Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/8AzkGd5zEzo3RErA1abj3taVE1E.roa
File: 8AzkGd5zEzo3RErA1abj3taVE1E.roa (raw, json)
Hash identifier: bF+VcAxPyTBuyb15YqiJUcCGq/slycr3Ms7Tj7cPn38=
Subject key identifier: F0:0C:E4:19:DE:73:13:3A:37:44:4A:C0:D5:A6:E3:DE:D6:95:13:51
Certificate issuer: /CN=496e79694637ee05579e1804c14d851e382a14c8
Certificate serial: 018D2D6E2CD4944564396882A15920CEB7E6
Authority key identifier: 49:6E:79:69:46:37:EE:05:57:9E:18:04:C1:4D:85:1E:38:2A:14:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SW55aUY37gVXnhgEwU2FHjgqFMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/8AzkGd5zEzo3RErA1abj3taVE1E.roa
Signing time: Sun 21 Jan 2024 19:10:11 +0000
ROA not before: Sun 21 Jan 2024 19:10:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 176.124.34.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:6e:2c:d4:94:45:64:39:68:82:a1:59:20:ce:b7:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=496e79694637ee05579e1804c14d851e382a14c8
Validity
Not Before: Jan 21 19:10:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f00ce419de73133a37444ac0d5a6e3ded6951351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:05:86:9e:0f:a8:87:2a:e9:32:86:ed:08:
7a:8e:26:9b:a2:01:7b:83:0d:a4:50:c8:5c:67:d4:
22:11:f6:1b:19:39:8e:3d:8a:dd:b1:1d:84:6a:aa:
3b:86:95:30:af:1e:b9:f5:88:c2:9d:2f:cf:35:b5:
bb:cf:4c:c0:3a:bd:24:92:75:67:4f:90:1d:c1:5a:
2c:93:99:97:1f:85:21:39:48:f7:1c:55:b9:f2:e7:
64:f8:fc:9a:92:8a:d0:8a:89:64:92:24:a5:14:6f:
8b:8a:48:51:92:eb:90:2c:77:ff:1b:a8:af:5d:8a:
f9:17:ee:d6:06:8a:f4:d7:5b:89:bc:81:ed:22:de:
f3:ec:60:63:ae:70:d3:7b:e5:d2:b2:b5:3f:34:d3:
fb:9f:4b:8c:13:0f:0c:5a:e4:ca:e4:b5:86:b4:c0:
a4:68:ff:72:9f:12:4c:06:58:78:3a:2f:ca:11:7a:
13:9f:c6:7b:f5:fb:f9:b8:b9:ad:52:f8:2e:9e:7b:
57:e1:c7:6c:9c:d6:ed:ac:64:e8:20:66:02:7e:52:
5d:27:86:99:e9:8e:e2:65:0a:c0:a4:62:1a:5c:9b:
47:2f:86:de:bc:b7:03:6f:f4:20:81:88:79:48:b8:
49:d9:ae:39:ba:46:47:10:25:cd:03:68:56:f9:b4:
f0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:0C:E4:19:DE:73:13:3A:37:44:4A:C0:D5:A6:E3:DE:D6:95:13:51
X509v3 Authority Key Identifier:
keyid:49:6E:79:69:46:37:EE:05:57:9E:18:04:C1:4D:85:1E:38:2A:14:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SW55aUY37gVXnhgEwU2FHjgqFMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/8AzkGd5zEzo3RErA1abj3taVE1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/SW55aUY37gVXnhgEwU2FHjgqFMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.34.0/24
195.18.26.0/24
Signature Algorithm: sha256WithRSAEncryption
