Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/E2lVmu3ucJqsGetsNibq-yjL4Ig.roa
File: E2lVmu3ucJqsGetsNibq-yjL4Ig.roa (raw, json)
Hash identifier: mfsEiIjb0gCnA17BNalJ/ppRNN73kWCeXHhrRosnWgE=
Subject key identifier: 13:69:55:9A:ED:EE:70:9A:AC:19:EB:6C:36:26:EA:FB:28:CB:E0:88
Certificate issuer: /CN=175e203932401abb457968db37075a17c68f09f6
Certificate serial: 0188528CB25FA22E9AD62114E8681E4E5D94
Authority key identifier: 17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/E2lVmu3ucJqsGetsNibq-yjL4Ig.roa
Signing time: Thu 25 May 2023 10:55:32 +0000
ROA not before: Thu 25 May 2023 10:55:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206592
IP address blocks: 176.105.152.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:8c:b2:5f:a2:2e:9a:d6:21:14:e8:68:1e:4e:5d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175e203932401abb457968db37075a17c68f09f6
Validity
Not Before: May 25 10:55:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1369559aedee709aac19eb6c3626eafb28cbe088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:71:6d:0c:37:03:7d:08:66:d5:7c:c8:e4:5b:
61:f3:dc:c5:57:10:cf:9d:23:8a:af:9e:de:85:a1:
4d:21:97:70:5e:b4:a6:56:2e:ae:f2:b2:dd:4c:7d:
8f:39:7e:ce:7f:47:3c:12:ab:09:89:ab:c2:91:6a:
6c:52:a2:44:72:0c:80:4f:03:f6:fc:bc:a0:2d:a0:
aa:54:77:28:3c:4b:9f:93:45:8e:b6:c2:cb:a3:56:
f2:1c:91:1d:d8:0f:aa:76:d1:04:6d:92:4f:29:1d:
db:49:67:5e:1e:36:0c:72:7f:cc:b2:03:7a:cd:57:
15:1f:78:e9:0c:cf:8e:fa:fc:ca:b9:23:82:ae:b3:
d1:39:54:29:f9:d6:35:38:36:c2:86:96:52:80:f8:
63:90:66:26:be:0c:83:dd:92:91:34:9a:0c:73:2c:
e9:31:11:85:cf:69:6a:9d:09:79:6c:3a:38:06:f5:
71:3e:8d:79:3f:d2:41:4f:c4:8f:4e:17:16:ff:e5:
52:64:0d:37:50:b2:5b:9c:bf:b4:ea:b0:99:43:5a:
37:4f:9b:8b:79:65:b5:e7:10:c1:fc:33:fd:dd:03:
e4:8c:f9:3d:b2:9a:01:89:2e:b7:93:a3:6c:e3:a5:
68:6d:61:7a:64:87:83:c2:63:c6:0d:5c:60:71:f7:
0c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:69:55:9A:ED:EE:70:9A:AC:19:EB:6C:36:26:EA:FB:28:CB:E0:88
X509v3 Authority Key Identifier:
keyid:17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/E2lVmu3ucJqsGetsNibq-yjL4Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/F14gOTJAGrtFeWjbNwdaF8aPCfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.152.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:9f:a7:f0:c6:7e:52:d9:e9:08:fa:58:dd:61:44:6e:d6:e1:
21:c7:69:d7:f9:1e:87:2d:bc:cb:2d:d3:c0:51:5f:b4:47:f9:
78:5c:7d:9f:c6:2b:f3:55:5b:6b:b3:90:6f:36:54:da:7e:d3:
8f:62:db:bd:fb:38:0b:a0:87:55:45:6e:e5:d4:8a:b4:a7:a6:
ea:60:8a:c5:29:ed:28:e3:12:b1:f7:e8:f5:da:34:e3:cd:cb:
1d:ab:af:33:fe:a3:b9:1d:87:48:4f:36:2a:9f:6e:b0:fa:d7:
76:63:ff:7a:cf:c1:ea:91:c4:76:5a:43:43:9d:ee:8d:8e:40:
7a:a3:4f:60:2d:1e:e6:3d:fb:2c:e8:f1:ee:0b:71:8c:73:d4:
33:c0:ab:aa:9e:a3:a3:17:6a:2b:7c:8a:ec:2c:e8:f4:ba:f5:
80:b1:87:8d:fd:6d:4d:d6:60:09:9a:b7:9c:d9:a5:79:df:99:
72:39:a3:e3:3f:b2:3a:34:46:13:90:af:64:2e:be:2a:6b:2f:
6d:f5:99:08:ca:aa:89:ea:64:7a:09:cc:08:f2:e5:ef:97:39:
fd:9a:15:07:18:77:f4:35:7c:01:5d:b3:b6:91:9e:f4:e9:a8:
6a:0a:59:ee:fb:ed:6f:f1:a1:bd:f7:30:be:72:6a:9f:57:ed:
df:ec:fd:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhSjLJfoi6a1iEU6GgeTl2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NWUyMDM5MzI0MDFhYmI0NTc5NjhkYjM3MDc1YTE3YzY4
ZjA5ZjYwHhcNMjMwNTI1MTA1NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzY5NTU5YWVkZWU3MDlhYWMxOWViNmMzNjI2ZWFmYjI4Y2JlMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3FtDDcDfQhm1XzI5Fth89zFVxDP
nSOKr57ehaFNIZdwXrSmVi6u8rLdTH2POX7Of0c8EqsJiavCkWpsUqJEcgyATwP2
/LygLaCqVHcoPEufk0WOtsLLo1byHJEd2A+qdtEEbZJPKR3bSWdeHjYMcn/MsgN6
zVcVH3jpDM+O+vzKuSOCrrPROVQp+dY1ODbChpZSgPhjkGYmvgyD3ZKRNJoMcyzp
MRGFz2lqnQl5bDo4BvVxPo15P9JBT8SPThcW/+VSZA03ULJbnL+06rCZQ1o3T5uL
eWW15xDB/DP93QPkjPk9spoBiS63k6Ns46VobWF6ZIeDwmPGDVxgcfcMSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBNpVZrt7nCarBnrbDYm6vsoy+CIMB8GA1UdIwQY
MBaAFBdeIDkyQBq7RXlo2zcHWhfGjwn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAt
Mzg0YzU0MWE1OWUxLzEvRTJsVm11M3VjSnFzR2V0c05pYnEteWpMNElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAtMzg0YzU0MWE1OWUx
LzEvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsGmYMA0G
CSqGSIb3DQEBCwUAA4IBAQDOn6fwxn5S2ekI+ljdYURu1uEhx2nX+R6HLbzLLdPA
UV+0R/l4XH2fxivzVVtrs5BvNlTaftOPYtu9+zgLoIdVRW7l1Iq0p6bqYIrFKe0o
4xKx9+j12jTjzcsdq68z/qO5HYdITzYqn26w+td2Y/96z8HqkcR2WkNDne6NjkB6
o09gLR7mPfss6PHuC3GMc9QzwKuqnqOjF2orfIrsLOj0uvWAsYeN/W1N1mAJmrec
2aV535lyOaPjP7I6NEYTkK9kLr4qay9t9ZkIyqqJ6mR6CcwI8uXvlzn9mhUHGHf0
NXwBXbO2kZ706ahqClnu++1v8aG99zC+cmqfV+3f7P2J
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:32 2023 by rpki-client on console-fra.rpki-client.org