Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/HQcsPoz40o3TcfvENFCZ6pZHCVg.roa
File: HQcsPoz40o3TcfvENFCZ6pZHCVg.roa (raw, json)
Hash identifier: T2kEZHEgOJlOTNHjNAzPVXPOhgSp7ssWThDDWqBecHQ=
Subject key identifier: 1D:07:2C:3E:8C:F8:D2:8D:D3:71:FB:C4:34:50:99:EA:96:47:09:58
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CC501269865FC96A0384E7FD8C294B2FA
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/HQcsPoz40o3TcfvENFCZ6pZHCVg.roa
Signing time: Mon 01 Jan 2024 12:30:36 +0000
ROA not before: Mon 01 Jan 2024 12:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215812
IP address blocks: 188.132.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:26:98:65:fc:96:a0:38:4e:7f:d8:c2:94:b2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Jan 1 12:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d072c3e8cf8d28dd371fbc4345099ea96470958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:44:da:0b:36:05:ab:fe:d7:ee:46:00:81:06:
ac:7f:0f:36:7b:6b:d5:82:cb:6c:a3:e1:23:8d:d5:
e6:1e:e0:a5:37:a3:59:6b:07:d8:dc:53:90:1f:1a:
36:32:21:11:46:9c:cc:cb:f0:26:0c:2d:16:df:48:
1e:2b:8c:85:3a:2b:f5:cb:56:05:ef:73:d6:3a:a6:
0d:e4:2a:c7:9a:20:63:8f:ad:e2:68:26:56:26:f9:
a6:a4:f4:2f:5a:75:d0:6b:0d:53:20:5d:c1:da:b7:
4e:89:fc:00:a9:94:30:61:41:5b:ae:f7:dc:01:b7:
8e:29:41:db:78:36:a8:85:25:c0:e9:1f:73:3f:d4:
72:90:66:5f:8d:6e:b1:fb:00:bc:39:e4:d5:c6:48:
8c:35:88:37:bc:1e:c7:58:ee:3a:29:93:b8:61:a4:
46:23:f1:9f:d9:54:60:35:9c:76:c4:4b:8a:21:25:
77:36:2e:18:ed:f8:79:13:75:5d:98:02:09:a0:00:
a5:35:72:b5:ae:22:5c:25:3c:b3:a7:f1:80:33:d9:
be:52:b3:42:5d:5f:1d:45:b9:7e:80:47:e7:f0:e8:
fd:b8:7f:f4:c7:4b:55:f2:0e:46:fd:6b:fd:a1:1a:
9f:62:e3:3a:ca:b5:b7:03:cc:37:3c:ac:59:20:ea:
48:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:07:2C:3E:8C:F8:D2:8D:D3:71:FB:C4:34:50:99:EA:96:47:09:58
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/HQcsPoz40o3TcfvENFCZ6pZHCVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.220.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:b4:87:70:8f:32:db:de:38:9a:7f:39:d9:9c:80:1d:de:e0:
34:fe:41:61:30:69:a8:97:4a:5d:32:d2:7b:a1:c9:72:cb:d8:
53:d8:31:19:ac:9e:a5:30:80:7c:60:bf:a8:c3:30:d4:07:2b:
ac:6b:b0:00:9d:92:be:c1:05:63:91:d1:52:30:f7:06:df:fb:
87:63:45:5d:3b:e2:62:96:24:0e:1b:07:31:b2:48:ea:5d:4d:
d1:a7:d6:89:8c:ab:7a:40:45:7f:e8:17:d2:c7:30:11:15:31:
49:98:36:cd:bb:7d:f0:8d:f3:67:b0:d2:02:78:b9:af:72:35:
5f:b9:59:f9:9b:96:16:bf:1e:71:a0:15:f1:b0:7d:9f:55:85:
42:f1:82:64:cc:13:a5:4c:bb:22:2c:cf:0b:80:78:5f:11:68:
37:0b:d2:9c:e5:12:19:bb:0f:ac:96:ba:2d:f0:40:bc:72:43:
38:9d:1f:f5:f3:48:83:80:4c:71:76:75:83:ff:39:0c:8c:d8:
53:12:8b:c6:ee:76:74:25:1c:d0:55:f6:ba:8e:56:24:e7:57:
05:25:2a:d4:c3:12:b2:02:96:ed:b6:66:57:62:54:dc:fb:fc:
90:23:c6:c8:ae:48:fb:6c:2e:d3:cd:a2:e7:8e:7a:7c:92:c9:
e3:0b:4d:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASaYZfyWoDhOf9jClLL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwMTAxMTIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDA3MmMzZThjZjhkMjhkZDM3MWZiYzQzNDUwOTllYTk2NDcwOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUTaCzYFq/7X7kYAgQasfw82e2vV
gstso+EjjdXmHuClN6NZawfY3FOQHxo2MiERRpzMy/AmDC0W30geK4yFOiv1y1YF
73PWOqYN5CrHmiBjj63iaCZWJvmmpPQvWnXQaw1TIF3B2rdOifwAqZQwYUFbrvfc
AbeOKUHbeDaohSXA6R9zP9RykGZfjW6x+wC8OeTVxkiMNYg3vB7HWO46KZO4YaRG
I/Gf2VRgNZx2xEuKISV3Ni4Y7fh5E3VdmAIJoAClNXK1riJcJTyzp/GAM9m+UrNC
XV8dRbl+gEfn8Oj9uH/0x0tV8g5G/Wv9oRqfYuM6yrW3A8w3PKxZIOpIUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0HLD6M+NKN03H7xDRQmeqWRwlYMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvSFFjc1BvejQwbzNUY2Z2RU5GQ1o2cFpIQ1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITcMA0G
CSqGSIb3DQEBCwUAA4IBAQCdtIdwjzLb3jiafznZnIAd3uA0/kFhMGmol0pdMtJ7
oclyy9hT2DEZrJ6lMIB8YL+owzDUByusa7AAnZK+wQVjkdFSMPcG3/uHY0VdO+Ji
liQOGwcxskjqXU3Rp9aJjKt6QEV/6BfSxzARFTFJmDbNu33wjfNnsNICeLmvcjVf
uVn5m5YWvx5xoBXxsH2fVYVC8YJkzBOlTLsiLM8LgHhfEWg3C9Kc5RIZuw+slrot
8EC8ckM4nR/180iDgExxdnWD/zkMjNhTEovG7nZ0JRzQVfa6jlYk51cFJSrUwxKy
ApbttmZXYlTc+/yQI8bIrkj7bC7TzaLnjnp8ksnjC002
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:12:37 2024 by rpki-client on console-fra.rpki-client.org