Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/fXhBIcpagt-MvMUl9fIQg1SWhVs.roa
File: fXhBIcpagt-MvMUl9fIQg1SWhVs.roa (raw, json)
Hash identifier: 5CpgrvaCK+JlfyxR4oy6CRq+Ck74QKfLtJ/xyKNi2I0=
Subject key identifier: 7D:78:41:21:CA:5A:82:DF:8C:BC:C5:25:F5:F2:10:83:54:96:85:5B
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 37FD1DC3
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/fXhBIcpagt-MvMUl9fIQg1SWhVs.roa
Signing time: Fri 25 Mar 2022 14:02:23 +0000
ROA not before: Fri 25 Mar 2022 14:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211496
IP address blocks: 188.125.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939335107 (0x37fd1dc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Mar 25 14:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d784121ca5a82df8cbcc525f5f210835496855b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:38:67:e3:7a:88:f3:1e:73:36:5a:e6:24:3d:
ba:4d:cc:d2:87:e0:3e:5e:da:5e:d1:d6:88:c2:bb:
cc:17:c9:58:4f:b1:55:1d:52:e7:74:44:4f:cf:40:
54:7d:99:bd:6d:cf:eb:bb:54:39:56:3c:41:fd:6f:
4b:8d:e9:7d:6d:52:3f:e6:a5:3e:de:a7:e0:ed:3f:
41:01:ee:eb:4f:88:08:ac:f9:7f:1c:dc:14:1a:70:
58:fb:4f:a4:6d:d0:4f:4a:5b:b1:1d:be:f5:e5:0f:
7c:2d:4a:44:de:c3:dd:0d:4d:5c:e7:0b:8e:0d:d2:
ee:0c:cb:ba:0d:1b:94:45:d2:1b:40:8f:f7:5a:f5:
6c:99:57:ce:49:18:98:d4:ab:9f:72:2a:ef:fc:b4:
6b:51:91:0c:94:c3:4d:24:0a:67:7c:bb:62:04:cf:
47:e9:1b:0d:e2:fb:77:78:c6:a4:e3:6a:84:f7:0f:
e2:b1:bb:58:7e:db:88:36:b4:1e:a6:43:5b:68:63:
7f:a9:bd:35:18:0b:fe:09:ea:6a:bc:4f:5e:44:3c:
07:10:24:d3:f8:a4:dd:82:17:04:86:8c:15:0b:0f:
d2:30:f6:41:14:8c:2d:f3:d5:6a:a9:ea:69:b5:5f:
c1:ad:10:0a:5f:1a:72:78:e9:d0:4a:a4:a0:e4:1f:
71:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:78:41:21:CA:5A:82:DF:8C:BC:C5:25:F5:F2:10:83:54:96:85:5B
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/fXhBIcpagt-MvMUl9fIQg1SWhVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.162.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:d4:01:d3:e7:f6:f9:8d:6e:f4:56:00:cc:a1:4d:fc:b5:34:
0d:b6:d3:a8:97:3c:4d:ca:bf:91:bb:41:58:90:98:ce:0e:87:
f4:aa:9d:64:89:03:7f:53:d8:1b:b2:e6:70:2b:0a:40:87:30:
a1:5e:96:81:7a:3e:b5:97:66:ea:7b:b5:30:92:0a:25:bc:cc:
f7:b8:cb:dd:23:28:60:72:95:58:74:83:fd:05:f2:8d:11:ef:
74:f5:6d:62:87:d7:37:2c:4e:47:76:b5:e2:1f:7a:ab:6c:04:
e6:29:a8:a2:19:33:eb:53:27:9f:dc:30:6f:12:d1:be:4d:e4:
f1:dc:29:21:22:81:a5:bb:80:8b:9c:c6:d5:24:3c:b0:34:b2:
9b:2d:cf:0f:21:f8:a6:6c:83:23:f7:41:f7:ed:6a:93:4b:59:
1d:f2:55:a5:da:d9:42:f1:90:b9:b5:d2:32:04:a2:19:98:4f:
18:b7:50:32:50:23:7a:c6:12:24:40:74:21:7f:d0:94:70:8d:
cf:60:ad:ef:f8:5d:5d:c4:ff:a9:d9:32:dd:e0:5b:c0:0c:e5:
e2:bf:8f:0e:06:f0:fa:f2:09:5f:98:02:da:c1:35:cc:19:b2:
23:e3:b2:57:80:7c:af:84:0b:38:fe:73:9d:12:27:0a:42:95:
e9:4c:d9:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN/0dwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDJmNjMzZjc2ZThkOGFhZWFhMzJiNWFjZTE2YTNkYjM5NDNkODBjMB4XDTIyMDMy
NTE0MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q3ODQxMjFjYTVh
ODJkZjhjYmNjNTI1ZjVmMjEwODM1NDk2ODU1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK44Z+N6iPMeczZa5iQ9uk3M0ofgPl7aXtHWiMK7zBfJWE+x
VR1S53RET89AVH2ZvW3P67tUOVY8Qf1vS43pfW1SP+alPt6n4O0/QQHu60+ICKz5
fxzcFBpwWPtPpG3QT0pbsR2+9eUPfC1KRN7D3Q1NXOcLjg3S7gzLug0blEXSG0CP
91r1bJlXzkkYmNSrn3Iq7/y0a1GRDJTDTSQKZ3y7YgTPR+kbDeL7d3jGpONqhPcP
4rG7WH7biDa0HqZDW2hjf6m9NRgL/gnqarxPXkQ8BxAk0/ik3YIXBIaMFQsP0jD2
QRSMLfPVaqnqabVfwa0QCl8acnjp0EqkoOQfcasCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR9eEEhylqC34y8xSX18hCDVJaFWzAfBgNVHSMEGDAWgBRUL2M/dujYquqj
K1rOFqPbOUPYDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZDOWpQM2JvMktycW95dGF6aGFqMnpsRDJBdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvZDZiODc0LWFlYTgtNGI3ZS1iMGQyLTY5Yjk1M2M5ZDVhYS8x
L2ZYaEJJY3BhZ3QtTXZNVWw5ZklRZzFTV2hWcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ZDZiODc0LWFlYTgtNGI3ZS1iMGQyLTY5Yjk1M2M5ZDVhYS8xL1ZDOWpQM2JvMkty
cW95dGF6aGFqMnpsRDJBdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALx9ojANBgkqhkiG9w0BAQsFAAOC
AQEADdQB0+f2+Y1u9FYAzKFN/LU0DbbTqJc8Tcq/kbtBWJCYzg6H9KqdZIkDf1PY
G7LmcCsKQIcwoV6WgXo+tZdm6nu1MJIKJbzM97jL3SMoYHKVWHSD/QXyjRHvdPVt
YofXNyxOR3a14h96q2wE5imoohkz61Mnn9wwbxLRvk3k8dwpISKBpbuAi5zG1SQ8
sDSymy3PDyH4pmyDI/dB9+1qk0tZHfJVpdrZQvGQubXSMgSiGZhPGLdQMlAjesYS
JEB0IX/QlHCNz2Ct7/hdXcT/qdky3eBbwAzl4r+PDgbw+vIJX5gC2sE1zBmyI+Oy
V4B8r4QLOP5znRInCkKV6UzZ9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:47 2024 by rpki-client on console-fra.rpki-client.org