Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/aHfCdLo1xRPEuvDQL2sH4Dbgy18.roa
File: aHfCdLo1xRPEuvDQL2sH4Dbgy18.roa (raw, json)
Hash identifier: ed1qynKxlAlbDneTpyF0v7QnhpPS0tBJIrdxEE8F1vY=
Subject key identifier: 68:77:C2:74:BA:35:C5:13:C4:BA:F0:D0:2F:6B:07:E0:36:E0:CB:5F
Certificate issuer: /CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Certificate serial: 01856FE710049423A8321A12724F3E60EC3F
Authority key identifier: 56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/aHfCdLo1xRPEuvDQL2sH4Dbgy18.roa
Signing time: Mon 02 Jan 2023 00:34:51 +0000
ROA not before: Mon 02 Jan 2023 00:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202448
IP address blocks: 188.212.125.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:10:04:94:23:a8:32:1a:12:72:4f:3e:60:ec:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Validity
Not Before: Jan 2 00:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6877c274ba35c513c4baf0d02f6b07e036e0cb5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:63:83:23:58:0c:47:b5:6d:86:5c:71:62:a0:
ec:c0:8d:26:3f:7c:06:00:e1:5b:c7:25:2c:92:a9:
b1:c4:95:7d:6d:e4:0f:82:ea:df:d3:93:04:52:fd:
2f:97:37:5b:1d:08:1a:01:a0:42:6b:10:6d:56:af:
26:f2:a1:9b:0e:67:03:29:da:4a:30:52:9d:26:e8:
e7:1c:66:9a:cc:1c:7d:f0:2b:d7:60:ee:0e:d4:14:
3a:49:20:24:2a:19:23:08:0c:a1:39:aa:73:b5:1f:
cc:91:1e:9f:29:5e:0f:ec:b7:2a:c9:40:28:b8:50:
19:9d:25:a2:db:3f:55:9d:91:40:8e:f7:12:2a:0a:
b3:95:b1:a1:f3:ad:d6:22:30:ac:fc:7a:3c:3d:af:
61:91:a8:2b:da:13:4f:17:85:66:d3:61:05:af:79:
ed:0d:ac:17:fc:a6:fe:d5:d0:b7:14:c5:8a:f4:82:
0b:2f:f9:d5:9e:6d:6d:3e:90:cc:41:ca:0a:fa:34:
6d:5d:75:ab:c4:bb:66:8f:ff:d5:56:b4:0d:16:a6:
c4:3b:8d:d3:37:06:f1:32:df:f4:11:fc:15:b4:85:
e8:16:f4:db:ae:45:ee:61:c6:4a:78:f7:1d:1a:b2:
ad:a7:79:dc:17:99:22:70:4a:6a:38:41:3f:ae:f4:
e9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:77:C2:74:BA:35:C5:13:C4:BA:F0:D0:2F:6B:07:E0:36:E0:CB:5F
X509v3 Authority Key Identifier:
keyid:56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/aHfCdLo1xRPEuvDQL2sH4Dbgy18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.212.124.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:e4:5d:e6:f1:1c:48:de:4c:3b:40:51:f5:50:d8:38:65:76:
9b:58:b9:ac:99:24:1c:e2:dc:28:17:4b:b2:84:eb:95:30:78:
af:de:70:55:51:1d:8e:1c:28:1d:0a:af:a0:f1:e2:c9:a6:eb:
6e:52:6d:81:5b:17:05:08:d7:f9:fc:04:d0:9c:d5:e2:30:4f:
f5:e6:5e:f6:ce:c4:d0:84:26:be:e8:0b:89:7e:90:50:3b:f4:
c3:9f:2e:c5:27:70:f4:23:de:fb:1c:23:0b:e6:23:b5:c0:48:
e7:b1:4c:f6:18:71:7f:7e:c9:a8:cb:51:cf:74:8f:7b:fd:18:
d8:f7:11:53:1f:ef:6e:19:6e:a6:3c:f7:13:6c:0a:35:65:0f:
04:60:2c:00:5f:a6:4a:6d:43:a6:53:90:6c:fb:81:fa:28:f1:
42:f3:89:1e:f7:dc:3a:60:1a:f4:d5:b6:a9:11:f4:07:63:44:
ec:f1:a1:dc:9c:35:23:7d:84:8e:a6:b2:97:79:c1:31:4c:18:
1c:ba:c2:4e:0c:52:b0:f2:4f:3c:fc:cc:28:10:27:19:3f:6b:
46:72:6e:9b:bf:ef:e9:15:b5:14:2f:b3:42:6b:76:f2:2e:32:
6a:14:d5:b5:e5:56:a9:35:cd:84:91:aa:82:e0:e6:f5:d7:46:
16:ee:6d:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5xAElCOoMhoSck8+YOw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YzhhMTcxM2M3NDc2ZTAwZWQyYjc3ZmQ5OGZkODkzMzAz
NjVkODcwHhcNMjMwMTAyMDAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc3YzI3NGJhMzVjNTEzYzRiYWYwZDAyZjZiMDdlMDM2ZTBjYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2ODI1gMR7VthlxxYqDswI0mP3wG
AOFbxyUskqmxxJV9beQPgurf05MEUv0vlzdbHQgaAaBCaxBtVq8m8qGbDmcDKdpK
MFKdJujnHGaazBx98CvXYO4O1BQ6SSAkKhkjCAyhOapztR/MkR6fKV4P7LcqyUAo
uFAZnSWi2z9VnZFAjvcSKgqzlbGh863WIjCs/Ho8Pa9hkagr2hNPF4Vm02EFr3nt
DawX/Kb+1dC3FMWK9IILL/nVnm1tPpDMQcoK+jRtXXWrxLtmj//VVrQNFqbEO43T
NwbxMt/0EfwVtIXoFvTbrkXuYcZKePcdGrKtp3ncF5kicEpqOEE/rvTplQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGh3wnS6NcUTxLrw0C9rB+A24MtfMB8GA1UdIwQY
MBaAFFbIoXE8dHbgDtK3f9mP2JMwNl2HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQt
OTFlMzJjNTE3MTUyLzEvYUhmQ2RMbzF4UlBFdXZEUUwyc0g0RGJneTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQtOTFlMzJjNTE3MTUy
LzEvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNR8MA0G
CSqGSIb3DQEBCwUAA4IBAQAq5F3m8RxI3kw7QFH1UNg4ZXabWLmsmSQc4twoF0uy
hOuVMHiv3nBVUR2OHCgdCq+g8eLJputuUm2BWxcFCNf5/ATQnNXiME/15l72zsTQ
hCa+6AuJfpBQO/TDny7FJ3D0I977HCML5iO1wEjnsUz2GHF/fsmoy1HPdI97/RjY
9xFTH+9uGW6mPPcTbAo1ZQ8EYCwAX6ZKbUOmU5Bs+4H6KPFC84ke99w6YBr01bap
EfQHY0Ts8aHcnDUjfYSOprKXecExTBgcusJODFKw8k88/MwoECcZP2tGcm6bv+/p
FbUUL7NCa3byLjJqFNW15VapNc2EkaqC4Ob110YW7m3z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:00 2023 by rpki-client on console-ams.rpki-client.org