Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/is2tfPORc5EshAYYg2Fr2G_WHmQ.roa
File: is2tfPORc5EshAYYg2Fr2G_WHmQ.roa (raw, json)
Hash identifier: 5KGXbn95+q+3VmE/bsAwFOLaM3PvklIzLoR9nPE1w8s=
Subject key identifier: 8A:CD:AD:7C:F3:91:73:91:2C:84:06:18:83:61:6B:D8:6F:D6:1E:64
Certificate issuer: /CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Certificate serial: 018D8430F0A1B8647489BE0291A0C32F70D7
Authority key identifier: D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/is2tfPORc5EshAYYg2Fr2G_WHmQ.roa
Signing time: Wed 07 Feb 2024 15:30:16 +0000
ROA not before: Wed 07 Feb 2024 15:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62447
IP address blocks: 194.26.227.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:30:f0:a1:b8:64:74:89:be:02:91:a0:c3:2f:70:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Validity
Not Before: Feb 7 15:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8acdad7cf39173912c84061883616bd86fd61e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a4:64:75:ca:40:bc:57:de:dd:1a:80:a0:05:
95:11:1d:48:b5:5c:79:12:e7:7b:10:a0:49:89:83:
f5:a2:f5:e7:cc:3f:16:03:7e:ef:3c:1a:ba:80:b9:
21:5d:24:00:59:15:29:76:4c:8e:78:c8:e5:11:cf:
a2:67:f1:10:2e:ac:0c:db:69:f7:ac:7d:71:1e:6c:
b0:dd:27:fb:b7:a7:bc:17:f6:a4:f6:e5:86:ba:5e:
69:06:0c:95:22:13:b3:60:58:bf:99:e5:72:f8:ce:
c2:f7:8b:5a:6c:5a:d9:09:c8:bb:13:e6:4c:1c:8f:
77:86:d1:3c:9d:8c:93:f8:d5:67:47:b9:04:16:11:
22:d9:71:bf:48:d4:5b:f7:71:78:a7:8f:ce:67:65:
f5:ac:e5:16:ce:37:4d:4c:86:1f:c6:34:06:2a:aa:
76:b8:40:9d:d7:9e:93:79:aa:47:f6:d6:4c:d1:74:
20:c2:34:c7:f3:f5:bc:8d:2e:06:bd:43:21:ce:49:
00:2f:c6:62:72:fe:6f:c6:88:2b:86:c5:b1:15:63:
bd:af:e1:a7:31:ee:d7:e1:c6:69:2f:2c:02:21:0a:
06:1d:30:57:c2:5f:d1:2b:a9:3a:1a:55:c8:70:20:
23:76:23:9b:c4:90:24:51:fd:8c:3e:28:95:9f:f4:
ba:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CD:AD:7C:F3:91:73:91:2C:84:06:18:83:61:6B:D8:6F:D6:1E:64
X509v3 Authority Key Identifier:
keyid:D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/is2tfPORc5EshAYYg2Fr2G_WHmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/0D_r_VN-Mgy77CtOImd7muZvYE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.227.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:f2:56:5a:c4:3a:bf:00:e4:75:54:e6:f4:06:40:b9:d3:85:
5f:cd:6c:56:dd:4f:6e:6a:be:b7:5c:bc:39:8c:44:69:00:34:
65:ca:a4:10:61:48:88:80:a7:0c:e0:ba:25:58:ac:ff:2e:0a:
2c:2e:11:7c:6a:32:d0:92:90:a8:ea:6c:6c:c7:e4:78:f0:57:
91:4c:83:92:34:6b:39:03:5c:23:a3:37:17:02:13:d0:45:8e:
22:23:bf:d1:37:7f:54:dc:ab:4f:27:19:cb:93:a0:12:a8:74:
76:a4:42:65:fc:33:91:e5:28:23:9c:69:a9:49:c5:68:8a:75:
1b:3a:70:12:7d:7d:4a:6c:d2:53:d9:50:d2:e1:9e:4a:cf:5a:
d3:7a:b5:26:35:89:88:4b:ae:9c:33:f7:ab:13:ca:07:35:26:
41:93:b8:4f:ac:21:0c:d9:33:25:9e:b9:2f:35:07:37:8f:a2:
72:48:0a:e7:98:21:0b:2b:19:25:a1:11:5a:df:fa:3f:13:84:
ee:58:42:25:da:cb:16:fc:00:60:ef:fb:63:4d:b6:61:d0:d3:
1b:d6:00:6a:09:5c:f7:c3:2b:2f:d3:8e:4b:2c:5f:7a:94:71:
bc:8f:56:ea:be:d3:c1:4c:3a:5c:ae:77:12:7b:65:66:00:3d:
6b:95:38:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2EMPChuGR0ib4CkaDDL3DXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwM2ZlYmZkNTM3ZTMyMGNiYmVjMmI0ZTIyNjc3YjlhZTY2
ZjYwNGUwHhcNMjQwMjA3MTUzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNkYWQ3Y2YzOTE3MzkxMmM4NDA2MTg4MzYxNmJkODZmZDYxZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaRkdcpAvFfe3RqAoAWVER1ItVx5
Eud7EKBJiYP1ovXnzD8WA37vPBq6gLkhXSQAWRUpdkyOeMjlEc+iZ/EQLqwM22n3
rH1xHmyw3Sf7t6e8F/ak9uWGul5pBgyVIhOzYFi/meVy+M7C94tabFrZCci7E+ZM
HI93htE8nYyT+NVnR7kEFhEi2XG/SNRb93F4p4/OZ2X1rOUWzjdNTIYfxjQGKqp2
uECd156TeapH9tZM0XQgwjTH8/W8jS4GvUMhzkkAL8Zicv5vxogrhsWxFWO9r+Gn
Me7X4cZpLywCIQoGHTBXwl/RK6k6GlXIcCAjdiObxJAkUf2MPiiVn/S6iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIrNrXzzkXORLIQGGINha9hv1h5kMB8GA1UdIwQY
MBaAFNA/6/1TfjIMu+wrTiJne5rmb2BOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2It
MjgxZmFkZTI4MzRiLzEvaXMydGZQT1JjNUVzaEFZWWcyRnIyR19XSG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2ItMjgxZmFkZTI4MzRi
LzEvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrjMA0G
CSqGSIb3DQEBCwUAA4IBAQAL8lZaxDq/AOR1VOb0BkC504VfzWxW3U9uar63XLw5
jERpADRlyqQQYUiIgKcM4LolWKz/LgosLhF8ajLQkpCo6mxsx+R48FeRTIOSNGs5
A1wjozcXAhPQRY4iI7/RN39U3KtPJxnLk6ASqHR2pEJl/DOR5SgjnGmpScVoinUb
OnASfX1KbNJT2VDS4Z5Kz1rTerUmNYmIS66cM/erE8oHNSZBk7hPrCEM2TMlnrkv
NQc3j6JySArnmCELKxkloRFa3/o/E4TuWEIl2ssW/ABg7/tjTbZh0NMb1gBqCVz3
wysv045LLF96lHG8j1bqvtPBTDpcrncSe2VmAD1rlTgp
-----END CERTIFICATE-----
Generated at Thu Feb 29 16:39:03 2024 by rpki-client on console-ams.rpki-client.org