Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/4Wv6cxwarzizzEeqjBrokooTcKM.roa
File: 4Wv6cxwarzizzEeqjBrokooTcKM.roa (raw, json)
Hash identifier: MByyZyKsin2GAnZzO5/3HHsBJP/eKWJOp8OuhfKx5CE=
Subject key identifier: E1:6B:FA:73:1C:1A:AF:38:B3:CC:47:AA:8C:1A:E8:92:8A:13:70:A3
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 01857246BAF2CB21CFA3D398BA03D753547D
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/4Wv6cxwarzizzEeqjBrokooTcKM.roa
Signing time: Mon 02 Jan 2023 11:38:36 +0000
ROA not before: Mon 02 Jan 2023 11:38:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211496
IP address blocks: 188.125.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ba:f2:cb:21:cf:a3:d3:98:ba:03:d7:53:54:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 2 11:38:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e16bfa731c1aaf38b3cc47aa8c1ae8928a1370a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ed:38:25:11:77:df:e9:33:b1:b3:07:2e:a9:
d0:ad:33:be:d8:f3:83:09:a5:67:31:58:68:57:71:
60:a6:f3:b3:73:50:10:f6:4b:bc:19:62:11:b9:4f:
6d:fd:be:c9:7d:9c:6e:da:d9:9b:f8:74:66:69:dd:
0e:10:35:61:ef:16:7b:02:37:38:af:e1:70:b9:5b:
dc:19:f6:f9:22:27:9e:30:ad:e4:ba:c4:25:79:29:
fe:c9:13:2b:6b:14:a1:ae:06:43:96:bd:c8:6d:c9:
00:cf:9a:61:8d:76:9c:d8:cf:4b:90:56:ee:6b:d9:
fb:3d:8c:63:75:6a:49:59:73:95:cf:a6:33:af:67:
49:47:86:58:31:71:09:67:59:e1:91:d7:62:13:fb:
e1:2e:d0:92:6b:7a:b4:ec:7f:fe:dc:0d:2e:95:48:
da:8c:c9:ed:86:54:1a:b1:a5:a3:6b:5c:45:fc:5d:
67:c5:02:8f:fe:7d:03:01:40:34:bc:d6:0e:ef:72:
9e:48:5c:1a:b1:5f:89:b5:d5:46:98:b8:ae:4c:ad:
57:a7:32:ae:58:f8:2d:06:43:48:e9:8d:f2:1a:f5:
a2:83:85:0e:68:1f:37:b4:15:dd:32:a3:b5:11:6b:
c2:53:70:59:dc:f9:4b:30:87:63:93:19:48:43:a3:
43:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:6B:FA:73:1C:1A:AF:38:B3:CC:47:AA:8C:1A:E8:92:8A:13:70:A3
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/4Wv6cxwarzizzEeqjBrokooTcKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.162.0/24
Signature Algorithm: sha256WithRSAEncryption
32:f2:60:b3:c8:76:da:57:97:24:88:ca:7b:17:dd:a7:e9:8a:
31:c4:92:8e:70:5a:4d:00:10:29:8b:3b:60:60:a8:16:ad:c3:
aa:b2:f6:7e:3a:f3:52:2d:44:0d:02:8b:4c:13:41:b1:d6:0b:
14:b9:9e:eb:e9:95:1b:e7:91:93:89:2a:9b:6c:2c:13:3b:bf:
44:ac:55:52:00:be:66:ac:28:94:a6:81:fd:ae:30:4b:f1:7d:
f8:46:5e:82:0b:02:06:8c:ce:4d:8d:e1:8f:d5:cb:c7:84:73:
79:b0:ba:d2:d8:14:7f:68:29:63:06:be:f3:11:5a:1a:e4:8a:
c0:d6:28:b6:36:fb:02:b6:77:2e:82:2d:eb:db:1d:55:70:69:
1d:d5:fb:86:3a:5b:91:04:d0:b9:f1:7b:d5:c4:01:f0:e3:1b:
96:1d:e8:65:86:3c:72:9a:64:0e:8a:2b:0f:e0:90:c7:e2:35:
31:e2:57:39:92:c9:95:51:a2:58:36:f4:ef:eb:ed:d6:5e:6d:
2c:42:ab:d4:bf:6a:0e:3c:8a:df:c3:13:cf:ee:89:d9:48:7b:
a1:4c:34:86:a2:1e:b5:59:3a:25:c6:09:0a:7a:3e:a9:92:98:
64:3b:5a:04:4b:78:23:df:07:d5:85:ff:4a:89:00:51:d4:d6:
c1:85:ab:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRrryyyHPo9OYugPXU1R9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjMwMTAyMTEzODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTZiZmE3MzFjMWFhZjM4YjNjYzQ3YWE4YzFhZTg5MjhhMTM3MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO04JRF33+kzsbMHLqnQrTO+2POD
CaVnMVhoV3FgpvOzc1AQ9ku8GWIRuU9t/b7JfZxu2tmb+HRmad0OEDVh7xZ7Ajc4
r+FwuVvcGfb5IieeMK3kusQleSn+yRMraxShrgZDlr3IbckAz5phjXac2M9LkFbu
a9n7PYxjdWpJWXOVz6Yzr2dJR4ZYMXEJZ1nhkddiE/vhLtCSa3q07H/+3A0ulUja
jMnthlQasaWja1xF/F1nxQKP/n0DAUA0vNYO73KeSFwasV+JtdVGmLiuTK1XpzKu
WPgtBkNI6Y3yGvWig4UOaB83tBXdMqO1EWvCU3BZ3PlLMIdjkxlIQ6NDxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFr+nMcGq84s8xHqowa6JKKE3CjMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvNFd2NmN4d2Fyeml6ekVlcWpCcm9rb29UY0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvH2iMA0G
CSqGSIb3DQEBCwUAA4IBAQAy8mCzyHbaV5ckiMp7F92n6YoxxJKOcFpNABApiztg
YKgWrcOqsvZ+OvNSLUQNAotME0Gx1gsUuZ7r6ZUb55GTiSqbbCwTO79ErFVSAL5m
rCiUpoH9rjBL8X34Rl6CCwIGjM5NjeGP1cvHhHN5sLrS2BR/aCljBr7zEVoa5IrA
1ii2NvsCtncugi3r2x1VcGkd1fuGOluRBNC58XvVxAHw4xuWHehlhjxymmQOiisP
4JDH4jUx4lc5ksmVUaJYNvTv6+3WXm0sQqvUv2oOPIrfwxPP7onZSHuhTDSGoh61
WTolxgkKej6pkphkO1oES3gj3wfVhf9KiQBR1NbBhauO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:47 2024 by rpki-client on console-fra.rpki-client.org