Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/2kE2UWabtSKK1BucIkINja1SsvQ.roa
File: 2kE2UWabtSKK1BucIkINja1SsvQ.roa (raw, json)
Hash identifier: Xntu8QcRb4jfTckVEd0Gec+QiVhrHqoyzzK/xUk7XPw=
Subject key identifier: DA:41:36:51:66:9B:B5:22:8A:D4:1B:9C:22:42:0D:8D:AD:52:B2:F4
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018BB3BC3369BD6A6FF545B9B9E8CDDB9063
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/2kE2UWabtSKK1BucIkINja1SsvQ.roa
Signing time: Thu 09 Nov 2023 10:58:57 +0000
ROA not before: Thu 09 Nov 2023 10:58:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212742
IP address blocks: 188.132.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:bc:33:69:bd:6a:6f:f5:45:b9:b9:e8:cd:db:90:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Nov 9 10:58:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da413651669bb5228ad41b9c22420d8dad52b2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d1:78:22:84:84:6f:1a:cf:29:77:98:c7:d8:
78:b0:c7:9b:42:ee:42:e5:1a:bb:f3:3d:01:ac:14:
1d:95:41:d7:24:ea:77:c2:1d:5f:b5:ae:35:33:00:
0b:38:0d:bb:63:bb:35:83:75:7f:7d:e1:83:c3:d3:
be:c9:61:63:cc:60:a6:33:13:49:f9:64:95:77:0e:
98:4c:c7:a4:97:50:a9:5b:2e:b0:e3:b4:49:eb:0b:
27:bb:5c:15:14:5c:77:39:54:49:73:a6:a0:88:43:
1c:22:b3:33:7f:07:87:26:e2:df:c5:40:81:db:75:
d6:4e:ab:3d:fe:07:99:bb:1b:9f:0c:08:03:2c:d5:
b1:20:40:40:e1:22:97:01:18:8d:e6:6b:b7:54:95:
76:b9:97:53:c8:a1:60:41:d2:94:82:85:2b:3e:cf:
6a:e5:40:02:32:67:6b:2d:16:cb:12:6b:3e:78:40:
7d:eb:be:e5:2f:83:10:fb:3a:8c:d6:68:03:40:f5:
93:f2:b6:51:47:76:9b:34:45:1f:a9:fe:fe:25:0d:
51:4c:d8:4a:81:2c:ce:0e:3a:81:87:22:80:3c:77:
eb:3d:c9:4d:76:6a:f9:60:73:74:a5:ba:a9:b9:d7:
d9:91:c0:a6:b3:07:75:b7:db:45:98:15:59:5d:57:
38:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:41:36:51:66:9B:B5:22:8A:D4:1B:9C:22:42:0D:8D:AD:52:B2:F4
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/2kE2UWabtSKK1BucIkINja1SsvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.216.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:aa:af:a7:3e:6e:5d:87:fc:b0:7a:d2:b2:0d:ea:42:55:a8:
fd:e4:be:6d:5b:00:e1:79:20:0e:60:19:b4:77:61:34:7f:d3:
16:35:b4:b1:25:8f:6f:ad:a0:33:7c:aa:ec:a8:b5:e9:98:80:
4c:dc:4f:81:b5:10:f2:ab:87:4b:1a:04:59:28:5e:a3:fb:f0:
34:58:12:40:d8:97:17:ee:8b:10:c1:5a:27:7f:35:5e:02:23:
7c:50:1f:69:3e:40:aa:9d:bc:45:5a:3f:16:8d:37:b8:c9:45:
e1:ae:6e:7e:e6:bc:34:3b:4c:12:d3:b1:61:ee:32:5f:b5:73:
8d:74:b9:bf:c2:db:de:41:21:5b:70:55:4d:b8:95:2f:20:b9:
cd:a6:ee:a8:a2:06:09:ae:aa:51:f5:3c:dc:f7:e7:09:ba:95:
6d:c6:d2:aa:a6:d5:fb:62:60:1f:74:dd:4c:f2:c7:1e:1d:a8:
82:3f:3d:7e:34:dc:25:8c:94:e5:ce:95:59:ae:ac:19:39:4a:
cf:12:b5:30:4c:fc:9c:9a:65:75:70:4d:5b:6f:a0:33:68:e6:
e8:98:fd:cb:96:5b:dd:13:43:22:6d:16:e0:53:7b:ea:d1:b2:
38:5e:68:02:a1:54:ac:69:7e:4d:f2:09:db:e7:85:18:e9:8b:
2a:f5:5a:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuzvDNpvWpv9UW5uejN25BjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMTA5MTA1ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQxMzY1MTY2OWJiNTIyOGFkNDFiOWMyMjQyMGQ4ZGFkNTJiMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNF4IoSEbxrPKXeYx9h4sMebQu5C
5Rq78z0BrBQdlUHXJOp3wh1fta41MwALOA27Y7s1g3V/feGDw9O+yWFjzGCmMxNJ
+WSVdw6YTMekl1CpWy6w47RJ6wsnu1wVFFx3OVRJc6agiEMcIrMzfweHJuLfxUCB
23XWTqs9/geZuxufDAgDLNWxIEBA4SKXARiN5mu3VJV2uZdTyKFgQdKUgoUrPs9q
5UACMmdrLRbLEms+eEB9677lL4MQ+zqM1mgDQPWT8rZRR3abNEUfqf7+JQ1RTNhK
gSzODjqBhyKAPHfrPclNdmr5YHN0pbqpudfZkcCmswd1t9tFmBVZXVc4KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpBNlFmm7UiitQbnCJCDY2tUrL0MB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvMmtFMlVXYWJ0U0tLMUJ1Y0lrSU5qYTFTc3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITYMA0G
CSqGSIb3DQEBCwUAA4IBAQAbqq+nPm5dh/ywetKyDepCVaj95L5tWwDheSAOYBm0
d2E0f9MWNbSxJY9vraAzfKrsqLXpmIBM3E+BtRDyq4dLGgRZKF6j+/A0WBJA2JcX
7osQwVonfzVeAiN8UB9pPkCqnbxFWj8WjTe4yUXhrm5+5rw0O0wS07Fh7jJftXON
dLm/wtveQSFbcFVNuJUvILnNpu6oogYJrqpR9Tzc9+cJupVtxtKqptX7YmAfdN1M
8sceHaiCPz1+NNwljJTlzpVZrqwZOUrPErUwTPycmmV1cE1bb6AzaObomP3Lllvd
E0MibRbgU3vq0bI4XmgCoVSsaX5N8gnb54UY6Ysq9VpX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org