Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/atP4slErdQZWkFkmqQn9ewhLDac.roa
File: atP4slErdQZWkFkmqQn9ewhLDac.roa (raw, json)
Hash identifier: PTflzTyuHJXIVvWG+yrEAAX6GMcMrjWYA/iP7X/OWG4=
Subject key identifier: 6A:D3:F8:B2:51:2B:75:06:56:90:59:26:A9:09:FD:7B:08:4B:0D:A7
Certificate issuer: /CN=496e79694637ee05579e1804c14d851e382a14c8
Certificate serial: 018D13D7F0F528830969DC65C4D2E67C72D1
Authority key identifier: 49:6E:79:69:46:37:EE:05:57:9E:18:04:C1:4D:85:1E:38:2A:14:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SW55aUY37gVXnhgEwU2FHjgqFMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/atP4slErdQZWkFkmqQn9ewhLDac.roa
Signing time: Tue 16 Jan 2024 19:55:35 +0000
ROA not before: Tue 16 Jan 2024 19:55:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 195.18.26.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:f0:f5:28:83:09:69:dc:65:c4:d2:e6:7c:72:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=496e79694637ee05579e1804c14d851e382a14c8
Validity
Not Before: Jan 16 19:55:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ad3f8b2512b750656905926a909fd7b084b0da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1a:17:2d:1e:fe:b3:3b:ec:7a:1e:0c:6e:79:
a6:6c:8d:8c:d1:14:7b:52:b8:22:c3:3e:8a:11:53:
ef:0c:9b:69:c2:c1:e3:95:59:2f:37:3e:fe:2f:62:
a1:aa:f8:d6:16:d8:bc:07:f0:9f:ed:bb:e2:3a:17:
55:0a:dc:a5:7e:ee:2f:a0:81:ce:8b:c0:77:56:a9:
bb:37:aa:14:9c:be:d7:09:79:d8:53:ef:88:bc:67:
fb:52:e5:4b:d3:8b:79:3c:31:67:60:04:2c:c2:e8:
cc:3b:68:90:0b:64:f5:cb:c8:0b:5e:37:b1:e6:0a:
cd:83:6c:46:83:6b:20:c6:e9:dd:d6:8e:0c:f1:c1:
5e:54:9a:51:4c:43:70:b5:f9:a2:34:7f:2d:89:17:
ad:dc:ee:8c:95:a9:9e:1b:38:e5:80:c0:4a:de:12:
72:e8:1a:31:ff:40:3f:94:bd:d8:66:ce:55:9b:cd:
60:84:40:de:6c:b6:a1:34:1e:e3:81:8e:f1:0f:5e:
91:2c:1c:b6:36:7b:be:e1:ea:49:9b:95:66:73:af:
d9:be:4d:75:1e:2d:74:ed:6b:34:a5:d6:73:5b:c1:
10:3e:f1:ca:be:82:93:13:94:8d:1e:8d:54:f9:93:
77:ec:16:59:0c:c3:33:27:e0:d5:17:e4:70:35:df:
6a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D3:F8:B2:51:2B:75:06:56:90:59:26:A9:09:FD:7B:08:4B:0D:A7
X509v3 Authority Key Identifier:
keyid:49:6E:79:69:46:37:EE:05:57:9E:18:04:C1:4D:85:1E:38:2A:14:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SW55aUY37gVXnhgEwU2FHjgqFMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/atP4slErdQZWkFkmqQn9ewhLDac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/SW55aUY37gVXnhgEwU2FHjgqFMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.18.26.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:1d:16:40:80:50:0b:c3:e6:9a:99:2b:60:3c:dd:f4:33:3f:
