Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/cORcrXhhpBQW5vi75BRPGkfM2c8.roa
File: cORcrXhhpBQW5vi75BRPGkfM2c8.roa (raw, json)
Hash identifier: 8NWE646YtsepI0qGP/QKE6SOu5JZ0Ykz8IojXnGZ7q8=
Subject key identifier: 70:E4:5C:AD:78:61:A4:14:16:E6:F8:BB:E4:14:4F:1A:47:CC:D9:CF
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 0189AE3132E0443E95B878644BCE55CF4EBA
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/cORcrXhhpBQW5vi75BRPGkfM2c8.roa
Signing time: Mon 31 Jul 2023 23:03:27 +0000
ROA not before: Mon 31 Jul 2023 23:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 78.136.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ae:31:32:e0:44:3e:95:b8:78:64:4b:ce:55:cf:4e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Jul 31 23:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70e45cad7861a41416e6f8bbe4144f1a47ccd9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7b:7d:5d:cd:a7:b8:63:c9:7d:35:39:54:b8:
7e:00:15:23:7b:fe:aa:be:fe:06:00:62:3c:8f:9c:
2b:27:41:45:4a:0a:70:52:f6:9b:51:75:b8:44:58:
2f:85:8a:2d:1a:16:85:b8:92:65:f2:bb:38:b2:e7:
61:84:ff:b9:1b:c6:16:84:82:13:2d:8a:c1:ca:9f:
4a:91:bd:5f:8f:06:ef:97:66:ef:6c:e8:3d:6f:50:
d8:1f:67:17:9e:e8:89:e2:8d:7c:a8:c1:6f:a5:3f:
86:40:a5:2a:c9:13:2e:4a:a1:bf:e0:90:cb:3f:90:
e6:2f:96:c2:8d:cf:2d:b5:32:8f:11:48:ef:49:af:
bc:64:43:2b:d8:b4:f0:7a:26:9c:de:8d:9c:16:7f:
42:8e:82:5a:41:03:73:be:79:5c:38:06:fe:d7:72:
9c:74:69:db:fd:ee:c1:2d:24:29:30:3b:64:27:e8:
ac:6e:54:e2:b1:b9:84:cc:2a:06:eb:1e:30:b6:12:
ed:3a:40:b0:2b:a0:e1:2e:ff:ad:8c:94:79:43:4c:
42:92:11:6a:17:64:d3:4e:c8:0c:e5:63:64:5b:b2:
27:f4:2a:31:75:c9:fc:8a:89:37:d6:d4:9d:1c:7d:
47:70:9f:2e:3e:bb:7c:7e:b8:1e:d3:e4:b3:02:3e:
e1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E4:5C:AD:78:61:A4:14:16:E6:F8:BB:E4:14:4F:1A:47:CC:D9:CF
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/cORcrXhhpBQW5vi75BRPGkfM2c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.201.0/24
Signature Algorithm: sha256WithRSAEncryption
20:a5:85:19:a1:f5:65:7b:4d:e3:a2:c1:30:6c:7b:9b:89:e0:
ad:c9:d8:13:7f:15:74:17:d9:21:69:b7:17:4b:64:84:22:ee:
38:11:eb:1a:7a:01:e0:ce:1f:79:01:53:d6:a8:21:b0:e7:4c:
bc:50:f7:48:74:5a:ff:00:b9:1e:e3:17:05:e9:55:c4:c6:22:
c0:94:6b:a3:94:28:95:4b:d7:97:49:39:7e:ee:38:21:10:0b:
eb:de:ea:f9:cb:35:e6:dd:d2:20:cb:3d:cb:cd:3a:35:2f:f9:
2e:8f:47:7f:07:3a:57:03:61:24:33:05:84:e1:94:e7:51:6d:
43:12:bf:cd:91:7d:1f:db:51:57:cd:5a:46:47:8b:27:27:6c:
7f:df:78:5e:0d:87:36:3b:32:83:29:2f:71:0a:e8:3c:ab:c5:
1f:05:f2:b8:db:5f:f4:59:dd:4b:f4:99:de:9c:74:e7:5f:3f:
ee:09:6c:c4:60:06:25:1d:2c:5c:ce:06:18:a0:5a:e6:59:1e:
7b:0a:72:ec:b6:c9:4f:ac:69:e8:91:37:95:8c:5a:89:ad:af:
89:c1:f6:33:45:87:1c:cc:e3:50:79:91:a9:4b:c4:a5:f1:84:
1b:b5:d7:0a:4d:f1:7b:d1:20:7f:79:1b:5d:9e:e3:a5:c4:c7:
47:08:20:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmuMTLgRD6VuHhkS85Vz066MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjMwNzMxMjMwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGU0NWNhZDc4NjFhNDE0MTZlNmY4YmJlNDE0NGYxYTQ3Y2NkOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXt9Xc2nuGPJfTU5VLh+ABUje/6q
vv4GAGI8j5wrJ0FFSgpwUvabUXW4RFgvhYotGhaFuJJl8rs4sudhhP+5G8YWhIIT
LYrByp9Kkb1fjwbvl2bvbOg9b1DYH2cXnuiJ4o18qMFvpT+GQKUqyRMuSqG/4JDL
P5DmL5bCjc8ttTKPEUjvSa+8ZEMr2LTweiac3o2cFn9CjoJaQQNzvnlcOAb+13Kc
dGnb/e7BLSQpMDtkJ+isblTisbmEzCoG6x4wthLtOkCwK6DhLv+tjJR5Q0xCkhFq
F2TTTsgM5WNkW7In9Coxdcn8iok31tSdHH1HcJ8uPrt8frge0+SzAj7hPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDkXK14YaQUFub4u+QUTxpHzNnPMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvY09SY3JYaGhwQlFXNXZpNzVCUlBHa2ZNMmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATojJMA0G
CSqGSIb3DQEBCwUAA4IBAQAgpYUZofVle03josEwbHubieCtydgTfxV0F9khabcX
S2SEIu44EesaegHgzh95AVPWqCGw50y8UPdIdFr/ALke4xcF6VXExiLAlGujlCiV
S9eXSTl+7jghEAvr3ur5yzXm3dIgyz3LzTo1L/kuj0d/BzpXA2EkMwWE4ZTnUW1D
Er/NkX0f21FXzVpGR4snJ2x/33heDYc2OzKDKS9xCug8q8UfBfK421/0Wd1L9Jne
nHTnXz/uCWzEYAYlHSxczgYYoFrmWR57CnLstslPrGnokTeVjFqJra+JwfYzRYcc
zONQeZGpS8Sl8YQbtdcKTfF70SB/eRtdnuOlxMdHCCAL
-----END CERTIFICATE-----
Generated at Thu Aug 31 14:44:18 2023 by rpki-client on console-ams.rpki-client.org