Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/QQPRECpJAq-IFvYupRIS_Gtz9VU.roa
File: QQPRECpJAq-IFvYupRIS_Gtz9VU.roa (raw, json)
Hash identifier: vfn1r+vSfTaVYA1hVVeUvmp5Ig8fsNy668lWXfu1LLE=
Subject key identifier: 41:03:D1:10:2A:49:02:AF:88:16:F6:2E:A5:12:12:FC:6B:73:F5:55
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B4226464F94B57F837208E55ED824C9BF
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/QQPRECpJAq-IFvYupRIS_Gtz9VU.roa
Signing time: Wed 18 Oct 2023 09:38:06 +0000
ROA not before: Wed 18 Oct 2023 09:38:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201707
IP address blocks: 188.132.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:26:46:4f:94:b5:7f:83:72:08:e5:5e:d8:24:c9:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 18 09:38:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4103d1102a4902af8816f62ea51212fc6b73f555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:db:77:b9:8a:61:ad:6f:e5:df:c1:31:5e:88:
d3:c6:d6:1f:8c:d0:71:eb:3f:6a:e9:b7:a9:69:23:
3e:91:6d:f2:d4:71:8d:91:e6:a7:91:e2:23:ad:b8:
85:31:b0:67:99:af:3c:90:d9:16:eb:19:dc:77:ab:
f0:fa:00:ec:e1:64:db:d3:dd:e0:4e:7e:8b:b8:9d:
22:95:c9:53:99:57:7b:7f:22:ef:35:97:2f:a2:41:
ca:8f:aa:3b:e5:c1:b3:77:3b:98:52:54:af:86:9c:
80:45:7c:59:73:5e:9e:6a:48:7d:71:e3:57:73:11:
c6:80:6d:5b:54:49:8d:15:89:f6:7c:1f:ad:78:26:
d6:eb:5a:c6:10:39:96:fa:01:e4:bf:99:69:e0:89:
f5:fb:45:b3:ca:e3:58:9a:e4:81:a4:33:78:20:36:
e3:97:e2:e5:77:bd:14:ae:31:b6:5c:44:58:25:24:
43:b9:8d:c7:82:36:62:8f:a0:e8:0f:b6:55:a7:08:
b0:28:14:75:56:5d:f0:49:f1:f9:62:d3:60:ad:32:
7d:84:f5:69:e9:4f:f3:31:aa:6e:f9:9c:e6:27:c8:
14:1a:4d:83:1b:97:9c:6d:cf:97:c2:9a:3b:7b:12:
98:68:9b:6f:b1:ef:41:88:9c:2c:d0:37:e8:f2:2d:
8a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:03:D1:10:2A:49:02:AF:88:16:F6:2E:A5:12:12:FC:6B:73:F5:55
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/QQPRECpJAq-IFvYupRIS_Gtz9VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.210.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f5:71:ba:1c:b2:b9:3c:07:d8:e8:db:9e:6b:ab:d2:4b:ef:
dd:3b:83:78:a0:74:cb:b4:be:01:d8:97:84:ce:3a:77:7f:04:
83:fc:21:18:ca:2f:ae:4d:42:78:7d:4f:20:0a:68:94:38:85:
7f:77:1c:45:4d:22:24:d1:49:00:9e:e9:4d:4d:70:f8:40:ba:
d9:7e:6d:1d:2e:a2:13:0b:cc:96:2e:97:94:5d:58:a8:54:ee:
07:2c:11:c0:4c:eb:e2:d5:d4:dd:2c:bd:b9:7c:d8:68:90:e0:
ef:8a:e6:00:54:d9:44:3e:b1:ef:fe:8c:7a:36:fe:8a:04:50:
74:e6:21:33:cf:a0:d4:18:94:e3:69:ef:e9:b8:5b:ab:9d:10:
7d:05:85:79:92:e2:41:95:13:f3:87:ff:2d:fd:3d:d7:03:b2:
82:bd:f5:08:96:dd:09:2b:94:80:d6:60:0d:87:c8:4d:fe:25:
46:c6:c4:03:6b:40:a5:7e:8d:e7:9e:7d:8f:56:f5:ab:6c:d5:
fe:91:3f:56:9c:28:52:0f:b5:64:a5:48:57:aa:0b:16:0f:97:
b1:ab:10:0e:cb:80:c6:a6:87:b3:c3:cb:1c:7f:71:8a:df:f7:
4d:57:b9:de:0a:bd:6f:c3:99:a8:36:06:65:3c:8a:a5:a8:2f:
42:c5:a1:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtCJkZPlLV/g3II5V7YJMm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDE4MDkzODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTAzZDExMDJhNDkwMmFmODgxNmY2MmVhNTEyMTJmYzZiNzNmNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdt3uYphrW/l38ExXojTxtYfjNBx
6z9q6bepaSM+kW3y1HGNkeankeIjrbiFMbBnma88kNkW6xncd6vw+gDs4WTb093g
Tn6LuJ0ilclTmVd7fyLvNZcvokHKj6o75cGzdzuYUlSvhpyARXxZc16eakh9ceNX
cxHGgG1bVEmNFYn2fB+teCbW61rGEDmW+gHkv5lp4In1+0WzyuNYmuSBpDN4IDbj
l+Lld70UrjG2XERYJSRDuY3HgjZij6DoD7ZVpwiwKBR1Vl3wSfH5YtNgrTJ9hPVp
6U/zMapu+ZzmJ8gUGk2DG5ecbc+Xwpo7exKYaJtvse9BiJws0Dfo8i2KfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEED0RAqSQKviBb2LqUSEvxrc/VVMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvUVFQUkVDcEpBcS1JRnZZdXBSSVNfR3R6OVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITSMA0G
CSqGSIb3DQEBCwUAA4IBAQAk9XG6HLK5PAfY6Nuea6vSS+/dO4N4oHTLtL4B2JeE
zjp3fwSD/CEYyi+uTUJ4fU8gCmiUOIV/dxxFTSIk0UkAnulNTXD4QLrZfm0dLqIT
C8yWLpeUXVioVO4HLBHATOvi1dTdLL25fNhokODviuYAVNlEPrHv/ox6Nv6KBFB0
5iEzz6DUGJTjae/puFurnRB9BYV5kuJBlRPzh/8t/T3XA7KCvfUIlt0JK5SA1mAN
h8hN/iVGxsQDa0Clfo3nnn2PVvWrbNX+kT9WnChSD7VkpUhXqgsWD5exqxAOy4DG
poezw8scf3GK3/dNV7neCr1vw5moNgZlPIqlqC9CxaGM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org