Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/iaUErQaUNNUmbh5usLtxm_qOt9o.roa
File: iaUErQaUNNUmbh5usLtxm_qOt9o.roa (raw, json)
Hash identifier: EyYCYhPZd4kHNjR62EE1LM2srbJsw37YXyPK+oRGUXk=
Subject key identifier: 89:A5:04:AD:06:94:34:D5:26:6E:1E:6E:B0:BB:71:9B:FA:8E:B7:DA
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CB4491EE16580FCAA7D2C256AE69D7551
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/iaUErQaUNNUmbh5usLtxm_qOt9o.roa
Signing time: Fri 29 Dec 2023 06:35:40 +0000
ROA not before: Fri 29 Dec 2023 06:35:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49565
IP address blocks: 188.132.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:49:1e:e1:65:80:fc:aa:7d:2c:25:6a:e6:9d:75:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Dec 29 06:35:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89a504ad069434d5266e1e6eb0bb719bfa8eb7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0d:d3:aa:12:4a:80:f4:e1:9a:21:c7:ee:d6:
50:07:db:fd:1a:ea:a7:bb:2c:1d:fe:63:27:c6:5d:
a7:7a:2c:47:7d:b2:b6:27:1f:b8:05:2d:0f:a6:22:
97:6d:89:27:6d:42:26:be:a8:ac:18:39:e4:e6:32:
eb:54:d3:ce:55:aa:85:2c:92:36:80:3b:09:ec:62:
f7:fc:b4:27:7c:9b:6a:fc:b6:65:e2:1d:dd:97:da:
50:07:07:ce:4f:1a:ea:b3:ae:0f:f5:78:48:78:e3:
4e:fb:7f:1d:61:bc:42:24:38:20:89:af:29:c0:ad:
e1:f2:4a:1c:34:4a:4f:60:49:8d:33:df:48:8b:c4:
0e:50:4e:d2:73:21:29:41:c4:f7:0b:d7:48:de:2a:
fc:02:50:b5:5e:92:95:1b:67:f8:4d:1d:9f:f6:5a:
ba:4f:44:44:c4:0c:39:ea:bf:9c:cb:2c:d4:92:a2:
69:8a:e0:85:fd:a7:fc:77:c1:a1:60:ee:3e:9b:e1:
2e:70:ff:d7:f3:73:74:1e:5f:7c:3c:23:78:d8:07:
b7:18:fd:97:fd:47:d5:ca:76:c4:f7:cd:a7:c7:a3:
5d:5d:67:ad:cc:39:9c:c7:cb:a5:44:7f:4e:68:1e:
27:66:97:55:d2:8e:30:82:6a:23:fd:14:f5:a3:62:
eb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A5:04:AD:06:94:34:D5:26:6E:1E:6E:B0:BB:71:9B:FA:8E:B7:DA
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/iaUErQaUNNUmbh5usLtxm_qOt9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.220.0/24
Signature Algorithm: sha256WithRSAEncryption
22:86:be:c0:5b:03:06:9b:61:3a:50:8a:4e:9d:48:88:8d:c9:
6f:9d:42:60:f8:36:a0:d6:8e:d7:ed:d7:8a:27:17:cb:d1:db:
c5:c1:2d:bb:2d:82:35:87:c6:c8:02:a0:5e:1a:d2:c8:e7:01:
d6:2f:ea:df:18:b3:82:73:17:a7:a4:99:be:35:f5:1b:c8:61:
c2:6e:9e:52:15:62:b8:27:c0:2b:e7:09:da:2d:43:b4:91:b7:
ed:28:15:d6:d5:b3:21:ce:0e:e3:2c:78:9a:e3:64:95:26:df:
55:3c:bf:11:a1:02:0e:d2:e8:ee:e1:c8:8f:99:37:5b:86:84:
99:b9:b5:5a:f4:c1:3e:40:45:83:f9:ba:7c:41:62:2e:3a:32:
08:3c:60:78:a5:27:11:06:89:41:bd:a3:58:62:54:80:2a:06:
c1:a4:8b:01:4d:47:0d:45:fe:4f:07:66:33:ad:c7:c9:61:0d:
22:d5:0a:78:15:99:1a:3d:5b:12:af:2a:25:de:05:b7:b6:79:
49:05:24:73:64:64:75:0d:47:2a:ef:86:e2:eb:09:73:5f:df:
0b:d5:82:18:f0:66:26:f7:a2:8f:1c:3d:d9:dc:3c:e2:f1:5b:
68:ef:8a:2b:b1:3d:71:d5:ce:bd:fd:f6:84:45:5f:21:5e:ac:
49:5b:b4:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy0SR7hZYD8qn0sJWrmnXVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMjI5MDYzNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE1MDRhZDA2OTQzNGQ1MjY2ZTFlNmViMGJiNzE5YmZhOGViN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA3TqhJKgPThmiHH7tZQB9v9Guqn
uywd/mMnxl2neixHfbK2Jx+4BS0PpiKXbYknbUImvqisGDnk5jLrVNPOVaqFLJI2
gDsJ7GL3/LQnfJtq/LZl4h3dl9pQBwfOTxrqs64P9XhIeONO+38dYbxCJDggia8p
wK3h8kocNEpPYEmNM99Ii8QOUE7ScyEpQcT3C9dI3ir8AlC1XpKVG2f4TR2f9lq6
T0RExAw56r+cyyzUkqJpiuCF/af8d8GhYO4+m+EucP/X83N0Hl98PCN42Ae3GP2X
/UfVynbE982nx6NdXWetzDmcx8ulRH9OaB4nZpdV0o4wgmoj/RT1o2LrkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImlBK0GlDTVJm4ebrC7cZv6jrfaMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvaWFVRXJRYVVOTlVtYmg1dXNMdHhtX3FPdDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITcMA0G
CSqGSIb3DQEBCwUAA4IBAQAihr7AWwMGm2E6UIpOnUiIjclvnUJg+Dag1o7X7deK
JxfL0dvFwS27LYI1h8bIAqBeGtLI5wHWL+rfGLOCcxenpJm+NfUbyGHCbp5SFWK4
J8Ar5wnaLUO0kbftKBXW1bMhzg7jLHia42SVJt9VPL8RoQIO0uju4ciPmTdbhoSZ
ubVa9ME+QEWD+bp8QWIuOjIIPGB4pScRBolBvaNYYlSAKgbBpIsBTUcNRf5PB2Yz
rcfJYQ0i1Qp4FZkaPVsSryol3gW3tnlJBSRzZGR1DUcq74bi6wlzX98L1YIY8GYm
96KPHD3Z3Dzi8Vto74orsT1x1c69/faERV8hXqxJW7SS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org