:a7:7f:a3:33:8f:
23:87:42:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3zyNwAHJb9V2f0FEr+VammMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzNjZGFjYzFlMjhmMDIxM2RmYjI4ZjNkZmQ4YjljYmRk
M2M2MmUwHhcNMjQwMjI5MDczNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU1MjdkMWMyNGJkOWIyNDFmNTU1NGFhOWUyMGI5Njg5NjljMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts0SUm0kzVkwvb8P68G1OAhVOtzl
VykMxpWSeayxDOnHFEvtYlYYEyibIGxoFOFXdel91Bv9PjxoFF2o7PddDLex6x2+
YfwkjQ707oYNfHBv+JdYDpU6X/jDKlxnN5kU8ykVY5XcKzg9M4H7w3mA01cRKVv+
qvTAk0wwtfMHBXqqcjH5ulKcBi3pTzGeY8CiCg7ujA+LxDluNflMO5jEleyJVHk3
Z+xQ4pEltICPlmWe0bAHUlVKQ4qwr2q7e0IlU2xOiFcKYg0r3I5VZI+kRX7TmWU5
+gGeZctfgjajIrokg7MeeXK4mzOwEsvlH2I3uIvFskezpsjSJ2YvBa08+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3lJ9HCS9myQfVVSqniC5aJacFaMB8GA1UdIwQY
MBaAFHJzzazB4o8CE9+yjz39i5y908YuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25QTnJNSGlqd0lUMzdLUFBmMkxuTDNUeGk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85OGMzMDQtNjUzMi00YWM2LWExNjIt
YzBhMjViMTA5MDJhLzEvYmVVbjBjSkwyYkpCOVZWS3FlSUxsb2xwd1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85OGMzMDQtNjUzMi00YWM2LWExNjItYzBhMjViMTA5MDJh
LzEvY25QTnJNSGlqd0lUMzdLUFBmMkxuTDNUeGk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVOp2MA0G
CSqGSIb3DQEBCwUAA4IBAQByQ2yoV3tbVkbTrQslj1JBxlaV1MEz0gRoXbUc97O2
GXbeq4zCl0hT21UOGngNrwlKqKtVa2c1phzdyd5I1H45wSgOpAmIF7dAUCnHwbCu
GMpMxqFdzCuJUzkns56UkqOvfMvUkL28k/mpUSay1Oju3Q66VYnJrXakP/ByVuF6
08h5F19/zUuZeaaBfJhyq7S3Ex66mF3vNhiUNDc7mLbbtIEf7XHz0iKFwh9KvyoA
0yUKr+6oCL3VGx7jr68b9PibX3ZN7B5VUpR9dfQZUrMIIZ9Cz7PBVxTTg5eidE4Z
Vm6c7TAaYtZsILc+zS9FHKSW2eewu3scp3+jM48jh0Kv
-----END CERTIFICATE-----
Generated at Fri Aug 9 12:13:07 2024 by rpki-client on console-fra.rpki-client.org