Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/p8m-CsDlLVGwiwM86NYoR_qZrsA.roa
File: p8m-CsDlLVGwiwM86NYoR_qZrsA.roa (raw, json)
Hash identifier: tB7Q8dsJM5ghceLT7FNM79VSARpspCbWBLZSeju1rE4=
Subject key identifier: A7:C9:BE:0A:C0:E5:2D:51:B0:8B:03:3C:E8:D6:28:47:FA:99:AE:C0
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018AF57E35783DE5A094C795AD0B1CDE936F
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/p8m-CsDlLVGwiwM86NYoR_qZrsA.roa
Signing time: Tue 03 Oct 2023 12:23:23 +0000
ROA not before: Tue 03 Oct 2023 12:23:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212742
IP address blocks: 188.132.242.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
188.132.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:7e:35:78:3d:e5:a0:94:c7:95:ad:0b:1c:de:93:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 3 12:23:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7c9be0ac0e52d51b08b033ce8d62847fa99aec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2d:70:d5:ef:08:31:c6:08:94:4a:79:00:e0:
94:fb:b3:2f:c1:70:72:40:d8:43:5d:e9:df:f0:ad:
dc:30:db:1b:6e:7d:4c:5c:0f:e0:ec:a1:c7:1a:c7:
ec:9b:e7:dd:29:a1:df:6f:c4:6a:1d:33:c6:1f:67:
8e:87:fc:90:3b:4c:36:0c:ae:79:60:8f:71:c9:ca:
c0:19:6b:b7:ee:de:9b:ce:05:09:68:fc:fc:37:c8:
71:9f:74:bd:86:3b:20:2b:01:e2:27:4f:9e:1e:41:
31:48:ed:bb:e4:57:13:b5:88:12:14:83:eb:e6:13:
61:4f:b5:e7:67:df:18:f6:81:7a:b5:e9:ca:63:3f:
e4:72:cd:04:80:41:6f:94:a7:c3:b3:ce:33:8a:95:
55:32:14:8a:a6:04:23:ee:9d:55:74:28:d1:c9:01:
3c:da:2e:3e:af:88:f8:76:a8:01:16:d9:8d:09:91:
48:78:c8:c4:ab:4b:b7:64:70:0a:e8:ba:22:b6:96:
a6:1f:25:90:ff:cc:ba:99:31:3d:05:13:07:b3:ff:
47:83:75:38:7d:28:43:0f:d6:70:5a:f6:85:47:22:
f0:66:94:3b:d3:fb:06:55:f1:6c:98:4a:fe:da:7d:
f7:22:27:68:26:33:ca:1a:f1:0d:d3:ec:d8:4b:30:
c8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C9:BE:0A:C0:E5:2D:51:B0:8B:03:3C:E8:D6:28:47:FA:99:AE:C0
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/p8m-CsDlLVGwiwM86NYoR_qZrsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.48.0/24
188.132.200.0/24
188.132.242.0/24
Signature Algorithm: sha256WithRSAEncryption
67:a1:6e:73:de:d5:a0:0b:c2:05:2d:0b:cc:c8:ca:14:e9:3b:
98:1b:42:a9:a1:8e:d0:74:ce:d8:ea:f5:a6:8b:08:95:a1:b8:
a9:6a:80:b9:bc:cc:2f:31:25:9a:21:74:1a:8d:11:be:04:c5:
b0:82:24:29:57:02:0b:90:94:db:52:5e:c0:85:40:f6:59:e7:
d2:df:ed:c1:38:cf:60:97:f7:63:22:41:53:65:9d:71:f7:c4:
f1:09:83:a5:18:bc:30:37:48:43:71:1e:2a:f4:cd:8a:43:e5:
59:47:36:f5:f6:e2:a4:cc:e4:b8:6a:66:9a:b2:a2:7a:3c:03:
d7:f1:db:9a:67:36:1a:44:58:fd:9d:c2:23:4d:5b:c1:44:a5:
34:e6:2a:af:9b:2f:e5:d7:b4:69:14:79:2c:bc:43:25:5e:d2:
7b:50:40:13:fb:1b:1b:61:b9:f5:f4:6a:18:09:f8:ab:36:27:
c5:53:d7:60:4f:e2:17:ec:e5:69:b1:71:ce:05:19:1e:75:51:
61:da:00:30:99:6f:0d:fd:ce:c6:5a:43:25:de:fd:c7:27:ea:
1a:2f:f2:20:23:c1:db:d6:0c:6e:0f:22:70:ec:ab:1b:5d:e6:
5c:87:4d:02:e1:ce:c9:93:4e:eb:3a:4f:33:6c:87:f5:46:81:
05:4b:60:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr1fjV4PeWglMeVrQsc3pNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDAzMTIyMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2M5YmUwYWMwZTUyZDUxYjA4YjAzM2NlOGQ2Mjg0N2ZhOTlhZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy1w1e8IMcYIlEp5AOCU+7MvwXBy
QNhDXenf8K3cMNsbbn1MXA/g7KHHGsfsm+fdKaHfb8RqHTPGH2eOh/yQO0w2DK55
YI9xycrAGWu37t6bzgUJaPz8N8hxn3S9hjsgKwHiJ0+eHkExSO275FcTtYgSFIPr
5hNhT7XnZ98Y9oF6tenKYz/kcs0EgEFvlKfDs84zipVVMhSKpgQj7p1VdCjRyQE8
2i4+r4j4dqgBFtmNCZFIeMjEq0u3ZHAK6LoitpamHyWQ/8y6mTE9BRMHs/9Hg3U4
fShDD9ZwWvaFRyLwZpQ70/sGVfFsmEr+2n33IidoJjPKGvEN0+zYSzDIewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKfJvgrA5S1RsIsDPOjWKEf6ma7AMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvcDhtLUNzRGxMVkd3aXdNODZOWW9SX3FacnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH9IwAwQA
vITIAwQAvITyMA0GCSqGSIb3DQEBCwUAA4IBAQBnoW5z3tWgC8IFLQvMyMoU6TuY
G0KpoY7QdM7Y6vWmiwiVobipaoC5vMwvMSWaIXQajRG+BMWwgiQpVwILkJTbUl7A
hUD2WefS3+3BOM9gl/djIkFTZZ1x98TxCYOlGLwwN0hDcR4q9M2KQ+VZRzb19uKk
zOS4amaasqJ6PAPX8duaZzYaRFj9ncIjTVvBRKU05iqvmy/l17RpFHksvEMlXtJ7
UEAT+xsbYbn19GoYCfirNifFU9dgT+IX7OVpsXHOBRkedVFh2gAwmW8N/c7GWkMl
3v3HJ+oaL/IgI8Hb1gxuDyJw7KsbXeZch00C4c7Jk07rOk8zbIf1RoEFS2D/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:11 2025 by rpki-client