Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IfRtEzOhCAhEyXS8aSOLMavRFLY.roa
File: IfRtEzOhCAhEyXS8aSOLMavRFLY.roa (raw, json)
Hash identifier: iRm1yxY9Ec2M+ORO2S8U+NFhxiD1CAZb0EqBXiXswq0=
Subject key identifier: 21:F4:6D:13:33:A1:08:08:44:C9:74:BC:69:23:8B:31:AB:D1:14:B6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187F4BA580AFAAD8A5FACC0BC4DCFC4E00A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IfRtEzOhCAhEyXS8aSOLMavRFLY.roa
Signing time: Sun 07 May 2023 05:41:05 +0000
ROA not before: Sun 07 May 2023 05:41:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 178.239.200.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f4:ba:58:0a:fa:ad:8a:5f:ac:c0:bc:4d:cf:c4:e0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 7 05:41:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21f46d1333a1080844c974bc69238b31abd114b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:70:9e:6e:d4:f2:ba:b3:bf:8e:44:b7:9a:26:
72:b8:a9:b3:9e:cb:df:79:53:96:39:88:07:91:30:
69:ba:2b:d0:f9:bd:29:8c:25:15:8b:e7:74:a0:7d:
d2:5f:df:08:76:61:73:8f:ba:3d:d0:e6:c3:b7:84:
52:2a:4d:eb:96:f5:d1:2b:95:9e:a6:27:59:8b:a6:
9c:9a:bb:7d:2b:c1:77:6a:6b:a7:f0:87:f4:38:ce:
de:4f:2f:a5:5f:44:bf:78:69:f3:5c:9d:28:f2:ad:
a1:09:6d:8c:30:fd:5b:e9:88:46:bf:9c:0a:12:57:
fb:bf:3b:49:3a:52:59:49:89:31:c2:ba:96:40:5f:
58:09:36:12:2e:05:ac:f1:f4:d0:3b:fc:69:9a:10:
f6:1e:80:99:9e:f2:55:6a:8a:ce:2f:5a:1a:71:d4:
53:e2:71:b7:82:de:85:ad:05:cb:be:6c:45:a6:78:
30:a7:f5:05:8c:c2:a9:59:a8:f1:5a:4f:90:84:38:
4f:a8:01:53:cc:33:dc:13:e7:58:1b:5a:34:8b:fa:
98:bd:92:f7:33:c6:93:c6:fe:eb:df:9e:9d:f0:e7:
ad:60:ba:c3:11:25:fa:aa:13:01:67:9d:18:3f:12:
04:4c:f0:f7:e5:09:13:ce:90:cd:62:aa:75:cd:d9:
32:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F4:6D:13:33:A1:08:08:44:C9:74:BC:69:23:8B:31:AB:D1:14:B6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IfRtEzOhCAhEyXS8aSOLMavRFLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.132.0/24
178.239.200.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:d0:88:55:2a:66:0f:ef:1c:bf:4a:d7:6d:14:71:09:17:2a:
09:23:aa:97:05:2a:7f:9d:6d:12:0d:37:d0:c1:c6:3b:92:53:
24:1e:f9:13:4c:85:8b:71:82:21:98:3a:7f:f8:0d:18:6e:bd:
2a:9a:b4:06:2d:6e:40:f5:82:cf:df:f3:a6:40:5c:49:62:0a:
c6:b8:96:11:ab:04:c6:8a:9d:f5:ba:b8:f4:f3:fd:4e:df:f8:
10:32:19:3c:f5:eb:0a:3e:a7:48:3b:89:af:a7:39:64:00:0a:
be:dc:6b:0d:26:97:4c:ca:23:8d:a2:6f:a4:26:9a:d1:04:bd:
d7:ea:88:e5:63:2a:57:44:03:a8:9e:f1:61:31:c6:6c:ab:53:
eb:c9:09:66:41:65:4e:7c:38:eb:d7:c4:9c:45:4e:88:ad:5f:
fd:09:6c:6e:be:d1:2e:1a:02:59:f3:d9:d0:ef:f3:49:54:ff:
14:32:e3:73:63:3c:1c:60:0b:1a:2b:cf:58:d1:e8:a9:b0:57:
83:8c:a7:96:7a:da:c1:af:b4:44:23:c7:d8:ea:f5:8e:25:5d:
f0:b2:c0:a1:85:52:61:25:19:10:9f:c8:2d:95:4b:88:d7:be:
91:cb:1d:a4:82:0e:ff:4d:56:00:d8:ab:a7:84:10:fe:8d:7d:
be:08:da:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYf0ulgK+q2KX6zAvE3PxOAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA3MDU0MTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWY0NmQxMzMzYTEwODA4NDRjOTc0YmM2OTIzOGIzMWFiZDExNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXCebtTyurO/jkS3miZyuKmznsvf
eVOWOYgHkTBpuivQ+b0pjCUVi+d0oH3SX98IdmFzj7o90ObDt4RSKk3rlvXRK5We
pidZi6acmrt9K8F3amun8If0OM7eTy+lX0S/eGnzXJ0o8q2hCW2MMP1b6YhGv5wK
Elf7vztJOlJZSYkxwrqWQF9YCTYSLgWs8fTQO/xpmhD2HoCZnvJVaorOL1oacdRT
4nG3gt6FrQXLvmxFpngwp/UFjMKpWajxWk+QhDhPqAFTzDPcE+dYG1o0i/qYvZL3
M8aTxv7r356d8OetYLrDESX6qhMBZ50YPxIETPD35QkTzpDNYqp1zdkyyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCH0bRMzoQgIRMl0vGkjizGr0RS2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSWZSdEV6T2hDQWhFeVhTOGFTT0xNYXZSRkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPsWEAwQA
su/IMA0GCSqGSIb3DQEBCwUAA4IBAQCP0IhVKmYP7xy/StdtFHEJFyoJI6qXBSp/
nW0SDTfQwcY7klMkHvkTTIWLcYIhmDp/+A0Ybr0qmrQGLW5A9YLP3/OmQFxJYgrG
uJYRqwTGip31urj08/1O3/gQMhk89esKPqdIO4mvpzlkAAq+3GsNJpdMyiONom+k
JprRBL3X6ojlYypXRAOonvFhMcZsq1PryQlmQWVOfDjr18ScRU6IrV/9CWxuvtEu
GgJZ89nQ7/NJVP8UMuNzYzwcYAsaK89Y0eipsFeDjKeWetrBr7REI8fY6vWOJV3w
ssChhVJhJRkQn8gtlUuI176Ryx2kgg7/TVYA2KunhBD+jX2+CNpj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org