Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/717273-6b83-47c2-a343-c5824e422e21/1/wW-a4Qu1Bls0dZXepdOmqI_DNuY.roa
File: wW-a4Qu1Bls0dZXepdOmqI_DNuY.roa (raw, json)
Hash identifier: Ly/KMDsp9SaoF0Y+QGax4fk42oQJT9i82OLkt2ULMKE=
Subject key identifier: C1:6F:9A:E1:0B:B5:06:5B:34:75:95:DE:A5:D3:A6:A8:8F:C3:36:E6
Certificate issuer: /CN=eab6714d719181ebfccd5dcde6cd6295d778ded9
Certificate serial: 018B011DFBA092AC3FD4139A3C6E24FC03E3
Authority key identifier: EA:B6:71:4D:71:91:81:EB:FC:CD:5D:CD:E6:CD:62:95:D7:78:DE:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6rZxTXGRgev8zV3N5s1ildd43tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/717273-6b83-47c2-a343-c5824e422e21/1/wW-a4Qu1Bls0dZXepdOmqI_DNuY.roa
Signing time: Thu 05 Oct 2023 18:33:43 +0000
ROA not before: Thu 05 Oct 2023 18:33:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49223
IP address blocks: 188.244.118.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:1d:fb:a0:92:ac:3f:d4:13:9a:3c:6e:24:fc:03:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eab6714d719181ebfccd5dcde6cd6295d778ded9
Validity
Not Before: Oct 5 18:33:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c16f9ae10bb5065b347595dea5d3a6a88fc336e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:76:ee:75:76:65:38:a2:fe:a7:55:ac:8e:d6:
21:74:5e:81:d0:18:6e:0c:3c:40:74:2f:c6:27:95:
b0:23:bc:92:ed:90:11:d8:4a:ad:0e:20:ed:53:5b:
22:8c:5f:aa:4d:a8:ec:65:9d:8a:cf:b3:3c:3d:52:
bd:0a:d7:88:b3:91:f2:f0:7a:b4:b3:01:8e:03:0d:
74:76:fc:70:08:4e:4a:a6:20:59:65:98:23:00:64:
e9:d9:79:9c:ba:7f:28:11:ea:b9:4f:f7:20:ae:e7:
01:14:4f:a9:e4:cf:f0:ce:e4:d4:9b:0b:48:e0:54:
b5:d9:78:bf:0b:06:09:ad:02:4c:8f:b7:be:5e:0a:
31:de:28:58:8d:57:87:e7:57:5a:09:9e:a6:66:f2:
dc:2c:dd:14:a1:df:36:10:c0:8a:1a:93:f5:e2:64:
ff:17:f4:a2:03:c6:76:38:f5:0a:27:1c:5d:fd:62:
79:bf:d9:da:26:c5:b2:aa:36:1b:c4:3d:a2:22:e6:
97:f9:38:1c:bf:a9:9e:20:b9:63:a8:3d:20:46:4c:
56:96:67:63:1c:f0:27:62:ed:0a:d4:45:42:70:92:
3e:2b:2c:97:e8:e7:b8:0e:bd:34:cb:23:68:1c:6a:
d7:b1:fd:94:26:2a:bc:22:48:0b:11:70:84:8d:02:
b3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6F:9A:E1:0B:B5:06:5B:34:75:95:DE:A5:D3:A6:A8:8F:C3:36:E6
X509v3 Authority Key Identifier:
keyid:EA:B6:71:4D:71:91:81:EB:FC:CD:5D:CD:E6:CD:62:95:D7:78:DE:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6rZxTXGRgev8zV3N5s1ildd43tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/717273-6b83-47c2-a343-c5824e422e21/1/wW-a4Qu1Bls0dZXepdOmqI_DNuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/717273-6b83-47c2-a343-c5824e422e21/1/6rZxTXGRgev8zV3N5s1ildd43tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.244.118.0/24
