Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/a9G_PWgeZerqURo64FNDhCJL52o.roa
File: a9G_PWgeZerqURo64FNDhCJL52o.roa (raw, json)
Hash identifier: iWSxJ+yCnhAsxTDsj0WigIe9mBCNz5dN0uoECUlu9vU=
Subject key identifier: 6B:D1:BF:3D:68:1E:65:EA:EA:51:1A:3A:E0:53:43:84:22:4B:E7:6A
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 018D59781C801A9AD1B2029E964C73E65632
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/a9G_PWgeZerqURo64FNDhCJL52o.roa
Signing time: Tue 30 Jan 2024 08:24:20 +0000
ROA not before: Tue 30 Jan 2024 08:24:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 78.136.248.0/23 maxlen: 24
78.136.250.0/23 maxlen: 24
78.136.252.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
88.204.44.0/23 maxlen: 24
88.204.46.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:78:1c:80:1a:9a:d1:b2:02:9e:96:4c:73:e6:56:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Jan 30 08:24:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bd1bf3d681e65eaea511a3ae0534384224be76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:17:6e:d7:7a:e5:fd:54:91:55:b3:08:f2:9d:
fb:9e:84:1c:cd:f6:db:5d:61:c4:35:d3:af:fa:6e:
a4:8a:53:02:74:06:36:a5:81:e3:a0:3d:ac:61:4c:
85:98:f3:14:c9:ad:8b:21:5c:ef:55:5e:b8:04:3e:
19:e4:10:e3:fa:51:61:ef:fc:e1:64:d3:c1:d2:f9:
d5:0a:4c:36:0c:44:35:69:1f:68:19:41:cb:0f:9a:
29:54:d2:a1:23:dd:05:96:4d:ff:8c:ff:db:bd:c9:
f2:c7:ba:29:4c:09:85:5f:14:ab:a5:ff:cc:ba:c6:
e5:cf:ce:dd:ff:92:b5:eb:be:ef:1c:43:27:f8:d2:
83:7f:4a:d0:87:e4:db:5b:7b:df:88:ea:10:b7:88:
71:76:65:eb:01:85:e5:4e:02:ce:4f:71:cb:6c:de:
ad:a8:47:bc:3f:33:0f:ac:e2:4b:66:e0:65:bc:95:
01:9e:84:e8:46:86:cf:25:db:84:ae:fd:52:d4:51:
e6:ad:50:ae:90:95:03:b0:d0:41:fa:23:da:fd:4f:
2a:06:5e:c8:e1:9a:1a:05:96:e6:c8:60:6c:69:ff:
d4:c1:bd:b2:fd:21:3a:2b:26:ce:4b:c5:98:ea:dc:
3a:92:a2:9d:5e:b5:e7:c1:61:fe:80:0f:78:2e:76:
18:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D1:BF:3D:68:1E:65:EA:EA:51:1A:3A:E0:53:43:84:22:4B:E7:6A
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/a9G_PWgeZerqURo64FNDhCJL52o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.248.0-78.136.254.255
88.204.44.0/22
Signature Algorithm: sha256WithRSAEncryption
00:38:30:85:e2:2b:fe:0f:3c:87:6d:ab:e5:bc:0d:4e:9d:f3:
4b:71:3e:f5:1e:d1:15:d9:84:0a:22:f4:15:3b:24:e8:5c:19:
7d:8e:0d:1e:43:5b:fc:b0:7f:6d:1a:9c:62:92:ff:d9:d6:d8:
e6:7d:7c:0b:59:b4:26:89:ea:c6:b1:1c:09:23:c1:0c:6f:9c:
47:52:5e:7c:6d:f4:7f:09:fd:9c:3a:4d:7b:74:be:ea:34:c6:
1d:eb:89:78:37:49:73:ea:26:d5:fc:51:cb:05:3c:01:b5:b5:
2f:36:9a:95:58:b9:d5:ae:39:24:85:48:d5:ad:88:2f:d4:34:
95:0f:57:5a:1a:54:f8:3f:02:dc:30:bc:7d:da:eb:59:67:cc:
bb:d9:66:ba:56:20:78:8b:49:72:ec:e4:c4:0f:68:8e:ef:31:
4f:f2:3e:b5:2d:50:51:e1:42:e8:e0:c1:73:80:12:1f:69:61:
4e:fe:af:a8:98:22:77:90:1c:80:43:cf:1b:b0:ea:56:ac:3d:
98:f5:c7:36:a1:3d:57:d1:04:2a:13:ba:b0:73:d8:87:b3:5c:
d8:4f:c0:bf:c0:03:d4:7e:da:dc:22:56:d8:fa:bf:85:93:c4:
1e:af:13:07:cc:53:3c:39:e0:aa:f8:6d:45:e4:7e:f8:3a:2d:
89:06:92:41
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1ZeByAGprRsgKelkxz5lYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjQwMTMwMDgyNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQxYmYzZDY4MWU2NWVhZWE1MTFhM2FlMDUzNDM4NDIyNGJlNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRdu13rl/VSRVbMI8p37noQczfbb
XWHENdOv+m6kilMCdAY2pYHjoD2sYUyFmPMUya2LIVzvVV64BD4Z5BDj+lFh7/zh
ZNPB0vnVCkw2DEQ1aR9oGUHLD5opVNKhI90Flk3/jP/bvcnyx7opTAmFXxSrpf/M
usblz87d/5K1677vHEMn+NKDf0rQh+TbW3vfiOoQt4hxdmXrAYXlTgLOT3HLbN6t
qEe8PzMPrOJLZuBlvJUBnoToRobPJduErv1S1FHmrVCukJUDsNBB+iPa/U8qBl7I
4ZoaBZbmyGBsaf/Uwb2y/SE6KybOS8WY6tw6kqKdXrXnwWH+gA94LnYYLQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGvRvz1oHmXq6lEaOuBTQ4QiS+dqMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvYTlHX1BXZ2VaZXJxVVJvNjRGTkRoQ0pMNTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANOiPgD
BABOiP4DBAJYzCwwDQYJKoZIhvcNAQELBQADggEBAAA4MIXiK/4PPIdtq+W8DU6d
80txPvUe0RXZhAoi9BU7JOhcGX2ODR5DW/ywf20anGKS/9nW2OZ9fAtZtCaJ6sax
HAkjwQxvnEdSXnxt9H8J/Zw6TXt0vuo0xh3riXg3SXPqJtX8UcsFPAG1tS82mpVY
udWuOSSFSNWtiC/UNJUPV1oaVPg/AtwwvH3a61lnzLvZZrpWIHiLSXLs5MQPaI7v
MU/yPrUtUFHhQujgwXOAEh9pYU7+r6iYIneQHIBDzxuw6lasPZj1xzahPVfRBCoT
urBz2IezXNhPwL/AA9R+2twiVtj6v4WTxB6vEwfMUzw54Kr4bUXkfvg6LYkGkkE=
-----END CERTIFICATE-----
Generated at Mon Apr 15 13:25:28 2024 by rpki-client on console-fra.rpki-client.org