Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/gBgTg9SzuPbk1I2J1u9YWFj4670.roa
File: gBgTg9SzuPbk1I2J1u9YWFj4670.roa (raw, json)
Hash identifier: QkhGeJQtHDpyecC8JN2FaTvTQLtojasJ/Zzdbui6mZM=
Subject key identifier: 80:18:13:83:D4:B3:B8:F6:E4:D4:8D:89:D6:EF:58:58:58:F8:EB:BD
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 018CC8DF03D0F653FB3341F208A1D3E43B43
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/gBgTg9SzuPbk1I2J1u9YWFj4670.roa
Signing time: Tue 02 Jan 2024 06:31:47 +0000
ROA not before: Tue 02 Jan 2024 06:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211496
IP address blocks: 188.125.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:03:d0:f6:53:fb:33:41:f2:08:a1:d3:e4:3b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 2 06:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80181383d4b3b8f6e4d48d89d6ef585858f8ebbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1a:d1:7a:4f:a5:c6:d7:9b:a2:5d:67:76:98:
f8:15:7b:8a:88:07:97:d5:ab:97:03:ad:4a:2e:a1:
b7:83:01:6b:8a:32:b8:18:a3:e1:d4:27:fc:71:cf:
24:c4:d1:b1:1c:7b:e5:04:6d:8e:bd:d4:1e:ff:26:
28:7a:5a:6c:b7:2c:b0:5f:21:60:06:14:f8:de:42:
04:d3:11:43:34:59:f2:c3:56:14:66:b7:54:32:e8:
71:31:9e:c3:c6:98:26:d3:ca:f5:60:b6:6c:8c:87:
ff:aa:3a:d7:c4:c1:a6:c4:23:85:be:58:e0:5d:2c:
49:7d:e3:75:33:7f:ca:56:5e:c3:b5:6b:4f:80:0a:
d7:fc:40:f4:6a:d4:0a:1c:81:7f:ed:71:8d:83:7d:
a6:7c:98:e2:28:0d:47:8f:92:9c:6b:e7:47:44:14:
d3:ee:77:fb:56:8b:6d:0b:d3:dc:13:14:76:77:f2:
2a:1a:fd:c6:85:1b:4a:88:48:ae:01:1f:2e:1a:fb:
ee:85:34:d6:c1:69:a2:9e:18:80:b9:20:08:63:09:
d0:2e:05:ea:ee:79:7d:9e:38:68:ba:e5:63:2e:51:
d8:7d:c9:5d:86:d1:bd:63:3c:51:0f:ef:36:18:b5:
b5:04:83:94:99:eb:56:2b:35:04:29:db:6b:dc:61:
c3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:18:13:83:D4:B3:B8:F6:E4:D4:8D:89:D6:EF:58:58:58:F8:EB:BD
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/gBgTg9SzuPbk1I2J1u9YWFj4670.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.162.0/24
Signature Algorithm: sha256WithRSAEncryption
53:04:5b:5a:04:4d:ec:d2:b8:27:fd:85:08:b2:6f:03:7a:ab:
5e:85:7a:ab:e2:0d:ca:fd:57:30:97:0f:d4:e9:b6:81:58:00:
0b:03:e4:ea:ff:5a:d6:f8:a4:05:d5:fc:5c:6e:d9:e9:7b:7a:
6b:1a:c7:03:78:48:fe:af:2d:19:5c:00:ba:3a:76:3f:9e:e9:
7e:5b:27:ef:85:c0:6f:0e:97:a1:52:ce:26:c0:56:ac:28:ec:
dc:59:99:78:0f:01:2f:1f:4c:ec:9a:2d:bb:83:43:6b:72:6f:
de:ec:8a:dc:56:77:2d:98:b2:39:b6:be:91:b6:4c:be:87:a7:
c9:67:56:4e:75:c4:9f:f0:45:66:84:3b:90:5c:ad:2d:2e:c2:
a4:f3:8e:66:33:2d:a1:bc:a2:bb:0e:d5:61:c4:66:4f:26:fa:
cb:aa:c4:a3:13:56:50:2e:d3:0f:c6:d0:6d:14:48:6d:c0:2f:
96:2c:36:f1:e4:f9:f9:74:ab:86:a9:63:c9:1f:e2:ad:45:77:
4d:6b:3b:de:5c:3f:6c:a1:fc:03:38:db:9e:60:79:17:79:6a:
b4:34:0a:2e:1f:f1:3b:69:b6:70:16:8d:ef:d7:c1:eb:b6:d3:
a7:72:21:e4:16:5a:8c:ae:e9:a6:3a:d1:ed:59:e7:14:e8:25:
e3:5b:90:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3wPQ9lP7M0HyCKHT5DtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjQwMTAyMDYzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE4MTM4M2Q0YjNiOGY2ZTRkNDhkODlkNmVmNTg1ODU4ZjhlYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xrRek+lxtebol1ndpj4FXuKiAeX
1auXA61KLqG3gwFrijK4GKPh1Cf8cc8kxNGxHHvlBG2OvdQe/yYoelpstyywXyFg
BhT43kIE0xFDNFnyw1YUZrdUMuhxMZ7Dxpgm08r1YLZsjIf/qjrXxMGmxCOFvljg
XSxJfeN1M3/KVl7DtWtPgArX/ED0atQKHIF/7XGNg32mfJjiKA1Hj5Kca+dHRBTT
7nf7VottC9PcExR2d/IqGv3GhRtKiEiuAR8uGvvuhTTWwWminhiAuSAIYwnQLgXq
7nl9njhouuVjLlHYfcldhtG9YzxRD+82GLW1BIOUmetWKzUEKdtr3GHDSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAYE4PUs7j25NSNidbvWFhY+Ou9MB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvZ0JnVGc5U3p1UGJrMUkySjF1OVlXRmo0NjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvH2iMA0G
CSqGSIb3DQEBCwUAA4IBAQBTBFtaBE3s0rgn/YUIsm8DeqtehXqr4g3K/Vcwlw/U
6baBWAALA+Tq/1rW+KQF1fxcbtnpe3prGscDeEj+ry0ZXAC6OnY/nul+WyfvhcBv
DpehUs4mwFasKOzcWZl4DwEvH0zsmi27g0Nrcm/e7IrcVnctmLI5tr6Rtky+h6fJ
Z1ZOdcSf8EVmhDuQXK0tLsKk845mMy2hvKK7DtVhxGZPJvrLqsSjE1ZQLtMPxtBt
FEhtwC+WLDbx5Pn5dKuGqWPJH+KtRXdNazveXD9sofwDONueYHkXeWq0NAouH/E7
abZwFo3v18HrttOnciHkFlqMrummOtHtWecU6CXjW5CT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:47 2024 by rpki-client on console-fra.rpki-client.org