Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/R-4Q5Yd-6JNKoc5F3Y_WNDLJHZg.roa
File: R-4Q5Yd-6JNKoc5F3Y_WNDLJHZg.roa (raw, json)
Hash identifier: TQfAGWNspKOFZ2f0Hxtg7fvQHZP77gFwO6w36jkWt8c=
Subject key identifier: 47:EE:10:E5:87:7E:E8:93:4A:A1:CE:45:DD:8F:D6:34:32:C9:1D:98
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 018CC2DAC75596AF92271B0DBEAF43861516
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/R-4Q5Yd-6JNKoc5F3Y_WNDLJHZg.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209371
IP address blocks: 195.24.232.0/24 maxlen: 24
188.93.141.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c7:55:96:af:92:27:1b:0d:be:af:43:86:15:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47ee10e5877ee8934aa1ce45dd8fd63432c91d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:74:74:14:b8:3d:b8:3f:c9:99:30:ab:db:87:
72:aa:47:09:67:2a:19:a5:dd:9f:8a:f4:cb:40:75:
75:eb:81:6e:09:c1:d2:8b:82:58:7b:e2:4b:38:b9:
ae:63:2f:17:96:ab:a2:48:4d:95:8b:8c:f9:7e:d0:
42:79:72:83:9a:1d:85:79:ab:4c:b2:7d:60:4b:7a:
f2:1e:1d:00:61:7f:66:59:f1:8e:c6:cc:9f:a2:ee:
7d:0b:c5:a8:69:e4:e6:59:9e:ab:74:11:65:85:14:
b7:b4:30:34:bc:ea:85:ea:48:ef:f0:c4:01:e1:75:
0d:1b:af:dd:5f:34:40:be:43:06:3e:86:94:64:26:
27:89:24:de:d8:0b:71:aa:eb:8d:2e:dd:f7:3e:1a:
b2:64:c3:34:52:34:89:00:a8:29:a4:6e:ab:50:56:
ea:69:2a:4b:3d:7e:b1:62:5b:0b:95:89:60:41:23:
00:22:b9:43:33:5e:be:bf:02:21:21:d3:f9:78:41:
31:a6:59:9b:56:fd:77:03:69:89:b1:09:4a:de:35:
5a:aa:6d:c6:61:50:8e:13:ee:86:82:83:b8:49:76:
19:70:4b:46:6d:7a:78:5e:52:d2:4b:35:d2:ee:8c:
af:0f:1c:b8:58:9d:a1:a5:5f:42:25:0a:b0:7a:1e:
33:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:EE:10:E5:87:7E:E8:93:4A:A1:CE:45:DD:8F:D6:34:32:C9:1D:98
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/R-4Q5Yd-6JNKoc5F3Y_WNDLJHZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.141.0/24
195.24.232.0/24
Signature Algorithm: sha256WithRSAEncryption
84:c9:63:63:c4:97:73:fa:ee:d9:82:db:9a:1d:08:23:71:f5:
1e:a2:69:73:c4:92:80:6b:be:5f:d9:14:9a:c3:c4:12:cb:b2:
73:f0:49:af:08:a3:c8:74:66:cb:ca:54:9a:9a:80:86:81:4d:
c7:a8:d4:20:91:8a:f1:b7:f8:18:db:62:cb:b1:ac:6e:70:0d:
e9:42:fb:ef:d7:3f:dd:63:30:23:17:14:4b:a0:82:0f:76:25:
e9:b4:85:ab:cc:c0:f6:3c:05:65:c6:91:2c:37:e4:b8:cd:fe:
86:59:58:09:aa:ed:d6:f5:63:a8:60:a4:a0:17:0a:91:29:75:
6f:77:b9:dc:03:f3:d4:e4:93:dc:86:f3:e1:8e:5b:1b:75:a5:
82:eb:74:bb:c9:7e:fb:14:55:b5:aa:3d:b6:61:f2:7f:65:61:
15:6b:72:c2:07:35:14:77:e4:60:c0:d8:f9:3c:78:59:31:57:
58:c4:de:0a:fe:2a:78:61:91:3d:9c:ff:a9:bb:09:e6:21:02:
d2:16:86:73:f8:0d:a7:b4:ba:3e:68:1c:c7:0a:21:bb:8a:fa:
c3:3d:8e:d0:c5:26:f2:0f:bf:f1:71:b3:42:ee:bd:9d:df:31:
63:43:3a:3b:8d:05:ac:89:37:85:c8:2d:0f:c3:11:ab:f8:da:
f8:1b:a1:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2sdVlq+SJxsNvq9DhhUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2VlMTBlNTg3N2VlODkzNGFhMWNlNDVkZDhmZDYzNDMyYzkxZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHR0FLg9uD/JmTCr24dyqkcJZyoZ
pd2fivTLQHV164FuCcHSi4JYe+JLOLmuYy8XlquiSE2Vi4z5ftBCeXKDmh2FeatM
sn1gS3ryHh0AYX9mWfGOxsyfou59C8WoaeTmWZ6rdBFlhRS3tDA0vOqF6kjv8MQB
4XUNG6/dXzRAvkMGPoaUZCYniSTe2AtxquuNLt33PhqyZMM0UjSJAKgppG6rUFbq
aSpLPX6xYlsLlYlgQSMAIrlDM16+vwIhIdP5eEExplmbVv13A2mJsQlK3jVaqm3G
YVCOE+6GgoO4SXYZcEtGbXp4XlLSSzXS7oyvDxy4WJ2hpV9CJQqweh4zwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEfuEOWHfuiTSqHORd2P1jQyyR2YMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvUi00UTVZZC02Sk5Lb2M1RjNZX1dORExKSFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvF2NAwQA
wxjoMA0GCSqGSIb3DQEBCwUAA4IBAQCEyWNjxJdz+u7ZgtuaHQgjcfUeomlzxJKA
a75f2RSaw8QSy7Jz8EmvCKPIdGbLylSamoCGgU3HqNQgkYrxt/gY22LLsaxucA3p
Qvvv1z/dYzAjFxRLoIIPdiXptIWrzMD2PAVlxpEsN+S4zf6GWVgJqu3W9WOoYKSg
FwqRKXVvd7ncA/PU5JPchvPhjlsbdaWC63S7yX77FFW1qj22YfJ/ZWEVa3LCBzUU
d+RgwNj5PHhZMVdYxN4K/ip4YZE9nP+puwnmIQLSFoZz+A2ntLo+aBzHCiG7ivrD
PY7QxSbyD7/xcbNC7r2d3zFjQzo7jQWsiTeFyC0PwxGr+Nr4G6Gn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:30 2024 by rpki-client on console-ams.rpki-client.org