Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/2NhsyzsazSw4sNCK9a0UU5WyEVU.roa
File: 2NhsyzsazSw4sNCK9a0UU5WyEVU.roa (raw, json)
Hash identifier: BegP4z/WTNV0+IUJ/yJScfdplPSiPTZFHuSJ0cwmu1I=
Subject key identifier: D8:D8:6C:CB:3B:1A:CD:2C:38:B0:D0:8A:F5:AD:14:53:95:B2:11:55
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 018CC8DF00E9068A7142AD35D67696DABC00
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/2NhsyzsazSw4sNCK9a0UU5WyEVU.roa
Signing time: Tue 02 Jan 2024 06:31:47 +0000
ROA not before: Tue 02 Jan 2024 06:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 188.125.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:00:e9:06:8a:71:42:ad:35:d6:76:96:da:bc:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 2 06:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8d86ccb3b1acd2c38b0d08af5ad145395b21155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d6:38:59:96:ab:16:34:64:9b:6e:ca:ab:f8:
3a:59:c7:ef:a6:00:46:70:02:c4:45:aa:fe:b6:a1:
0e:5c:e1:41:13:db:c5:ac:d8:0c:af:95:0f:dc:b4:
ff:a3:14:e8:74:bc:21:72:3f:e1:6b:3f:67:12:79:
8d:ba:89:c4:2f:26:1f:f8:02:d2:91:37:24:85:7d:
fe:a4:23:fc:25:a6:c6:85:5e:e4:26:97:8b:4d:54:
0c:04:cd:33:1e:6f:74:d3:14:13:54:03:44:77:60:
46:76:47:8d:91:78:85:7a:83:83:b7:1c:a6:d9:f5:
eb:55:b6:7d:44:80:a4:cb:a8:f1:5e:ba:23:f3:ff:
71:c7:4e:a1:33:0b:6f:e7:c4:36:98:fc:23:b0:f6:
9a:45:e4:c5:7a:f8:3b:61:5b:f7:ba:69:74:c8:5f:
b0:f0:92:93:53:db:5e:a1:28:47:fa:74:41:10:e3:
36:74:f6:fd:4b:44:12:8b:71:c1:77:85:15:a7:b2:
23:3a:33:fb:d3:d6:d0:fc:8b:cd:65:37:24:86:9a:
b3:fc:ee:ca:d2:1e:7d:bd:a3:34:9b:95:48:7e:47:
80:40:0d:fc:60:2e:f9:8f:9c:f0:cf:60:52:ac:bd:
14:dc:b6:f3:c7:f4:64:49:f4:89:79:10:05:cd:c9:
08:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D8:6C:CB:3B:1A:CD:2C:38:B0:D0:8A:F5:AD:14:53:95:B2:11:55
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/2NhsyzsazSw4sNCK9a0UU5WyEVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.162.0/24
Signature Algorithm: sha256WithRSAEncryption
34:d6:54:51:ae:cf:67:99:ad:18:57:ea:c9:7a:b0:d8:38:7a:
d6:48:52:d0:87:1d:66:94:d5:8d:37:63:9c:d6:13:10:f0:d0:
a2:79:93:8b:40:91:43:94:25:90:c8:8f:d0:60:b7:34:fd:a1:
60:78:e2:47:23:6e:69:2e:b3:17:28:e9:0c:75:0c:0a:98:5c:
3c:82:63:7c:fb:fb:ac:19:5e:14:28:11:7c:3f:14:bd:ee:f4:
17:76:fc:93:af:ec:bd:cc:79:50:38:94:80:30:6d:73:d9:74:
76:f1:ca:47:ad:2d:93:3f:53:26:44:20:07:c6:f7:23:79:9a:
a7:02:78:ff:9e:d5:6e:19:9b:c3:dc:a5:66:97:bc:42:d1:bc:
35:b9:30:ed:5a:b8:d2:06:67:d9:cb:db:fb:4f:3b:bd:42:0a:
fc:df:c2:cb:84:dd:c3:e5:d2:58:66:4a:8e:0a:25:f7:6b:94:
15:87:38:d4:cc:b2:a0:64:82:c8:24:48:1f:f6:fc:2a:cc:e6:
ad:02:17:96:b6:20:21:b7:fd:a3:f2:b8:ed:e5:69:0d:91:ae:
68:7c:a8:97:b1:fd:fe:fb:1c:6f:e0:52:2a:95:df:2c:1f:f7:
15:19:d6:e7:da:ca:6f:b1:8c:3a:b3:c1:fb:19:5e:4d:7e:09:
9d:57:ea:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3wDpBopxQq011naW2rwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjQwMTAyMDYzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQ4NmNjYjNiMWFjZDJjMzhiMGQwOGFmNWFkMTQ1Mzk1YjIxMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktY4WZarFjRkm27Kq/g6WcfvpgBG
cALERar+tqEOXOFBE9vFrNgMr5UP3LT/oxTodLwhcj/haz9nEnmNuonELyYf+ALS
kTckhX3+pCP8JabGhV7kJpeLTVQMBM0zHm900xQTVANEd2BGdkeNkXiFeoODtxym
2fXrVbZ9RICky6jxXroj8/9xx06hMwtv58Q2mPwjsPaaReTFevg7YVv3uml0yF+w
8JKTU9teoShH+nRBEOM2dPb9S0QSi3HBd4UVp7IjOjP709bQ/IvNZTckhpqz/O7K
0h59vaM0m5VIfkeAQA38YC75j5zwz2BSrL0U3Lbzx/RkSfSJeRAFzckIqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjYbMs7Gs0sOLDQivWtFFOVshFVMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvMk5oc3l6c2F6U3c0c05DSzlhMFVVNVd5RVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvH2iMA0G
CSqGSIb3DQEBCwUAA4IBAQA01lRRrs9nma0YV+rJerDYOHrWSFLQhx1mlNWNN2Oc
1hMQ8NCieZOLQJFDlCWQyI/QYLc0/aFgeOJHI25pLrMXKOkMdQwKmFw8gmN8+/us
GV4UKBF8PxS97vQXdvyTr+y9zHlQOJSAMG1z2XR28cpHrS2TP1MmRCAHxvcjeZqn
Anj/ntVuGZvD3KVml7xC0bw1uTDtWrjSBmfZy9v7Tzu9Qgr838LLhN3D5dJYZkqO
CiX3a5QVhzjUzLKgZILIJEgf9vwqzOatAheWtiAht/2j8rjt5WkNka5ofKiXsf3+
+xxv4FIqld8sH/cVGdbn2spvsYw6s8H7GV5NfgmdV+rq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:25 2024 by rpki-client on console-ams.rpki-client.org