Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/IoiPPO_zG6qov417-Tn2h1Fw3JA.roa
File: IoiPPO_zG6qov417-Tn2h1Fw3JA.roa (raw, json)
Hash identifier: rtupAfwDe7ZTneQmxAV2wstXfHGys6z1rN08zeV6MhA=
Subject key identifier: 22:88:8F:3C:EF:F3:1B:AA:A8:BF:8D:7B:F9:39:F6:87:51:70:DC:90
Certificate issuer: /CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Certificate serial: 018B6B08BA2BB1992FE939940D1D7B90E4A8
Authority key identifier: C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/IoiPPO_zG6qov417-Tn2h1Fw3JA.roa
Signing time: Thu 26 Oct 2023 08:10:15 +0000
ROA not before: Thu 26 Oct 2023 08:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51683
IP address blocks: 185.115.209.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:08:ba:2b:b1:99:2f:e9:39:94:0d:1d:7b:90:e4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Validity
Not Before: Oct 26 08:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22888f3ceff31baaa8bf8d7bf939f6875170dc90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f6:5d:93:d1:f1:98:1d:8a:74:59:6f:58:a0:
4f:46:dc:09:4a:72:73:44:06:37:d5:1d:7c:f2:16:
9e:59:0f:7e:35:02:da:34:90:31:51:fc:c9:05:43:
4a:50:1a:5c:a0:2f:c2:2f:54:4a:25:dd:d0:ad:1c:
5c:6b:90:67:24:41:fa:49:48:2b:36:02:c6:da:ac:
9d:81:db:c1:09:94:5a:95:30:50:6e:73:bf:c1:83:
cd:16:6f:4a:60:cf:d6:21:61:45:0c:4a:21:eb:e3:
27:35:cb:92:ce:d4:41:c5:5d:41:bb:2a:b3:93:30:
7b:a6:94:0a:ea:2b:9c:13:3a:a3:4f:cb:0c:5c:42:
9e:e8:df:4a:01:6b:74:14:04:1d:a2:b7:dd:06:63:
59:bf:20:39:14:a2:ed:e4:5a:49:e5:29:c9:c4:6c:
7f:25:ed:42:1b:38:68:1a:0c:4e:a0:68:41:2d:38:
10:61:ba:44:ac:8b:b4:63:41:2e:67:26:5d:14:53:
01:34:41:f4:d3:ba:f3:b1:ae:7d:af:d6:a3:a1:47:
9a:a8:ea:6e:ac:b8:cd:5b:64:55:cd:e2:69:9e:24:
39:c1:2a:31:3b:b3:6d:4f:bf:03:2f:67:21:7c:72:
40:b9:a9:da:0e:f9:77:55:cf:3a:69:a7:7f:3d:3c:
2c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:88:8F:3C:EF:F3:1B:AA:A8:BF:8D:7B:F9:39:F6:87:51:70:DC:90
X509v3 Authority Key Identifier:
keyid:C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/IoiPPO_zG6qov417-Tn2h1Fw3JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.209.0/24
Signature Algorithm: sha256WithRSAEncryption
74:5b:da:75:4f:39:10:5f:cc:19:7f:93:75:97:37:62:1d:46:
c3:c6:21:6b:2c:36:c8:20:77:07:30:04:d8:af:dd:7f:52:26:
4d:e2:80:06:c5:de:38:86:1d:48:0b:98:05:69:0b:ce:38:ad:
3a:2f:ca:27:d1:27:d0:ee:79:18:e0:4c:dd:01:1c:a5:6f:7d:
59:a7:af:d5:b8:df:56:65:6b:d5:80:8c:e9:93:3a:b6:15:64:
88:10:e1:99:f0:47:7e:ab:d0:ca:10:50:cc:a5:47:6b:34:0c:
76:2a:ee:89:cc:c7:16:22:8e:42:cd:f5:07:53:e6:7d:9a:47:
49:d4:9e:19:91:ea:f1:4e:d3:b2:82:94:b2:1d:2d:93:4c:8f:
0e:db:d0:9b:0c:ce:51:63:25:7d:d2:9a:9b:1a:d9:39:c5:c4:
cd:32:1b:87:00:07:49:5d:40:9e:c0:2a:b1:12:a8:eb:be:3c:
14:68:04:fd:fb:13:5d:1b:2f:31:d2:d8:45:78:b7:76:d5:08:
71:05:7f:2a:7d:66:83:88:97:75:c3:d5:63:7f:f9:2d:ed:61:
52:29:09:b7:fe:42:a5:4a:88:20:37:91:13:a8:ea:f4:a1:f8:
8c:71:53:ee:53:db:b5:d4:9d:80:b1:66:f2:bd:cd:1b:fb:86:
5c:0b:7c:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtrCLorsZkv6TmUDR17kOSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOWJjMzBhNzQ4OTYwYjIyN2ExYmYyNjIxNjA2N2VkZDA1
YzFhN2QwHhcNMjMxMDI2MDgxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg4OGYzY2VmZjMxYmFhYThiZjhkN2JmOTM5ZjY4NzUxNzBkYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvZdk9HxmB2KdFlvWKBPRtwJSnJz
RAY31R188haeWQ9+NQLaNJAxUfzJBUNKUBpcoC/CL1RKJd3QrRxca5BnJEH6SUgr
NgLG2qydgdvBCZRalTBQbnO/wYPNFm9KYM/WIWFFDEoh6+MnNcuSztRBxV1Buyqz
kzB7ppQK6iucEzqjT8sMXEKe6N9KAWt0FAQdorfdBmNZvyA5FKLt5FpJ5SnJxGx/
Je1CGzhoGgxOoGhBLTgQYbpErIu0Y0EuZyZdFFMBNEH007rzsa59r9ajoUeaqOpu
rLjNW2RVzeJpniQ5wSoxO7NtT78DL2chfHJAuanaDvl3Vc86aad/PTwsGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKIjzzv8xuqqL+Ne/k59odRcNyQMB8GA1UdIwQY
MBaAFMObwwp0iWCyJ6G/JiFgZ+3QXBp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgt
OTIwOWY3YjdlZjgxLzEvSW9pUFBPX3pHNnFvdjQxNy1UbjJoMUZ3M0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgtOTIwOWY3YjdlZjgx
LzEvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXPRMA0G
CSqGSIb3DQEBCwUAA4IBAQB0W9p1TzkQX8wZf5N1lzdiHUbDxiFrLDbIIHcHMATY
r91/UiZN4oAGxd44hh1IC5gFaQvOOK06L8on0SfQ7nkY4EzdARylb31Zp6/VuN9W
ZWvVgIzpkzq2FWSIEOGZ8Ed+q9DKEFDMpUdrNAx2Ku6JzMcWIo5CzfUHU+Z9mkdJ
1J4ZkerxTtOygpSyHS2TTI8O29CbDM5RYyV90pqbGtk5xcTNMhuHAAdJXUCewCqx
EqjrvjwUaAT9+xNdGy8x0thFeLd21QhxBX8qfWaDiJd1w9Vjf/kt7WFSKQm3/kKl
SoggN5ETqOr0ofiMcVPuU9u11J2AsWbyvc0b+4ZcC3w5
-----END CERTIFICATE-----
Generated at Wed Dec 27 09:00:15 2023 by rpki-client on console-ams.rpki-client.org