Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/q8iR1Trw7Cy15Z97ssnTgHgWAUA.roa
File: q8iR1Trw7Cy15Z97ssnTgHgWAUA.roa (raw, json)
Hash identifier: /1WsIoJMDi8ppXQS+ezy4dx5DZF6wnxLLazU6aD+uXg=
Subject key identifier: AB:C8:91:D5:3A:F0:EC:2C:B5:E5:9F:7B:B2:C9:D3:80:78:16:01:40
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018D66C05137ADEB02E7FC7BCBF4450A59E6
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/q8iR1Trw7Cy15Z97ssnTgHgWAUA.roa
Signing time: Thu 01 Feb 2024 22:18:16 +0000
ROA not before: Thu 01 Feb 2024 22:18:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215723
IP address blocks: 188.132.233.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:66:c0:51:37:ad:eb:02:e7:fc:7b:cb:f4:45:0a:59:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Feb 1 22:18:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abc891d53af0ec2cb5e59f7bb2c9d38078160140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:83:e1:59:25:7d:00:2e:b6:84:ea:eb:19:c8:
63:57:0f:20:8b:4a:2c:a1:a9:cf:a7:bd:43:a1:cf:
39:35:98:7e:f1:ef:63:23:7e:f6:d9:17:ee:9b:0b:
42:bc:a8:18:28:f7:97:7d:c6:bd:6b:4f:dd:74:ae:
01:b0:c0:eb:0d:6d:8e:23:b0:67:82:1d:4b:f8:01:
6b:8e:c6:fe:b8:db:ca:48:9c:62:ed:ca:7b:b5:2e:
b2:73:b2:cd:dd:65:ae:92:5e:2d:d2:d3:43:8c:ef:
29:28:83:4c:f2:c6:0e:8b:ba:7a:30:b7:4f:f1:17:
dd:14:22:8e:0a:8e:0a:55:64:b3:7a:62:c4:31:6d:
ad:00:dd:7e:f9:5d:2e:2e:1e:c0:7d:64:b9:f2:f8:
d6:34:5d:5b:2d:fa:5f:58:c1:aa:84:51:d0:ee:d3:
89:c9:95:3c:f0:31:e9:1d:e8:a2:a9:d4:df:93:7a:
ad:17:d0:4c:38:cf:02:24:6b:9c:e7:f0:24:97:42:
01:54:14:e1:76:e0:8d:5c:c1:88:6e:de:27:64:cb:
48:b0:63:b4:0e:f7:ad:c0:36:da:a5:5f:12:10:3d:
84:31:de:25:35:89:3b:e8:c5:1b:ac:bd:f7:da:8e:
27:a2:aa:1a:56:ec:ab:07:b7:77:63:08:06:ac:9c:
c9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C8:91:D5:3A:F0:EC:2C:B5:E5:9F:7B:B2:C9:D3:80:78:16:01:40
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/q8iR1Trw7Cy15Z97ssnTgHgWAUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.233.0/24
Signature Algorithm: sha256WithRSAEncryption
78:9c:98:a6:01:d0:6e:b0:82:56:8e:91:c1:6a:c9:73:60:4f:
b8:e8:98:4a:9e:ae:36:ba:fa:22:87:05:1d:bc:00:6d:41:76:
48:36:00:90:cb:7e:db:05:53:15:ae:1a:11:d8:0a:5e:2b:a0:
09:0e:f0:df:c9:74:9d:17:8c:f4:06:47:32:39:bd:6d:2d:e4:
d2:08:07:22:d1:60:c0:a1:f2:66:93:c8:17:6a:7a:e2:05:0b:
e7:fb:69:9c:f2:82:43:7d:10:83:38:62:af:1a:48:64:d3:73:
6a:97:3b:28:57:40:3b:cc:77:fb:81:45:20:78:90:76:30:04:
91:7b:e1:da:50:68:0c:34:44:03:80:06:c6:d4:aa:d4:19:1c:
52:68:05:f3:fc:f1:16:ea:56:c5:1f:b8:12:88:91:fd:ab:cf:
9a:d3:91:38:9c:51:0d:07:3f:63:e4:38:4d:47:45:0b:16:9e:
58:9e:89:c6:39:3f:a5:94:b1:ba:2c:39:51:c4:74:30:78:b5:
91:fa:17:5e:20:de:2d:40:b5:98:10:0e:ac:e9:ac:44:56:6e:
e5:0b:38:31:1e:7f:23:43:13:f1:2a:2b:4f:fa:eb:46:61:63:
1b:5f:e2:50:39:25:1c:dd:fd:69:27:0f:5f:cd:52:db:92:14:
0a:7d:48:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1mwFE3resC5/x7y/RFClnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwMjAxMjIxODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM4OTFkNTNhZjBlYzJjYjVlNTlmN2JiMmM5ZDM4MDc4MTYwMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYPhWSV9AC62hOrrGchjVw8gi0os
oanPp71Doc85NZh+8e9jI3722RfumwtCvKgYKPeXfca9a0/ddK4BsMDrDW2OI7Bn
gh1L+AFrjsb+uNvKSJxi7cp7tS6yc7LN3WWukl4t0tNDjO8pKINM8sYOi7p6MLdP
8RfdFCKOCo4KVWSzemLEMW2tAN1++V0uLh7AfWS58vjWNF1bLfpfWMGqhFHQ7tOJ
yZU88DHpHeiiqdTfk3qtF9BMOM8CJGuc5/Akl0IBVBThduCNXMGIbt4nZMtIsGO0
DvetwDbapV8SED2EMd4lNYk76MUbrL332o4noqoaVuyrB7d3YwgGrJzJ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvIkdU68OwsteWfe7LJ04B4FgFAMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvcThpUjFUcnc3Q3kxNVo5N3NzblRnSGdXQVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITpMA0G
CSqGSIb3DQEBCwUAA4IBAQB4nJimAdBusIJWjpHBaslzYE+46JhKnq42uvoihwUd
vABtQXZINgCQy37bBVMVrhoR2ApeK6AJDvDfyXSdF4z0BkcyOb1tLeTSCAci0WDA
ofJmk8gXanriBQvn+2mc8oJDfRCDOGKvGkhk03NqlzsoV0A7zHf7gUUgeJB2MASR
e+HaUGgMNEQDgAbG1KrUGRxSaAXz/PEW6lbFH7gSiJH9q8+a05E4nFENBz9j5DhN
R0ULFp5YnonGOT+llLG6LDlRxHQweLWR+hdeIN4tQLWYEA6s6axEVm7lCzgxHn8j
QxPxKitP+utGYWMbX+JQOSUc3f1pJw9fzVLbkhQKfUim
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:12:37 2024 by rpki-client on console-fra.rpki-client.org