Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/805412-63ba-470a-89c9-562b490110e0/1/EMN2Mvh60qYgPEfL02Zf8lNxdiI.roa
File: EMN2Mvh60qYgPEfL02Zf8lNxdiI.roa (raw, json)
Hash identifier: 8R5/LghvVPRrPc4wzbGDz6OUwTX7to4eUcgJmVRKzvs=
Subject key identifier: 10:C3:76:32:F8:7A:D2:A6:20:3C:47:CB:D3:66:5F:F2:53:71:76:22
Certificate issuer: /CN=fa27c6d0a06c2c1c2c9195fd9a9adbce4f865b87
Certificate serial: 0189F9A0948249C5595D52FE13E14E146AEC
Authority key identifier: FA:27:C6:D0:A0:6C:2C:1C:2C:91:95:FD:9A:9A:DB:CE:4F:86:5B:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ifG0KBsLBwskZX9mprbzk-GW4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/805412-63ba-470a-89c9-562b490110e0/1/EMN2Mvh60qYgPEfL02Zf8lNxdiI.roa
Signing time: Tue 15 Aug 2023 14:36:37 +0000
ROA not before: Tue 15 Aug 2023 14:36:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29376
IP address blocks: 195.137.226.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:a0:94:82:49:c5:59:5d:52:fe:13:e1:4e:14:6a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa27c6d0a06c2c1c2c9195fd9a9adbce4f865b87
Validity
Not Before: Aug 15 14:36:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10c37632f87ad2a6203c47cbd3665ff253717622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:35:9a:a2:ce:dc:e7:66:99:d4:b3:68:a6:4d:
d0:a2:75:b7:ac:f9:9e:66:6a:a4:96:b2:dd:ed:2f:
11:86:1e:7e:19:15:ec:3b:54:1e:a4:bf:3f:47:06:
3f:07:6f:ef:ba:eb:63:a1:99:b7:da:c6:a0:04:50:
45:51:13:c3:0a:c9:c5:15:27:21:98:5b:e3:ff:46:
ff:77:d6:8f:df:fb:98:0f:fb:6d:c1:69:55:da:34:
40:77:39:df:9e:40:7b:4b:93:0d:1d:76:90:98:5b:
02:c7:92:4b:f1:75:f1:cf:fb:43:4f:c4:a8:ff:5c:
e3:e8:9a:e9:42:65:d9:e5:1a:57:7b:0b:c2:fb:aa:
55:ac:76:a0:f4:5c:15:1f:59:67:a9:31:ba:ab:6c:
19:64:1e:96:cb:48:b1:e7:9e:56:9f:88:50:fb:de:
28:89:1e:6b:1a:af:d2:7b:39:dd:70:ec:56:8a:e8:
10:32:cf:b5:12:f9:ce:35:41:9e:e1:ee:ab:6b:35:
61:31:1f:de:27:cf:04:35:c4:6e:75:d0:0c:7b:15:
a0:73:18:4e:eb:ba:e4:4a:e4:46:89:2f:ad:22:bc:
de:ba:37:ca:70:64:4e:ab:ad:6c:31:92:d7:46:eb:
44:d5:f6:60:e4:3f:a3:13:f0:7f:61:e8:f4:85:99:
f2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:C3:76:32:F8:7A:D2:A6:20:3C:47:CB:D3:66:5F:F2:53:71:76:22
X509v3 Authority Key Identifier:
keyid:FA:27:C6:D0:A0:6C:2C:1C:2C:91:95:FD:9A:9A:DB:CE:4F:86:5B:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ifG0KBsLBwskZX9mprbzk-GW4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/805412-63ba-470a-89c9-562b490110e0/1/EMN2Mvh60qYgPEfL02Zf8lNxdiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/805412-63ba-470a-89c9-562b490110e0/1/1-ifG0KBsLBwskZX9mprbzk-GW4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.226.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:ba:ec:c7:5d:bc:75:d9:7f:45:17:39:4a:0a:eb:9e:a6:3c:
