Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/qedS3vD0YIJDcdqv7bWsL096fhA.roa
File: qedS3vD0YIJDcdqv7bWsL096fhA.roa (raw, json)
Hash identifier: AhKXFC5WX6g10lZxJMr6EBytqLVZWkWNor8hS4zBVKA=
Subject key identifier: A9:E7:52:DE:F0:F4:60:82:43:71:DA:AF:ED:B5:AC:2F:4F:7A:7E:10
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CC50126074DD1A09B906AF033BC2001ED
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/qedS3vD0YIJDcdqv7bWsL096fhA.roa
Signing time: Mon 01 Jan 2024 12:30:35 +0000
ROA not before: Mon 01 Jan 2024 12:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200673
IP address blocks: 188.132.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:26:07:4d:d1:a0:9b:90:6a:f0:33:bc:20:01:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Jan 1 12:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9e752def0f460824371daafedb5ac2f4f7a7e10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:39:4c:df:49:63:15:54:96:bf:c5:73:eb:b7:
4f:66:4e:97:83:61:a3:57:00:45:b8:5f:4a:3f:98:
56:63:14:e6:64:62:49:fd:50:67:04:43:ef:3e:fb:
cb:bc:95:67:83:bc:d0:59:88:f6:78:30:7f:77:a9:
7d:ea:d4:96:a9:c0:06:02:de:fa:87:ec:74:91:18:
ba:4a:a9:1a:3e:9d:c9:fe:f8:a4:6e:c3:cc:ac:bf:
5f:87:c9:7b:06:5b:a2:ce:d2:ee:d7:11:dd:10:25:
02:79:23:1b:2d:42:f3:52:13:94:e0:a4:36:8f:d7:
c1:27:c4:d4:31:1d:16:54:41:9e:c4:f0:f4:df:ae:
8a:ae:22:3e:23:ba:c6:c3:b3:f1:6f:14:76:52:f1:
01:ed:49:e9:74:59:8b:71:ee:41:7d:cf:ab:87:bb:
7e:60:81:86:63:6e:44:7d:d2:45:11:98:55:b3:a4:
3a:98:1e:77:f7:a0:87:03:d3:4d:ad:c5:af:63:52:
db:23:43:9a:f7:18:59:af:ba:b8:aa:6b:20:68:75:
d0:ba:61:0e:48:11:74:64:37:c8:b0:ff:66:cf:7a:
9b:b3:89:be:f9:da:ef:c9:62:ed:43:53:09:e5:4b:
6a:d8:b1:df:25:2e:04:4d:c5:b9:25:12:d9:c2:7a:
05:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E7:52:DE:F0:F4:60:82:43:71:DA:AF:ED:B5:AC:2F:4F:7A:7E:10
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/qedS3vD0YIJDcdqv7bWsL096fhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.219.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:8a:26:eb:9e:2d:41:8a:21:f1:d0:5f:09:c5:46:c7:ab:7b:
ed:2d:8a:eb:0e:91:f4:64:d4:68:ec:ac:76:92:ba:e6:70:ff:
29:ed:76:3b:e1:3b:cf:7f:27:76:34:05:2c:ac:0e:47:ae:f8:
43:a7:dc:fb:75:85:5e:55:39:96:55:bd:17:86:2b:29:ca:d4:
18:6f:0e:8d:17:15:0e:15:d0:1d:e9:d8:82:d7:11:88:e3:fc:
46:bc:28:d4:17:1d:22:c5:47:8d:48:18:87:7a:b5:b4:33:0d:
7e:86:0e:f1:33:d8:14:93:10:9c:62:f9:8a:d5:38:8f:58:c4:
0c:c1:7c:43:12:90:78:08:5b:35:77:77:f5:8c:a6:e7:e5:cb:
f0:ca:35:b3:17:b9:cf:fa:35:c0:66:df:a9:38:67:24:47:01:
91:75:01:44:d1:e5:88:19:37:c8:47:36:dc:d5:91:27:82:aa:
ec:d8:da:2a:ad:b5:17:a6:ac:7f:e7:40:6e:17:65:05:cd:24:
0c:24:66:75:fe:25:91:49:87:6a:ac:0b:41:d6:da:9c:ae:98:
9b:74:c2:44:ea:25:b0:d7:3b:fb:5d:17:ea:78:eb:ec:84:93:
b7:03:80:21:9c:29:40:8d:a1:48:30:61:53:bb:27:c5:21:61:
41:a6:6c:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASYHTdGgm5Bq8DO8IAHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwMTAxMTIzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU3NTJkZWYwZjQ2MDgyNDM3MWRhYWZlZGI1YWMyZjRmN2E3ZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zlM30ljFVSWv8Vz67dPZk6Xg2Gj
VwBFuF9KP5hWYxTmZGJJ/VBnBEPvPvvLvJVng7zQWYj2eDB/d6l96tSWqcAGAt76
h+x0kRi6SqkaPp3J/vikbsPMrL9fh8l7BluiztLu1xHdECUCeSMbLULzUhOU4KQ2
j9fBJ8TUMR0WVEGexPD0366KriI+I7rGw7PxbxR2UvEB7UnpdFmLce5Bfc+rh7t+
YIGGY25EfdJFEZhVs6Q6mB5396CHA9NNrcWvY1LbI0Oa9xhZr7q4qmsgaHXQumEO
SBF0ZDfIsP9mz3qbs4m++drvyWLtQ1MJ5Utq2LHfJS4ETcW5JRLZwnoF5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnnUt7w9GCCQ3Har+21rC9Pen4QMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvcWVkUzN2RDBZSUpEY2RxdjdiV3NMMDk2ZmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITbMA0G
CSqGSIb3DQEBCwUAA4IBAQBsiibrni1BiiHx0F8JxUbHq3vtLYrrDpH0ZNRo7Kx2
krrmcP8p7XY74TvPfyd2NAUsrA5HrvhDp9z7dYVeVTmWVb0XhispytQYbw6NFxUO
FdAd6diC1xGI4/xGvCjUFx0ixUeNSBiHerW0Mw1+hg7xM9gUkxCcYvmK1TiPWMQM
wXxDEpB4CFs1d3f1jKbn5cvwyjWzF7nP+jXAZt+pOGckRwGRdQFE0eWIGTfIRzbc
1ZEngqrs2NoqrbUXpqx/50BuF2UFzSQMJGZ1/iWRSYdqrAtB1tqcrpibdMJE6iWw
1zv7XRfqeOvshJO3A4AhnClAjaFIMGFTuyfFIWFBpmyv
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:10:46 2024 by rpki-client on console-ams.rpki-client.org