de:01:a4:c2:43:af:92:1f:90:33:ba:30:8f:b8:b5:18:b5:2a:
cf:26:13:61:85:30:62:0b:a8:8c:ef:95:44:55:1a:7c:8a:0d:
9e:39:d8:95:6c:ff:70:ed:64:a6:3f:8d:39:d4:cf:0e:f7:37:
cf:89:02:77:b3:7d:94:28:b4:d3:9b:cc:49:e6:13:f5:00:c1:
8d:4c:50:80:ee:cb:24:d3:30:c9:8f:de:4f:de:85:f6:b0:fd:
b6:ff:aa:50:f3:90:80:0d:00:9e:8d:21:2f:b9:a9:c7:98:81:
94:b8:f4:55:3b:5e:92:bc:b3:82:c5:68:25:99:5b:c7:66:39:
6f:2a:0b:16:16:4c:d5:a6:c5:0d:48:66:be:4f:9d:7e:5f:b8:
50:0f:70:73:8a:68:cd:f9:7e:a4:41:2a:ee:6c:c5:e9:c6:c8:
0e:af:4d:b1:9d:0a:e4:f5:6d:64:88:6b:e8:1c:3d:70:e2:d4:
f2:c6:a3:9c:c3:cc:ee:c6:53:8d:11:e9:b1:46:c3:36:ad:2f:
56:b3:be:ff:a6:8f:7e:4b:1a:a3:71:0e:81:95:06:f2:57:a3:
b7:97:af:77:2e:4a:a3:fb:96:ab:6c:56:d7:e7:41:24:18:cd:
a4:16:7b:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0T1/D1KIMJadxlxNLmfHLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NmU3OTY5NDYzN2VlMDU1NzllMTgwNGMxNGQ4NTFlMzgy
YTE0YzgwHhcNMjQwMTE2MTk1NTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQzZjhiMjUxMmI3NTA2NTY5MDU5MjZhOTA5ZmQ3YjA4NGIwZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhoXLR7+szvseh4MbnmmbI2M0RR7
Urgiwz6KEVPvDJtpwsHjlVkvNz7+L2KhqvjWFti8B/Cf7bviOhdVCtylfu4voIHO
i8B3Vqm7N6oUnL7XCXnYU++IvGf7UuVL04t5PDFnYAQswujMO2iQC2T1y8gLXjex
5grNg2xGg2sgxund1o4M8cFeVJpRTENwtfmiNH8tiRet3O6MlameGzjlgMBK3hJy
6Box/0A/lL3YZs5Vm81ghEDebLahNB7jgY7xD16RLBy2Nnu+4epJm5Vmc6/Zvk11
Hi107Ws0pdZzW8EQPvHKvoKTE5SNHo1U+ZN37BZZDMMzJ+DVF+RwNd9q3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrT+LJRK3UGVpBZJqkJ/XsISw2nMB8GA1UdIwQY
MBaAFElueWlGN+4FV54YBMFNhR44KhTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1c1NWFVWTM3Z1ZYbmhnRXdVMkZIamdxRk1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMzVkMjgtOGFjMS00NTlhLTkxMjkt
M2Y3MDM5MzQ1Mjg5LzEvYXRQNHNsRXJkUVpXa0ZrbXFRbjlld2hMRGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMzVkMjgtOGFjMS00NTlhLTkxMjktM2Y3MDM5MzQ1Mjg5
LzEvU1c1NWFVWTM3Z1ZYbmhnRXdVMkZIamdxRk1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxIaMA0G
CSqGSIb3DQEBCwUAA4IBAQALHRZAgFALw+aamStgPN30Mz/eAaTCQ6+SH5AzujCP
uLUYtSrPJhNhhTBiC6iM75VEVRp8ig2eOdiVbP9w7WSmP4051M8O9zfPiQJ3s32U
KLTTm8xJ5hP1AMGNTFCA7ssk0zDJj95P3oX2sP22/6pQ85CADQCejSEvuanHmIGU
uPRVO16SvLOCxWglmVvHZjlvKgsWFkzVpsUNSGa+T51+X7hQD3BzimjN+X6kQSru
bMXpxsgOr02xnQrk9W1kiGvoHD1w4tTyxqOcw8zuxlONEemxRsM2rS9Ws77/po9+
SxqjcQ6BlQbyV6O3l693Lkqj+5arbFbX50EkGM2kFnvJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:58 2024 by rpki-client on console-fra.rpki-client.org