Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/tnoqZe7dpS2O96Wfnrpm8RKQAY0.roa
File: tnoqZe7dpS2O96Wfnrpm8RKQAY0.roa (raw, json)
Hash identifier: FwHEveMYjDb4Qbcp8+Wxq8Hgz+JgcEbH5GAaay2w1TY=
Subject key identifier: B6:7A:2A:65:EE:DD:A5:2D:8E:F7:A5:9F:9E:BA:66:F1:12:90:01:8D
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CB67F319F27CFD8718FB835D6FDC31045
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/tnoqZe7dpS2O96Wfnrpm8RKQAY0.roa
Signing time: Fri 29 Dec 2023 16:53:58 +0000
ROA not before: Fri 29 Dec 2023 16:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215812
IP address blocks: 188.132.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:7f:31:9f:27:cf:d8:71:8f:b8:35:d6:fd:c3:10:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Dec 29 16:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b67a2a65eedda52d8ef7a59f9eba66f11290018d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:59:b2:ec:fa:53:06:15:a6:fd:18:24:eb:a0:
61:59:f6:29:d5:b5:e0:7f:0d:da:06:ae:e5:61:1b:
d3:2a:1f:b3:82:ee:2b:e4:7e:90:83:2c:03:bd:8c:
bd:9b:13:4a:5b:17:d9:2e:96:f2:3d:44:30:0f:01:
a1:6c:1e:13:9e:b2:a6:58:d7:9a:e0:ec:e6:0c:10:
d4:bf:ee:d6:5d:a9:fa:c2:21:25:51:97:02:b2:0d:
40:e8:4e:8e:ef:67:89:c2:c2:71:eb:ca:ec:1e:53:
71:12:37:8b:75:94:2b:3c:4c:29:b4:62:af:64:79:
8c:77:18:54:a4:6e:d5:d5:6b:7c:8b:9c:16:f0:01:
09:86:98:69:07:61:e8:cc:a6:2a:ac:76:0e:f6:a2:
3f:42:ae:e7:9e:1f:9d:9d:c4:22:76:d9:07:c8:e9:
b9:2b:55:92:13:97:4b:b7:34:e6:f4:c7:b0:00:ad:
85:a2:9e:a0:ae:d6:f4:b2:21:03:e5:99:0c:c3:d5:
29:be:88:79:32:99:2d:7c:22:5b:fc:d7:0b:b4:54:
85:e3:a9:da:ba:e6:d5:a2:cd:be:63:63:6e:72:d7:
13:1d:e2:1e:28:20:24:d8:3e:39:ee:94:c6:17:34:
d5:43:f9:7a:26:c9:7a:fb:87:e2:ba:e4:bf:34:07:
c1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7A:2A:65:EE:DD:A5:2D:8E:F7:A5:9F:9E:BA:66:F1:12:90:01:8D
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/tnoqZe7dpS2O96Wfnrpm8RKQAY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.220.0/24
Signature Algorithm: sha256WithRSAEncryption
55:7c:2c:1d:05:e1:f5:7f:79:c6:03:b4:ed:84:e5:a0:a7:36:
4b:51:09:eb:cd:b6:70:22:71:47:16:64:15:f2:e4:a3:b1:41:
39:33:28:ef:6f:93:6c:02:04:9f:45:af:d8:03:71:d4:8a:df:
3a:a6:03:a3:6f:d4:08:f2:5f:4e:24:b1:24:d0:3d:6d:c3:2e:
90:8b:e8:24:15:48:61:89:a6:ee:87:47:6a:c4:4e:e2:ed:29:
b3:fe:12:bb:86:21:8c:ac:03:5f:97:c2:38:eb:f8:cb:c9:d4:
07:d5:50:fa:a7:ee:65:c4:e8:c5:03:20:a7:62:90:57:ec:e3:
28:b7:88:7e:df:8b:6b:c3:25:f8:25:59:07:bd:8b:75:48:7a:
92:8f:d1:95:02:40:6a:0b:1d:74:a4:c3:0d:8f:14:e1:d6:a7:
98:60:8d:30:42:bf:42:14:41:d2:dd:7e:c2:02:0f:c8:94:0b:
8f:60:65:f8:84:45:17:4f:73:2c:80:04:cf:4d:29:36:2d:1f:
8e:e2:fe:22:8a:bc:86:93:be:08:26:af:b1:ad:f5:0c:65:88:
f8:a0:da:29:8a:49:c8:88:48:ab:3f:21:06:0a:2c:42:2f:35:
8c:28:44:70:eb:46:18:34:1b:56:d4:3c:e2:36:1d:58:e4:63:
09:f6:c4:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy2fzGfJ8/YcY+4Ndb9wxBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMjI5MTY1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjdhMmE2NWVlZGRhNTJkOGVmN2E1OWY5ZWJhNjZmMTEyOTAwMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Vmy7PpTBhWm/Rgk66BhWfYp1bXg
fw3aBq7lYRvTKh+zgu4r5H6QgywDvYy9mxNKWxfZLpbyPUQwDwGhbB4TnrKmWNea
4OzmDBDUv+7WXan6wiElUZcCsg1A6E6O72eJwsJx68rsHlNxEjeLdZQrPEwptGKv
ZHmMdxhUpG7V1Wt8i5wW8AEJhphpB2HozKYqrHYO9qI/Qq7nnh+dncQidtkHyOm5
K1WSE5dLtzTm9MewAK2Fop6grtb0siED5ZkMw9Upvoh5MpktfCJb/NcLtFSF46na
uubVos2+Y2NuctcTHeIeKCAk2D457pTGFzTVQ/l6Jsl6+4fiuuS/NAfB3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZ6KmXu3aUtjveln566ZvESkAGNMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvdG5vcVplN2RwUzJPOTZXZm5ycG04UktRQVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITcMA0G
CSqGSIb3DQEBCwUAA4IBAQBVfCwdBeH1f3nGA7TthOWgpzZLUQnrzbZwInFHFmQV
8uSjsUE5Myjvb5NsAgSfRa/YA3HUit86pgOjb9QI8l9OJLEk0D1twy6Qi+gkFUhh
iabuh0dqxE7i7Smz/hK7hiGMrANfl8I46/jLydQH1VD6p+5lxOjFAyCnYpBX7OMo
t4h+34trwyX4JVkHvYt1SHqSj9GVAkBqCx10pMMNjxTh1qeYYI0wQr9CFEHS3X7C
Ag/IlAuPYGX4hEUXT3MsgATPTSk2LR+O4v4iiryGk74IJq+xrfUMZYj4oNopiknI
iEirPyEGCixCLzWMKERw60YYNBtW1DziNh1Y5GMJ9sT3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org