32:92:27:22:22:62:ce:c8:67:f7:0f:73:7a:9d:7b:a8:4a:3a:
b2:17:b5:48:40:74:64:18:a1:5c:ab:20:43:12:02:69:49:c2:
66:50:bf:77:ab:34:de:9a:16:6d:bb:db:c6:c9:6f:f5:83:a1:
f4:8b:40:a5:d9:2d:9c:71:a2:14:dd:26:3c:e8:23:d3:3b:10:
a8:94:57:aa:b5:c7:cc:da:c9:0c:5d:66:db:de:5f:98:88:1a:
33:98:63:e6:ad:76:67:48:82:a0:03:86:7a:f8:54:50:93:f6:
ba:70:b5:62:11:81:58:ce:63:78:a5:b1:2f:2f:fd:fb:e2:c4:
c4:f5:c6:14:1e:c4:ef:7f:91:e0:c4:e5:9f:fc:e6:0c:70:c7:
28:cf:17:fd:a6:40:db:bf:80:5e:e5:e7:39:99:7f:9d:c3:f5:
ef:5e:b0:a2:95:e5:07:49:97:86:03:51:c2:87:44:cb:d5:a0:
f0:52:d3:3d:54:ca:2d:59:c4:26:b4:6d:c0:59:d2:a8:c7:c7:
fd:eb:14:af:e7:4e:59:e4:24:8b:b5:73:0d:05:51:68:0f:e1:
4b:73:52:05:b7:05:17:ea:4f:ed:e4:f8:9e:0a:40:10:67:3a:
14:ab:95:b9:60:0c:d5:9c:a1:61:e4:20:83:a3:72:30:6c:73:
6b:13:d4:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0tbizUlEVkOWiCoVkgzrfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NmU3OTY5NDYzN2VlMDU1NzllMTgwNGMxNGQ4NTFlMzgy
YTE0YzgwHhcNMjQwMTIxMTkxMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDBjZTQxOWRlNzMxMzNhMzc0NDRhYzBkNWE2ZTNkZWQ2OTUxMzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdYFhp4PqIcq6TKG7Qh6jiabogF7
gw2kUMhcZ9QiEfYbGTmOPYrdsR2Eaqo7hpUwrx659YjCnS/PNbW7z0zAOr0kknVn
T5AdwVosk5mXH4UhOUj3HFW58udk+PyakorQiolkkiSlFG+LikhRkuuQLHf/G6iv
XYr5F+7WBor011uJvIHtIt7z7GBjrnDTe+XSsrU/NNP7n0uMEw8MWuTK5LWGtMCk
aP9ynxJMBlh4Oi/KEXoTn8Z79fv5uLmtUvgunntX4cdsnNbtrGToIGYCflJdJ4aZ
6Y7iZQrApGIaXJtHL4bevLcDb/QggYh5SLhJ2a45ukZHECXNA2hW+bTwUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPAM5BnecxM6N0RKwNWm497WlRNRMB8GA1UdIwQY
MBaAFElueWlGN+4FV54YBMFNhR44KhTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1c1NWFVWTM3Z1ZYbmhnRXdVMkZIamdxRk1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMzVkMjgtOGFjMS00NTlhLTkxMjkt
M2Y3MDM5MzQ1Mjg5LzEvOEF6a0dkNXpFem8zUkVyQTFhYmozdGFWRTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMzVkMjgtOGFjMS00NTlhLTkxMjktM2Y3MDM5MzQ1Mjg5
LzEvU1c1NWFVWTM3Z1ZYbmhnRXdVMkZIamdxRk1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsHwiAwQA
wxIaMA0GCSqGSIb3DQEBCwUAA4IBAQAykiciImLOyGf3D3N6nXuoSjqyF7VIQHRk
GKFcqyBDEgJpScJmUL93qzTemhZtu9vGyW/1g6H0i0Cl2S2ccaIU3SY86CPTOxCo
lFeqtcfM2skMXWbb3l+YiBozmGPmrXZnSIKgA4Z6+FRQk/a6cLViEYFYzmN4pbEv
L/374sTE9cYUHsTvf5HgxOWf/OYMcMcozxf9pkDbv4Be5ec5mX+dw/XvXrCileUH
SZeGA1HCh0TL1aDwUtM9VMotWcQmtG3AWdKox8f96xSv505Z5CSLtXMNBVFoD+FL
c1IFtwUX6k/t5PieCkAQZzoUq5W5YAzVnKFh5CCDo3IwbHNrE9ST
-----END CERTIFICATE-----
Generated at Thu Feb 15 19:05:35 2024 by rpki-client on console-ams.rpki-client.org