Signature Algorithm: sha256WithRSAEncryption
01:25:aa:1e:c4:03:13:9a:8d:a8:67:f2:ea:98:4b:41:64:cf:
a4:b0:80:75:5a:09:15:86:b3:38:0b:c4:42:f0:bc:c7:6b:af:
58:cf:51:03:ce:d7:3b:b9:f6:97:22:19:f6:b2:4d:09:a8:c2:
ed:7a:23:44:7f:9b:b5:66:65:4e:34:71:d4:34:98:cf:8e:9e:
35:29:d5:5a:1d:37:c8:f4:ef:3e:32:03:36:1f:c8:fd:54:f1:
17:fd:3a:6e:ab:a3:cc:7b:34:4b:a5:a0:4e:62:17:9a:17:af:
fe:20:4e:aa:5b:dd:3d:07:bb:ff:d8:ad:61:2c:c2:8e:b5:a9:
e7:64:b5:d6:fb:3e:2e:a0:3b:05:b4:bd:10:01:3d:01:e1:cc:
2b:ce:bf:1f:b0:30:dd:3f:52:21:98:31:89:16:a0:5e:f3:38:
3e:ac:61:be:e5:10:40:24:19:b0:a5:fe:9d:1a:bf:5f:08:1b:
a5:c5:d3:33:c4:69:1d:f5:a6:46:e4:fd:a2:ee:93:d8:cc:44:
7d:04:89:bc:f6:50:41:30:c4:a5:e3:7e:ae:5d:57:cf:3b:a5:
25:54:39:ca:c7:d3:ee:54:f3:db:b4:a2:cb:5d:c8:5b:4f:ba:
a3:3b:f0:b6:0b:72:66:af:7b:f0:78:69:3d:9e:7e:4b:b5:b2:
77:b2:94:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsBHfugkqw/1BOaPG4k/APjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYjY3MTRkNzE5MTgxZWJmY2NkNWRjZGU2Y2Q2Mjk1ZDc3
OGRlZDkwHhcNMjMxMDA1MTgzMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTZmOWFlMTBiYjUwNjViMzQ3NTk1ZGVhNWQzYTZhODhmYzMzNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHbudXZlOKL+p1WsjtYhdF6B0Bhu
DDxAdC/GJ5WwI7yS7ZAR2EqtDiDtU1sijF+qTajsZZ2Kz7M8PVK9CteIs5Hy8Hq0
swGOAw10dvxwCE5KpiBZZZgjAGTp2Xmcun8oEeq5T/cgrucBFE+p5M/wzuTUmwtI
4FS12Xi/CwYJrQJMj7e+Xgox3ihYjVeH51daCZ6mZvLcLN0Uod82EMCKGpP14mT/
F/SiA8Z2OPUKJxxd/WJ5v9naJsWyqjYbxD2iIuaX+Tgcv6meILljqD0gRkxWlmdj
HPAnYu0K1EVCcJI+KyyX6Oe4Dr00yyNoHGrXsf2UJiq8IkgLEXCEjQKzHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFvmuELtQZbNHWV3qXTpqiPwzbmMB8GA1UdIwQY
MBaAFOq2cU1xkYHr/M1dzebNYpXXeN7ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnJaeFRYR1JnZXY4elYzTjVzMWlsZGQ0M3RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi83MTcyNzMtNmI4My00N2MyLWEzNDMt
YzU4MjRlNDIyZTIxLzEvd1ctYTRRdTFCbHMwZFpYZXBkT21xSV9ETnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi83MTcyNzMtNmI4My00N2MyLWEzNDMtYzU4MjRlNDIyZTIx
LzEvNnJaeFRYR1JnZXY4elYzTjVzMWlsZGQ0M3RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvPR2MA0G
CSqGSIb3DQEBCwUAA4IBAQABJaoexAMTmo2oZ/LqmEtBZM+ksIB1WgkVhrM4C8RC
8LzHa69Yz1EDztc7ufaXIhn2sk0JqMLteiNEf5u1ZmVONHHUNJjPjp41KdVaHTfI
9O8+MgM2H8j9VPEX/Tpuq6PMezRLpaBOYheaF6/+IE6qW909B7v/2K1hLMKOtann
ZLXW+z4uoDsFtL0QAT0B4cwrzr8fsDDdP1IhmDGJFqBe8zg+rGG+5RBAJBmwpf6d
Gr9fCBulxdMzxGkd9aZG5P2i7pPYzER9BIm89lBBMMSl436uXVfPO6UlVDnKx9Pu
VPPbtKLLXchbT7qjO/C2C3Jmr3vweGk9nn5LtbJ3spRj
-----END CERTIFICATE-----
Generated at Fri Nov 3 10:31:41 2023 by rpki-client on console-fra.rpki-client.org