Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/6af9QKNzxxY5Ym8mxkxl_0SzE44.roa
File: 6af9QKNzxxY5Ym8mxkxl_0SzE44.roa (raw, json)
Hash identifier: HUtirHnKtL3Sje+MBi6lGtr7exeA6MXmMJ9yRwW35pw=
Subject key identifier: E9:A7:FD:40:A3:73:C7:16:39:62:6F:26:C6:4C:65:FF:44:B3:13:8E
Certificate issuer: /CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Certificate serial: 018D8430EDD5B0C0C3B67DC1372036879A78
Authority key identifier: D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/6af9QKNzxxY5Ym8mxkxl_0SzE44.roa
Signing time: Wed 07 Feb 2024 15:30:15 +0000
ROA not before: Wed 07 Feb 2024 15:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 87.236.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:30:ed:d5:b0:c0:c3:b6:7d:c1:37:20:36:87:9a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Validity
Not Before: Feb 7 15:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9a7fd40a373c71639626f26c64c65ff44b3138e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:13:93:58:e3:af:0d:4b:04:2b:db:c2:e6:
dc:9a:da:ab:db:1a:c4:26:1b:b1:85:db:8e:19:4b:
9c:c6:38:9a:60:2a:58:56:53:1b:17:e3:bf:5d:c3:
ce:43:f2:b6:24:9a:73:53:78:ba:29:09:33:f6:b3:
56:0f:2d:69:db:00:5a:9d:c9:95:39:d8:59:77:bc:
ff:de:9c:d7:de:b3:75:10:90:0d:5a:14:70:37:c2:
3f:87:10:96:0a:25:f8:39:a1:a2:c3:40:e8:99:61:
a6:84:b1:29:f0:be:f8:eb:b2:f5:1d:94:59:01:0d:
85:15:2d:ff:93:66:eb:0a:d8:ad:18:b4:48:c1:5d:
8f:55:16:84:3c:e6:6e:e6:e3:0f:a3:8e:35:47:bc:
ba:48:7f:c8:75:dc:86:ac:7a:24:cf:6e:97:c9:d5:
01:44:0f:42:a7:71:5d:ae:6e:9c:02:f0:4a:a5:eb:
47:66:be:6f:91:2f:da:b3:d3:f4:8e:51:75:fe:88:
e8:03:f0:a1:d0:2f:a8:fe:8c:2e:c6:20:97:97:fb:
97:5d:9c:2b:42:1e:7f:8f:86:1d:44:dc:80:0d:d0:
03:96:2f:b9:06:3d:73:a5:71:30:81:cb:30:09:74:
56:ae:5d:c0:e6:74:4e:26:71:ac:80:b5:98:79:34:
81:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A7:FD:40:A3:73:C7:16:39:62:6F:26:C6:4C:65:FF:44:B3:13:8E
X509v3 Authority Key Identifier:
keyid:D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/6af9QKNzxxY5Ym8mxkxl_0SzE44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/0D_r_VN-Mgy77CtOImd7muZvYE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.167.0/24
Signature Algorithm: sha256WithRSAEncryption
57:9b:03:d9:04:a2:b0:a7:34:0f:92:d9:2e:18:0c:61:a0:8e:
fa:f3:f3:00:4e:91:a3:8e:0d:77:9a:85:55:76:f0:fd:3d:dd:
d0:a8:cc:d2:8b:de:50:46:72:93:42:ac:d4:1b:7b:45:12:30:
e2:4e:28:1e:db:12:0e:96:e8:6c:bc:99:02:18:48:d7:f5:c7:
fb:29:aa:60:06:af:c8:e1:a6:54:94:58:e8:d2:e2:ff:4f:1b:
7b:6a:97:a4:86:2e:bd:25:2c:30:79:9d:67:9f:61:5e:91:2e:
df:6e:21:96:ee:ad:2b:3d:49:24:93:9f:34:77:2f:8d:5e:0c:
c6:e7:44:4d:a1:4f:e5:33:75:8e:88:92:dc:70:32:a8:49:06:
93:ad:d3:f6:ac:37:b9:4e:1d:4c:98:92:22:14:78:9b:12:25:
21:83:9d:a5:92:61:3c:b6:79:78:1b:09:7b:88:d6:b5:e1:0c:
de:d3:c6:c8:15:17:63:1e:6c:9e:4d:4b:19:e3:05:84:5e:d2:
04:69:02:c5:2b:18:7b:8e:0d:bf:f6:2a:86:c1:db:2c:26:cf:
7c:ab:25:c7:78:d3:61:b8:a8:10:27:39:f3:47:30:39:4f:1f:
17:1c:cf:6a:59:5d:ab:73:ff:ef:8a:22:89:c3:96:34:88:59:
05:3a:a3:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2EMO3VsMDDtn3BNyA2h5p4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwM2ZlYmZkNTM3ZTMyMGNiYmVjMmI0ZTIyNjc3YjlhZTY2
ZjYwNGUwHhcNMjQwMjA3MTUzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWE3ZmQ0MGEzNzNjNzE2Mzk2MjZmMjZjNjRjNjVmZjQ0YjMxMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8UTk1jjrw1LBCvbwubcmtqr2xrE
JhuxhduOGUucxjiaYCpYVlMbF+O/XcPOQ/K2JJpzU3i6KQkz9rNWDy1p2wBancmV
OdhZd7z/3pzX3rN1EJANWhRwN8I/hxCWCiX4OaGiw0DomWGmhLEp8L7467L1HZRZ
AQ2FFS3/k2brCtitGLRIwV2PVRaEPOZu5uMPo441R7y6SH/IddyGrHokz26XydUB
RA9Cp3Fdrm6cAvBKpetHZr5vkS/as9P0jlF1/ojoA/Ch0C+o/owuxiCXl/uXXZwr
Qh5/j4YdRNyADdADli+5Bj1zpXEwgcswCXRWrl3A5nROJnGsgLWYeTSBtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmn/UCjc8cWOWJvJsZMZf9EsxOOMB8GA1UdIwQY
MBaAFNA/6/1TfjIMu+wrTiJne5rmb2BOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2It
MjgxZmFkZTI4MzRiLzEvNmFmOVFLTnp4eFk1WW04bXhreGxfMFN6RTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2ItMjgxZmFkZTI4MzRi
LzEvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+ynMA0G
CSqGSIb3DQEBCwUAA4IBAQBXmwPZBKKwpzQPktkuGAxhoI768/MATpGjjg13moVV
dvD9Pd3QqMzSi95QRnKTQqzUG3tFEjDiTige2xIOluhsvJkCGEjX9cf7KapgBq/I
4aZUlFjo0uL/Txt7apekhi69JSwweZ1nn2FekS7fbiGW7q0rPUkkk580dy+NXgzG
50RNoU/lM3WOiJLccDKoSQaTrdP2rDe5Th1MmJIiFHibEiUhg52lkmE8tnl4Gwl7
iNa14Qze08bIFRdjHmyeTUsZ4wWEXtIEaQLFKxh7jg2/9iqGwdssJs98qyXHeNNh
uKgQJznzRzA5Tx8XHM9qWV2rc//viiKJw5Y0iFkFOqOu
-----END CERTIFICATE-----
Generated at Thu Feb 29 16:39:22 2024 by rpki-client on console-fra.rpki-client.org