Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/oDIaSNu25FcWa7AT41I-aqnDbzI.roa
File: oDIaSNu25FcWa7AT41I-aqnDbzI.roa (raw, json)
Hash identifier: SIlY8MjuSQAKmbpAI5fuL6t7pmd8+DNih48ctCkdEQM=
Subject key identifier: A0:32:1A:48:DB:B6:E4:57:16:6B:B0:13:E3:52:3E:6A:A9:C3:6F:32
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CC5012429B979E0178CA8AA5395A3B028
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/oDIaSNu25FcWa7AT41I-aqnDbzI.roa
Signing time: Mon 01 Jan 2024 12:30:35 +0000
ROA not before: Mon 01 Jan 2024 12:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 188.132.183.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:24:29:b9:79:e0:17:8c:a8:aa:53:95:a3:b0:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Jan 1 12:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0321a48dbb6e457166bb013e3523e6aa9c36f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:40:16:5c:0c:29:e6:78:47:ba:c2:ab:f1:89:
e0:cd:00:c9:df:00:6e:4a:85:a8:10:95:aa:5f:14:
76:76:e0:12:75:78:47:58:91:39:39:ee:bd:b0:ed:
a8:5a:e5:e0:27:3d:4a:06:30:23:f0:1d:d2:f6:81:
ad:f5:79:50:1e:7e:bc:f2:5a:56:fa:58:b6:47:fc:
4c:2e:ad:cf:ac:b6:46:70:9c:18:50:84:52:47:ef:
5d:f9:32:2b:1a:4f:d6:2d:1d:a5:48:fd:9c:e0:95:
79:31:da:b8:81:30:d6:da:0a:dd:21:a9:12:9a:f8:
df:4e:e4:07:6b:c1:e2:d6:8d:88:88:3a:6b:51:4a:
9c:22:e5:f6:46:7f:e9:b7:d6:fe:d7:e6:46:83:35:
ad:32:06:0e:b4:ed:a2:cf:ea:0d:99:66:6b:55:45:
95:bf:7c:3f:1e:91:31:34:b5:9a:05:94:11:73:ca:
87:27:47:0a:17:3b:50:6f:c0:8c:c5:84:9b:03:d3:
e7:3c:4e:16:4f:1f:94:eb:06:06:50:c9:40:1e:6c:
26:8c:45:7b:85:36:a1:43:aa:ec:51:5a:3b:dc:a4:
a9:7f:00:13:1b:d9:da:71:0d:cb:65:29:c5:97:9b:
86:68:2f:91:15:8e:62:3d:43:7d:98:26:b8:78:45:
59:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:32:1A:48:DB:B6:E4:57:16:6B:B0:13:E3:52:3E:6A:A9:C3:6F:32
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/oDIaSNu25FcWa7AT41I-aqnDbzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.183.0-188.132.184.255
188.132.206.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:19:6d:42:38:f8:e3:60:e4:cd:62:eb:32:bb:c9:01:47:be:
68:ff:31:a4:5e:cd:9b:1a:e0:25:b8:53:91:59:53:c6:fe:0d:
b1:3c:49:18:4b:bf:7e:ac:0a:67:ec:92:0e:d3:f9:70:64:53:
e9:d6:b6:34:88:54:d4:9f:57:d7:1a:a1:ba:29:eb:15:5c:e5:
4f:65:bd:f1:74:46:87:f4:24:81:80:37:73:4e:c8:f6:f2:b1:
74:c4:b5:fa:14:8c:d0:1a:0a:88:cf:c2:c2:fe:4d:37:4b:a0:
be:98:d8:15:b4:58:4c:ed:b6:9e:7f:9f:eb:e3:b3:08:7e:ed:
2c:5f:cf:0c:30:d8:3c:fb:9b:e1:ea:49:0e:7f:3a:c9:d8:10:
a7:68:68:c9:34:91:dc:0f:7d:05:dd:b1:f0:af:e8:2c:03:a7:
4b:da:10:35:b4:6f:0f:b0:55:93:12:32:10:84:31:ab:5b:c1:
1f:38:42:ce:8a:c7:bb:94:4a:6e:cd:8b:9a:e9:58:a2:14:c6:
10:8f:7a:f7:66:2b:16:d4:e8:92:2a:9a:7a:98:54:56:00:06:
61:3b:bc:e7:f0:97:04:8c:a9:f7:89:01:53:1c:12:82:cb:34:
b2:44:f2:b5:8c:97:d4:b4:d2:98:24:cd:be:56:6b:86:b5:a5:
e0:bd:9f:e9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFASQpuXngF4yoqlOVo7AoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwMTAxMTIzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDMyMWE0OGRiYjZlNDU3MTY2YmIwMTNlMzUyM2U2YWE5YzM2ZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0AWXAwp5nhHusKr8YngzQDJ3wBu
SoWoEJWqXxR2duASdXhHWJE5Oe69sO2oWuXgJz1KBjAj8B3S9oGt9XlQHn688lpW
+li2R/xMLq3PrLZGcJwYUIRSR+9d+TIrGk/WLR2lSP2c4JV5Mdq4gTDW2grdIakS
mvjfTuQHa8Hi1o2IiDprUUqcIuX2Rn/pt9b+1+ZGgzWtMgYOtO2iz+oNmWZrVUWV
v3w/HpExNLWaBZQRc8qHJ0cKFztQb8CMxYSbA9PnPE4WTx+U6wYGUMlAHmwmjEV7
hTahQ6rsUVo73KSpfwATG9nacQ3LZSnFl5uGaC+RFY5iPUN9mCa4eEVZ+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKAyGkjbtuRXFmuwE+NSPmqpw28yMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvb0RJYVNOdTI1RmNXYTdBVDQxSS1hcW5EYnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC8hLcD
BAC8hLgDBAG8hM4wDQYJKoZIhvcNAQELBQADggEBALsZbUI4+ONg5M1i6zK7yQFH
vmj/MaRezZsa4CW4U5FZU8b+DbE8SRhLv36sCmfskg7T+XBkU+nWtjSIVNSfV9ca
obop6xVc5U9lvfF0Rof0JIGAN3NOyPbysXTEtfoUjNAaCojPwsL+TTdLoL6Y2BW0
WEzttp5/n+vjswh+7Sxfzwww2Dz7m+HqSQ5/OsnYEKdoaMk0kdwPfQXdsfCv6CwD
p0vaEDW0bw+wVZMSMhCEMatbwR84Qs6Kx7uUSm7Ni5rpWKIUxhCPevdmKxbU6JIq
mnqYVFYABmE7vOfwlwSMqfeJAVMcEoLLNLJE8rWMl9S00pgkzb5Wa4a1peC9n+k=
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:12:37 2024 by rpki-client on console-fra.rpki-client.org