Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Y1D1EsEActXS9U0b40c0y7ELxRU.roa
File: Y1D1EsEActXS9U0b40c0y7ELxRU.roa (raw, json)
Hash identifier: 6l8HcrzfPXPbqH1CqJg/ITtjJrXdCVRkOZo9Bs7ktEk=
Subject key identifier: 63:50:F5:12:C1:00:72:D5:D2:F5:4D:1B:E3:47:34:CB:B1:0B:C5:15
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B5C1EFAF0E36FA60D5396C84463A03AFF
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Y1D1EsEActXS9U0b40c0y7ELxRU.roa
Signing time: Mon 23 Oct 2023 10:40:16 +0000
ROA not before: Mon 23 Oct 2023 10:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212193
IP address blocks: 188.132.214.0/24 maxlen: 24
77.92.147.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:1e:fa:f0:e3:6f:a6:0d:53:96:c8:44:63:a0:3a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 23 10:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6350f512c10072d5d2f54d1be34734cbb10bc515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a1:43:55:f2:e0:6e:06:7f:4e:56:10:e0:5d:
c1:98:7f:8b:c1:af:10:d4:cf:ba:9a:43:1d:23:7d:
29:70:56:cd:ef:71:97:d9:fb:6b:8f:25:9e:f6:c3:
8f:3f:aa:fb:fc:0a:71:0a:81:95:c9:31:9e:c0:af:
45:ee:0f:2a:98:9f:60:70:f6:0c:7c:a5:34:dd:93:
a5:20:c5:2d:eb:06:c5:91:51:23:e3:b8:d0:b1:72:
5e:c4:ec:f0:43:0e:26:ce:76:ab:40:d8:68:81:c9:
61:1a:c4:de:ad:7a:55:de:e7:5e:05:eb:94:a7:bc:
2a:15:8f:63:6a:2e:5b:79:5f:ce:e3:b3:06:e1:56:
cf:63:68:9c:28:82:74:26:74:bc:b0:6d:5c:ef:19:
20:64:00:6f:cc:56:90:ae:22:10:aa:a5:51:11:a8:
f0:b1:6e:df:c5:96:75:1d:19:22:96:63:6b:55:d9:
52:ec:ba:10:2c:36:96:2f:b4:57:2b:05:60:a9:c5:
03:a2:60:8d:61:ca:00:56:c2:15:8e:6e:f3:48:c8:
f6:38:e8:01:76:49:6f:8f:d0:b3:b7:a7:76:a9:95:
86:00:7e:12:d7:f7:50:83:0b:af:4b:3e:91:da:e3:
93:ea:b8:04:75:28:11:4d:67:09:cc:19:5d:d8:2e:
e1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:50:F5:12:C1:00:72:D5:D2:F5:4D:1B:E3:47:34:CB:B1:0B:C5:15
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Y1D1EsEActXS9U0b40c0y7ELxRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.147.0/24
188.132.214.0/24
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:05:01:32:98:2f:b7:e1:cc:8c:6f:9e:29:ba:a5:9f:93:31:
8f:64:da:7e:6c:2c:6d:d3:9a:4f:9d:25:c9:f9:a1:2d:60:8d:
cf:7e:4d:d2:ff:bf:a3:a3:e6:ed:12:2f:ae:aa:87:c7:fa:91:
68:67:30:ac:3c:76:0a:73:61:a1:3f:6a:b3:22:5f:14:4b:43:
31:ba:01:d4:f5:98:ea:8c:ea:d6:3b:e7:1d:f2:7b:99:85:94:
b9:dc:ed:0d:9f:9d:24:e0:6c:79:18:6c:de:f0:57:c4:5c:7f:
a6:00:b6:7b:28:d3:38:b6:99:e5:7f:dd:19:f8:78:33:0f:c1:
79:20:c6:9e:d1:e5:e8:f7:50:a0:50:97:dc:e6:61:2b:41:c8:
b9:5b:d4:9a:58:0e:d4:63:00:a8:b1:76:d8:4a:29:98:ec:c7:
b3:a2:ee:45:82:78:7d:ef:e3:1d:7e:ab:94:af:b7:f7:5e:1f:
d4:3a:5b:cf:a7:b6:8d:a8:75:81:a5:38:3b:82:6d:14:f5:86:
cd:79:b8:13:9b:5d:26:1b:d2:d1:14:e3:8a:d0:6f:cb:19:2e:
cc:01:40:81:79:85:ab:e1:65:13:9d:13:4e:65:84:ff:66:ab:
f3:e4:13:0f:b6:87:2e:d5:2e:f4:d7:2c:4c:a6:da:1c:90:55:
84:a8:a6:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtcHvrw42+mDVOWyERjoDr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDIzMTA0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzUwZjUxMmMxMDA3MmQ1ZDJmNTRkMWJlMzQ3MzRjYmIxMGJjNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6FDVfLgbgZ/TlYQ4F3BmH+Lwa8Q
1M+6mkMdI30pcFbN73GX2ftrjyWe9sOPP6r7/ApxCoGVyTGewK9F7g8qmJ9gcPYM
fKU03ZOlIMUt6wbFkVEj47jQsXJexOzwQw4mznarQNhogclhGsTerXpV3udeBeuU
p7wqFY9jai5beV/O47MG4VbPY2icKIJ0JnS8sG1c7xkgZABvzFaQriIQqqVREajw
sW7fxZZ1HRkilmNrVdlS7LoQLDaWL7RXKwVgqcUDomCNYcoAVsIVjm7zSMj2OOgB
dklvj9Czt6d2qZWGAH4S1/dQgwuvSz6R2uOT6rgEdSgRTWcJzBld2C7h0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGNQ9RLBAHLV0vVNG+NHNMuxC8UVMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvWTFEMUVzRUFjdFhTOVUwYjQwYzB5N0VMeFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVyTAwQA
vITWAwQA1EQ3MA0GCSqGSIb3DQEBCwUAA4IBAQDJBQEymC+34cyMb54puqWfkzGP
ZNp+bCxt05pPnSXJ+aEtYI3Pfk3S/7+jo+btEi+uqofH+pFoZzCsPHYKc2GhP2qz
Il8US0MxugHU9ZjqjOrWO+cd8nuZhZS53O0Nn50k4Gx5GGze8FfEXH+mALZ7KNM4
tpnlf90Z+HgzD8F5IMae0eXo91CgUJfc5mErQci5W9SaWA7UYwCosXbYSimY7Mez
ou5Fgnh97+MdfquUr7f3Xh/UOlvPp7aNqHWBpTg7gm0U9YbNebgTm10mG9LRFOOK
0G/LGS7MAUCBeYWr4WUTnRNOZYT/Zqvz5BMPtocu1S701yxMptockFWEqKbi
-----END CERTIFICATE-----
Generated at Wed Oct 25 11:20:31 2023 by rpki-client on console-ams.rpki-client.org