Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/1-_PC7YXnP_BgEpNSmZb3gO60YpY.roa
File: 1-_PC7YXnP_BgEpNSmZb3gO60YpY.roa (raw, json)
Hash identifier: a+DkWBRx9fPfVlnGO0mnn1K4sfaUvmzDG7+kPIPKxeA=
Subject key identifier: FB:F3:C2:ED:85:E7:3F:F0:60:12:93:52:99:96:F7:80:EE:B4:62:96
Certificate issuer: /CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Certificate serial: 0187B7A6009806B33607C865C16D6959C300
Authority key identifier: CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/1-_PC7YXnP_BgEpNSmZb3gO60YpY.roa
Signing time: Tue 25 Apr 2023 09:02:02 +0000
ROA not before: Tue 25 Apr 2023 09:02:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.235.123.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:a6:00:98:06:b3:36:07:c8:65:c1:6d:69:59:c3:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Validity
Not Before: Apr 25 09:02:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbf3c2ed85e73ff0601293529996f780eeb46296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b0:a1:bd:d3:51:d8:6b:80:b2:2d:f5:ca:02:
73:da:47:a6:5c:93:62:40:f5:31:c4:1b:20:9b:7c:
75:83:31:51:00:75:2b:28:21:76:f6:df:00:a2:fe:
1d:0d:7e:e5:ef:81:63:56:78:52:25:e6:51:cf:18:
c5:a0:10:07:8f:1a:3c:12:88:38:d3:c6:d6:85:8c:
ed:81:fe:b2:67:96:30:14:a0:bd:e2:45:f3:4f:3c:
95:0d:61:a4:f2:8b:43:59:82:a0:9e:6c:50:9f:0d:
6c:a7:fa:0c:d5:52:15:2e:d2:25:24:90:3a:40:97:
0e:f7:e1:f8:11:7e:8b:d2:c9:39:3b:ef:ab:cf:4f:
39:4b:33:06:02:8f:8a:a3:94:76:66:6c:21:3f:d3:
77:21:d3:84:de:19:3b:2b:0c:e1:01:fe:48:67:26:
93:c4:0b:21:ba:29:7b:eb:d6:ee:59:d5:50:ed:cf:
b6:49:7c:0e:4a:17:44:ea:ee:5d:03:77:55:23:fe:
af:e3:ab:8d:cd:27:72:8a:62:a2:62:36:72:5c:f4:
8a:8f:aa:36:d7:85:bf:75:93:46:fb:91:9a:44:75:
77:11:8a:f8:fb:23:8d:40:f0:14:48:85:92:3d:f2:
3a:1e:66:f3:ef:db:12:27:28:5b:ba:ba:df:d3:25:
63:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F3:C2:ED:85:E7:3F:F0:60:12:93:52:99:96:F7:80:EE:B4:62:96
X509v3 Authority Key Identifier:
keyid:CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/1-_PC7YXnP_BgEpNSmZb3gO60YpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/zchAgr6W5gnZ3pgI-8N4Zv60xUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.123.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:e4:21:d0:36:0b:3c:3e:0f:2f:00:a0:73:8f:63:8e:5b:2e:
e8:27:e5:53:a2:26:49:7e:16:a1:9f:a9:ac:59:9e:5e:c8:59:
a5:01:f1:76:c7:90:23:ce:30:ae:9d:db:a9:42:96:4c:06:3d:
53:ed:7b:83:e6:98:dc:59:32:9a:48:3b:42:26:76:2d:d1:34:
a3:61:76:7d:fe:4a:89:4a:97:bd:0f:a6:1f:d7:f2:0e:0a:13:
49:93:0c:49:51:e2:75:c1:65:07:3f:10:0f:30:b2:2e:41:e0:
b8:22:98:15:89:38:d0:84:98:7a:4d:2e:61:fa:47:31:22:e1:
7c:16:3c:a2:75:34:c4:65:1b:03:ff:e4:8a:b7:b2:75:a2:d3:
f0:51:65:27:23:02:99:be:1a:46:4d:ad:b0:f7:a3:44:e4:04:
74:06:2d:8b:86:11:c2:cc:52:7b:e4:09:9c:a5:68:cf:4c:f1:
69:19:0d:a3:a6:50:6d:3a:be:d8:ab:05:15:7c:1c:1c:ac:90:
52:bd:be:bc:30:02:67:3b:f1:36:09:09:1d:d5:8e:71:35:fe:
d5:02:6f:4d:fd:46:64:75:5d:41:9d:ef:14:85:fa:c1:34:b4:
75:e4:a1:0c:6c:47:c5:2c:20:48:c8:91:94:71:84:a0:76:d6:
ed:6e:09:6e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYe3pgCYBrM2B8hlwW1pWcMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYzg0MDgyYmU5NmU2MDlkOWRlOTgwOGZiYzM3ODY2ZmVi
NGM1NGIwHhcNMjMwNDI1MDkwMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmYzYzJlZDg1ZTczZmYwNjAxMjkzNTI5OTk2Zjc4MGVlYjQ2Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobChvdNR2GuAsi31ygJz2kemXJNi
QPUxxBsgm3x1gzFRAHUrKCF29t8Aov4dDX7l74FjVnhSJeZRzxjFoBAHjxo8Eog4
08bWhYztgf6yZ5YwFKC94kXzTzyVDWGk8otDWYKgnmxQnw1sp/oM1VIVLtIlJJA6
QJcO9+H4EX6L0sk5O++rz085SzMGAo+Ko5R2ZmwhP9N3IdOE3hk7KwzhAf5IZyaT
xAshuil769buWdVQ7c+2SXwOShdE6u5dA3dVI/6v46uNzSdyimKiYjZyXPSKj6o2
14W/dZNG+5GaRHV3EYr4+yONQPAUSIWSPfI6Hmbz79sSJyhburrf0yVjkwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvzwu2F5z/wYBKTUpmW94DutGKWMB8GA1UdIwQY
MBaAFM3IQIK+luYJ2d6YCPvDeGb+tMVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMt
Y2JmMTY0ZThiZTAxLzEvMS1fUEM3WVhuUF9CZ0VwTlNtWmIzZ082MFlwWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvYjdiZjk0LTM3N2ItNDQwMC04YjljLWNiZjE2NGU4YmUw
MS8xL3pjaEFncjZXNWduWjNwZ0ktOE40WnY2MHhVcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACXrezAN
BgkqhkiG9w0BAQsFAAOCAQEADOQh0DYLPD4PLwCgc49jjlsu6CflU6ImSX4WoZ+p
rFmeXshZpQHxdseQI84wrp3bqUKWTAY9U+17g+aY3Fkymkg7QiZ2LdE0o2F2ff5K
iUqXvQ+mH9fyDgoTSZMMSVHidcFlBz8QDzCyLkHguCKYFYk40ISYek0uYfpHMSLh
fBY8onU0xGUbA//kireydaLT8FFlJyMCmb4aRk2tsPejROQEdAYti4YRwsxSe+QJ
nKVoz0zxaRkNo6ZQbTq+2KsFFXwcHKyQUr2+vDACZzvxNgkJHdWOcTX+1QJvTf1G
ZHVdQZ3vFIX6wTS0deShDGxHxSwgSMiRlHGEoHbW7W4Jbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:07 2024 by rpki-client on console-ams.rpki-client.org