Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Ci-4eRp4-tH-TuS8HquWqfdNYDg.roa
File: Ci-4eRp4-tH-TuS8HquWqfdNYDg.roa (raw, json)
Hash identifier: rkp/YIS0SxSu6QXZSmN5MSchU8a85rOkThWIaNjFFF4=
Subject key identifier: 0A:2F:B8:79:1A:78:FA:D1:FE:4E:E4:BC:1E:AB:96:A9:F7:4D:60:38
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 018CC2DAC6E729886DDF08A963681CB6DB00
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Ci-4eRp4-tH-TuS8HquWqfdNYDg.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 79.110.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c6:e7:29:88:6d:df:08:a9:63:68:1c:b6:db:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a2fb8791a78fad1fe4ee4bc1eab96a9f74d6038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:63:d2:d8:9e:5b:da:26:c5:1a:51:9a:99:61:
90:83:96:80:5e:de:3d:79:7a:45:c7:17:ec:12:4c:
46:03:c7:d3:ab:29:3a:34:a6:5f:88:e8:8d:09:54:
ef:1d:0c:86:2f:05:bb:10:d3:60:49:e0:aa:bd:15:
07:2c:27:4d:85:e6:e4:fb:86:f0:b1:bb:9c:58:47:
2a:3e:b9:85:8d:44:02:40:9c:43:2e:52:ad:19:1d:
95:4f:31:f4:93:61:b8:aa:13:8c:c5:93:04:0f:f3:
09:b6:a6:6c:08:c5:00:78:ea:21:db:eb:3e:f1:9c:
50:e7:20:80:e6:94:08:b7:36:c7:3b:c7:a8:ad:f3:
6e:83:79:75:0c:e1:9f:65:3e:95:86:aa:2d:bc:c1:
d4:44:49:f7:c0:3f:39:5b:3f:42:99:56:a5:c9:34:
2f:1f:a4:95:71:b1:31:7e:65:6b:01:02:04:72:ba:
82:bf:1f:27:38:ed:4d:e5:ef:2d:9d:ca:b2:8c:48:
33:ef:a6:9c:59:3e:a0:b6:a0:22:c9:bb:75:90:52:
10:a3:12:e4:78:a5:9c:90:31:aa:7b:8d:a2:68:03:
f6:7e:e7:b5:be:1b:4d:48:27:40:44:ba:a0:8a:6c:
37:2b:5c:ed:34:b8:a1:57:80:76:a1:38:cc:04:ac:
c7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2F:B8:79:1A:78:FA:D1:FE:4E:E4:BC:1E:AB:96:A9:F7:4D:60:38
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Ci-4eRp4-tH-TuS8HquWqfdNYDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.234.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c4:8c:d1:ef:c4:e0:18:3a:30:6b:4f:67:7d:40:c5:4e:23:
a8:6f:1a:32:11:00:25:a1:cb:6f:67:28:2f:53:a5:ef:6d:d9:
11:f8:99:66:4f:31:c2:2a:79:61:92:43:3d:59:47:db:89:f6:
e2:06:fa:7a:85:99:a3:8a:42:bc:dd:b7:7a:5e:e2:30:ce:56:
ab:18:94:0c:ef:fe:7d:00:03:23:64:17:de:76:26:d2:91:04:
9c:04:42:80:ac:21:e1:bc:11:f3:2c:72:61:c2:aa:7b:bd:0f:
d9:3d:b4:a0:69:e6:e1:7a:2c:c7:65:cc:82:65:42:0e:3a:76:
20:04:f5:52:aa:b4:9f:24:5c:28:2e:91:26:b8:73:d6:85:40:
df:b6:ce:3c:01:cc:4b:a0:09:ec:40:14:7b:87:0f:f8:74:a4:
e9:48:f3:9b:fb:93:26:0b:70:30:d1:61:ee:48:61:91:44:f1:
83:32:16:b6:e4:f2:f5:33:4b:54:e1:a4:ca:d9:46:63:29:92:
5d:bc:4c:48:90:cb:57:74:0d:73:a6:6f:bf:7b:10:25:3d:14:
f8:af:c4:86:cc:03:66:34:c1:40:0d:8e:86:c1:db:9c:f8:4a:
51:18:35:9a:dd:b9:29:3c:07:7c:3b:c4:30:2d:4a:28:27:e7:
5f:ff:4b:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2sbnKYht3wipY2gcttsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTJmYjg3OTFhNzhmYWQxZmU0ZWU0YmMxZWFiOTZhOWY3NGQ2MDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGPS2J5b2ibFGlGamWGQg5aAXt49
eXpFxxfsEkxGA8fTqyk6NKZfiOiNCVTvHQyGLwW7ENNgSeCqvRUHLCdNhebk+4bw
sbucWEcqPrmFjUQCQJxDLlKtGR2VTzH0k2G4qhOMxZMED/MJtqZsCMUAeOoh2+s+
8ZxQ5yCA5pQItzbHO8eorfNug3l1DOGfZT6VhqotvMHUREn3wD85Wz9CmValyTQv
H6SVcbExfmVrAQIEcrqCvx8nOO1N5e8tncqyjEgz76acWT6gtqAiybt1kFIQoxLk
eKWckDGqe42iaAP2fue1vhtNSCdARLqgimw3K1ztNLihV4B2oTjMBKzHZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAovuHkaePrR/k7kvB6rlqn3TWA4MB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvQ2ktNGVScDQtdEgtVHVTOEhxdVdxZmROWURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT27qMA0G
CSqGSIb3DQEBCwUAA4IBAQBQxIzR78TgGDowa09nfUDFTiOobxoyEQAloctvZygv
U6XvbdkR+JlmTzHCKnlhkkM9WUfbifbiBvp6hZmjikK83bd6XuIwzlarGJQM7/59
AAMjZBfedibSkQScBEKArCHhvBHzLHJhwqp7vQ/ZPbSgaebheizHZcyCZUIOOnYg
BPVSqrSfJFwoLpEmuHPWhUDfts48AcxLoAnsQBR7hw/4dKTpSPOb+5MmC3Aw0WHu
SGGRRPGDMha25PL1M0tU4aTK2UZjKZJdvExIkMtXdA1zpm+/exAlPRT4r8SGzANm
NMFADY6Gwduc+EpRGDWa3bkpPAd8O8QwLUooJ+df/0tJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:30 2024 by rpki-client on console-ams.rpki-client.org