Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/3UTVrl4FZr6GS0XEmlNfZJEPhLk.roa
File: 3UTVrl4FZr6GS0XEmlNfZJEPhLk.roa (raw, json)
Hash identifier: /kQay50Zn+JykYXP7OCQcyO3cRo+DhOx54Zbn/MD6Qk=
Subject key identifier: DD:44:D5:AE:5E:05:66:BE:86:4B:45:C4:9A:53:5F:64:91:0F:84:B9
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B6169F5D10CE3CD6B37D35F32D0723B3A
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/3UTVrl4FZr6GS0XEmlNfZJEPhLk.roa
Signing time: Tue 24 Oct 2023 11:20:15 +0000
ROA not before: Tue 24 Oct 2023 11:20:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200673
IP address blocks: 188.132.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:69:f5:d1:0c:e3:cd:6b:37:d3:5f:32:d0:72:3b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 24 11:20:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd44d5ae5e0566be864b45c49a535f64910f84b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:97:73:21:be:b7:cf:54:39:89:f4:43:a9:82:
bb:e8:1e:e6:3f:fa:66:68:61:66:ef:17:1b:d7:de:
09:90:20:38:8f:37:d2:be:c7:9e:9f:cf:bc:1b:cf:
2d:b9:a6:53:f2:1a:d7:55:f4:b8:b2:ec:91:84:c6:
5b:ec:a0:19:b0:95:fc:2f:34:98:f2:26:fb:20:41:
f5:87:36:bc:ae:f4:69:96:ae:e1:2f:37:f4:86:18:
69:a9:7e:bd:84:23:09:46:b4:f8:ba:75:d8:09:f0:
a6:e5:6c:b0:ef:56:7f:1a:21:60:d2:2b:be:2b:0a:
6a:3a:b8:f3:c0:1e:fd:c3:04:fb:b5:1e:83:41:38:
ef:ed:41:95:cd:d4:63:de:32:f5:d2:5c:58:81:ab:
d0:94:e8:12:36:1d:2e:ad:10:e4:3f:a5:b3:d5:35:
47:f9:5f:0f:19:b8:a0:11:52:91:d1:9a:f4:3b:00:
3f:76:c6:b7:71:6a:d0:4a:f0:a8:c8:cd:b7:36:59:
ed:7b:4e:65:90:9b:7a:f3:6d:b5:fb:b8:9a:f9:8a:
a5:33:c4:78:ec:54:6c:56:e7:b4:2e:72:15:12:75:
6b:c8:3b:61:80:ef:75:94:1c:6e:f4:3f:39:50:63:
22:0d:7e:bb:bf:49:92:20:0b:e9:0a:e9:06:6b:5e:
d1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:44:D5:AE:5E:05:66:BE:86:4B:45:C4:9A:53:5F:64:91:0F:84:B9
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/3UTVrl4FZr6GS0XEmlNfZJEPhLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.219.0/24
Signature Algorithm: sha256WithRSAEncryption
99:13:22:1c:20:6e:08:78:07:dd:d8:2e:04:09:d7:77:1c:61:
ce:4b:ce:4e:32:e5:6a:0b:e7:41:51:1e:45:b3:6c:ff:5b:41:
c9:75:59:5b:a8:87:2e:7b:05:74:6c:2d:b1:a8:29:13:ce:e1:
b2:d7:bd:08:2f:1e:b4:88:c9:c8:a2:8d:bb:3c:08:ca:b9:51:
7e:f5:4f:03:68:68:90:0e:09:52:86:7b:81:e3:03:71:02:75:
9f:d8:34:70:1f:ee:58:8f:6b:f3:cb:8b:f7:ff:4a:24:a3:66:
c2:a4:96:96:52:a5:78:63:18:22:b0:ca:5f:b4:97:b2:33:5b:
71:40:24:11:ef:66:94:6f:0a:9b:f6:66:d4:06:1e:32:41:9e:
f9:16:b4:31:fe:cf:63:a5:d1:0b:4d:ae:63:57:7a:0f:db:8a:
81:9e:3e:05:e7:d2:56:23:81:a6:94:b9:2e:66:e6:f5:1b:51:
77:fa:cd:22:b6:ed:e1:84:a0:70:ff:b4:f3:7b:fc:e1:25:50:
34:02:ac:9f:36:f2:90:a3:a4:a3:fe:e6:fb:a7:e2:16:cb:b5:
31:5a:88:cd:e1:2e:71:e4:bf:04:42:f9:59:84:06:bc:45:fc:
53:24:c1:6b:b4:8d:42:82:1b:09:a4:5d:67:66:a3:16:67:03:
64:76:d7:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYthafXRDOPNazfTXzLQcjs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDI0MTEyMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ0ZDVhZTVlMDU2NmJlODY0YjQ1YzQ5YTUzNWY2NDkxMGY4NGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZdzIb63z1Q5ifRDqYK76B7mP/pm
aGFm7xcb194JkCA4jzfSvseen8+8G88tuaZT8hrXVfS4suyRhMZb7KAZsJX8LzSY
8ib7IEH1hza8rvRplq7hLzf0hhhpqX69hCMJRrT4unXYCfCm5Wyw71Z/GiFg0iu+
KwpqOrjzwB79wwT7tR6DQTjv7UGVzdRj3jL10lxYgavQlOgSNh0urRDkP6Wz1TVH
+V8PGbigEVKR0Zr0OwA/dsa3cWrQSvCoyM23Nlnte05lkJt68221+7ia+YqlM8R4
7FRsVue0LnIVEnVryDthgO91lBxu9D85UGMiDX67v0mSIAvpCukGa17RVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1E1a5eBWa+hktFxJpTX2SRD4S5MB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvM1VUVnJsNEZacjZHUzBYRW1sTmZaSkVQaExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITbMA0G
CSqGSIb3DQEBCwUAA4IBAQCZEyIcIG4IeAfd2C4ECdd3HGHOS85OMuVqC+dBUR5F
s2z/W0HJdVlbqIcuewV0bC2xqCkTzuGy170ILx60iMnIoo27PAjKuVF+9U8DaGiQ
DglShnuB4wNxAnWf2DRwH+5Yj2vzy4v3/0oko2bCpJaWUqV4YxgisMpftJeyM1tx
QCQR72aUbwqb9mbUBh4yQZ75FrQx/s9jpdELTa5jV3oP24qBnj4F59JWI4GmlLku
Zub1G1F3+s0itu3hhKBw/7Tze/zhJVA0AqyfNvKQo6Sj/ub7p+IWy7UxWojN4S5x
5L8EQvlZhAa8RfxTJMFrtI1CghsJpF1nZqMWZwNkdtff
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org