Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/HW11ebkV_1f9yGoJU4FXZenRxCg.roa
File: HW11ebkV_1f9yGoJU4FXZenRxCg.roa (raw, json)
Hash identifier: f4DfhwxJBm4izYDY485XMFLcwP4SezzoEDlLSE2PHO4=
Subject key identifier: 1D:6D:75:79:B9:15:FF:57:FD:C8:6A:09:53:81:57:65:E9:D1:C4:28
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018CC56DF5613C21A80A0E1021F4209428D7
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/HW11ebkV_1f9yGoJU4FXZenRxCg.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43146
IP address blocks: 194.116.163.0/24 maxlen: 24
194.116.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f5:61:3c:21:a8:0a:0e:10:21:f4:20:94:28:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d6d7579b915ff57fdc86a0953815765e9d1c428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:65:01:48:c4:6d:09:55:81:f7:f6:98:2b:b4:
c9:93:4d:79:67:a3:02:25:6e:7c:0f:9b:eb:e6:0e:
25:fe:30:05:e9:4b:5d:9a:c0:b7:7e:5b:e2:b7:1f:
8c:b6:45:e6:33:c4:9a:9e:c9:04:65:3c:07:0e:a1:
55:98:f1:5e:d9:58:54:19:64:66:54:53:02:68:84:
ff:5e:42:d5:73:24:19:82:dc:43:d0:db:38:3f:32:
34:ad:65:fa:dc:2e:e5:65:c1:db:96:86:1a:86:02:
5f:af:c5:81:42:56:31:c6:c5:a1:61:29:89:ab:6d:
56:2d:d8:50:e7:e1:83:62:7c:a9:69:a8:2f:a7:4d:
2d:83:28:94:7b:6e:dc:f8:75:54:c4:79:a7:0d:f1:
d1:59:28:86:65:6c:2f:e5:2d:bc:aa:46:df:9c:0c:
d9:e5:2f:54:91:8b:47:56:e7:af:4a:03:b7:df:62:
d1:bb:72:bd:7b:48:fb:8e:d2:01:e2:be:20:65:f2:
06:1e:7f:35:37:d1:fa:8f:2a:48:0c:fb:21:1b:a6:
76:fc:01:8a:dc:6a:9e:2f:3a:8d:a6:c6:14:2e:92:
b0:fd:aa:1a:8a:0d:cf:ff:27:f1:13:fd:ce:2f:14:
a7:d2:f4:52:ca:d2:92:2d:52:46:4f:a2:70:4f:4f:
33:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6D:75:79:B9:15:FF:57:FD:C8:6A:09:53:81:57:65:E9:D1:C4:28
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/HW11ebkV_1f9yGoJU4FXZenRxCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.162.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:08:9c:ad:13:21:98:28:02:b1:4e:c6:a8:d1:cf:05:1c:f4:
a5:b3:72:6c:ac:5e:ab:80:70:18:4a:5a:1c:41:57:da:61:20:
8b:89:5e:b7:f6:69:9f:50:d7:7b:20:59:bf:fd:fc:f3:bc:3b:
b5:d7:34:8a:cb:81:61:4d:39:fc:1d:18:3a:a5:40:45:b7:76:
5f:80:f5:0f:b6:88:6c:46:71:2a:86:f6:3c:77:bb:7d:10:82:
8d:70:dd:5a:ef:69:d8:7e:3e:37:5e:48:65:14:87:a2:8f:75:
fb:67:84:25:a0:ca:23:c0:12:68:0a:3c:de:56:fb:c3:56:9c:
1f:bc:2a:75:07:ac:60:e9:1d:be:fb:40:f1:ee:40:2a:d2:7a:
8b:b1:69:a1:d4:87:99:3a:9f:5c:ac:5b:79:c5:6e:9c:12:2d:
eb:90:ba:c9:0f:e2:c4:b8:3c:d3:6a:53:b7:35:70:cc:43:45:
8f:cf:63:7b:ac:6a:5e:a3:d6:6f:c5:b1:2b:1a:4a:07:ef:3a:
9d:7a:34:56:ee:2e:a0:bb:3f:d6:70:81:7c:b8:d3:7a:7a:6e:
0a:fa:65:17:08:08:11:70:20:95:77:fa:eb:4b:04:35:87:4c:
d8:1e:3d:07:ba:81:9f:47:7e:28:f9:ae:e0:61:10:d5:b4:06:
df:ca:5e:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfVhPCGoCg4QIfQglCjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZkNzU3OWI5MTVmZjU3ZmRjODZhMDk1MzgxNTc2NWU5ZDFjNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2UBSMRtCVWB9/aYK7TJk015Z6MC
JW58D5vr5g4l/jAF6UtdmsC3flvitx+MtkXmM8SanskEZTwHDqFVmPFe2VhUGWRm
VFMCaIT/XkLVcyQZgtxD0Ns4PzI0rWX63C7lZcHbloYahgJfr8WBQlYxxsWhYSmJ
q21WLdhQ5+GDYnypaagvp00tgyiUe27c+HVUxHmnDfHRWSiGZWwv5S28qkbfnAzZ
5S9UkYtHVuevSgO332LRu3K9e0j7jtIB4r4gZfIGHn81N9H6jypIDPshG6Z2/AGK
3GqeLzqNpsYULpKw/aoaig3P/yfxE/3OLxSn0vRSytKSLVJGT6JwT08zXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB1tdXm5Ff9X/chqCVOBV2Xp0cQoMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvSFcxMWVia1ZfMWY5eUdvSlU0RlhaZW5SeENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwnSiMA0G
CSqGSIb3DQEBCwUAA4IBAQCMCJytEyGYKAKxTsao0c8FHPSls3JsrF6rgHAYSloc
QVfaYSCLiV639mmfUNd7IFm//fzzvDu11zSKy4FhTTn8HRg6pUBFt3ZfgPUPtohs
RnEqhvY8d7t9EIKNcN1a72nYfj43XkhlFIeij3X7Z4QloMojwBJoCjzeVvvDVpwf
vCp1B6xg6R2++0Dx7kAq0nqLsWmh1IeZOp9crFt5xW6cEi3rkLrJD+LEuDzTalO3
NXDMQ0WPz2N7rGpeo9ZvxbErGkoH7zqdejRW7i6guz/WcIF8uNN6em4K+mUXCAgR
cCCVd/rrSwQ1h0zYHj0HuoGfR34o+a7gYRDVtAbfyl4Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org