2e:dc:fd:f1:e6:c9:c2:0a:80:8a:8a:0d:64:d6:2a:34:c6:a6:
39:d9:01:7e:34:b0:1d:ad:24:37:e9:84:4a:23:eb:a4:96:9e:
28:88:5f:1e:a8:75:64:22:f7:8b:b2:3e:43:f4:12:af:24:c1:
95:90:1c:3a:fc:69:b1:19:dc:ad:74:c2:86:9d:69:90:25:09:
1b:57:23:37:a0:ec:54:c2:56:f4:46:b3:cb:72:b5:c6:fa:b3:
0a:93:f1:e4:39:24:5e:a9:c7:7e:54:62:ea:6e:ee:4a:1d:a3:
04:8a:89:1d:f0:0d:f9:ea:62:8b:18:c4:c1:4a:c3:24:08:89:
da:55:72:39:ac:2e:74:c6:b1:33:d9:79:34:c5:9b:20:55:af:
3e:5e:57:1b:1a:e0:71:63:e0:0e:d4:1a:cc:0d:29:92:19:bd:
b9:e7:32:e7:ab:cd:36:78:e3:6d:41:2e:b0:d7:63:05:9e:44:
d8:c9:7c:6d:59:19:67:51:f6:5b:4f:68:e6:46:8f:40:00:0e:
c8:0c:c9:a5:58:52:fe:61:86:50:3a:75:44:b7:4c:26:41:84:
f8:59:48:90:a6:28:a1:6a:ac:76:cd:86:05:14:d7:f0:95:41:
7a:80:e7:19
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYn5oJSCScVZXVL+E+FOFGrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMjdjNmQwYTA2YzJjMWMyYzkxOTVmZDlhOWFkYmNlNGY4
NjViODcwHhcNMjMwODE1MTQzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGMzNzYzMmY4N2FkMmE2MjAzYzQ3Y2JkMzY2NWZmMjUzNzE3NjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljWaos7c52aZ1LNopk3QonW3rPme
ZmqklrLd7S8Rhh5+GRXsO1QepL8/RwY/B2/vuutjoZm32sagBFBFURPDCsnFFSch
mFvj/0b/d9aP3/uYD/ttwWlV2jRAdznfnkB7S5MNHXaQmFsCx5JL8XXxz/tDT8So
/1zj6JrpQmXZ5RpXewvC+6pVrHag9FwVH1lnqTG6q2wZZB6Wy0ix555Wn4hQ+94o
iR5rGq/SezndcOxWiugQMs+1EvnONUGe4e6razVhMR/eJ88ENcRuddAMexWgcxhO
67rkSuRGiS+tIrzeujfKcGROq61sMZLXRutE1fZg5D+jE/B/Yej0hZnykQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBDDdjL4etKmIDxHy9NmX/JTcXYiMB8GA1UdIwQY
MBaAFPonxtCgbCwcLJGV/Zqa285PhluHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1pZkcwS0JzTEJ3c2taWDltcHJiemstR1c0Yy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvODA1NDEyLTYzYmEtNDcwYS04OWM5
LTU2MmI0OTAxMTBlMC8xL0VNTjJNdmg2MHFZZ1BFZkwwMlpmOGxOeGRpSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGYvODA1NDEyLTYzYmEtNDcwYS04OWM5LTU2MmI0OTAxMTBl
MC8xLzEtaWZHMEtCc0xCd3NrWlg5bXByYnprLUdXNGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHDieIw
DQYJKoZIhvcNAQELBQADggEBAAq67MddvHXZf0UXOUoK656mPC7c/fHmycIKgIqK
DWTWKjTGpjnZAX40sB2tJDfphEoj66SWniiIXx6odWQi94uyPkP0Eq8kwZWQHDr8
abEZ3K10woadaZAlCRtXIzeg7FTCVvRGs8tytcb6swqT8eQ5JF6px35UYupu7kod
owSKiR3wDfnqYosYxMFKwyQIidpVcjmsLnTGsTPZeTTFmyBVrz5eVxsa4HFj4A7U
GswNKZIZvbnnMuerzTZ4421BLrDXYwWeRNjJfG1ZGWdR9ltPaOZGj0AADsgMyaVY
Uv5hhlA6dUS3TCZBhPhZSJCmKKFqrHbNhgUU1/CVQXqA5xk=
-----END CERTIFICATE-----
Generated at Thu Nov 2 11:53:21 2023 by rpki-client on console-fra.rpki-client.org