Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/wJb--VG_tmjiGCvyBPHWZaCRTIg.roa
File: wJb--VG_tmjiGCvyBPHWZaCRTIg.roa (raw, json)
Hash identifier: gr3JfmiVKBNFzVq6olpDZ1SDttblNfady9geoZz0HJY=
Subject key identifier: C0:96:FE:F9:51:BF:B6:68:E2:18:2B:F2:04:F1:D6:65:A0:91:4C:88
Certificate issuer: /CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Certificate serial: 09E20A6A
Authority key identifier: 56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/wJb--VG_tmjiGCvyBPHWZaCRTIg.roa
Signing time: Sat 01 Jan 2022 06:54:35 +0000
ROA not before: Sat 01 Jan 2022 06:54:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202448
IP address blocks: 188.212.125.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165808746 (0x9e20a6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Validity
Not Before: Jan 1 06:54:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c096fef951bfb668e2182bf204f1d665a0914c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9d:37:cc:36:b9:3d:b4:5f:e0:f1:1b:5d:77:
bd:7c:7a:4b:50:7d:08:4b:8f:71:5c:fa:1b:d7:ac:
1d:22:f6:3c:80:c2:59:7a:62:5b:a2:21:a7:e1:24:
51:00:a0:a3:a5:90:f9:27:7a:3f:43:3a:2c:13:dd:
81:c8:10:b2:0a:e9:b3:26:93:ea:9e:d9:b0:66:33:
a6:a5:c8:03:bf:06:95:8a:c2:3f:ed:62:de:8a:a7:
67:bd:1c:58:60:0c:61:39:79:18:d3:02:38:1a:6d:
83:71:b5:9e:4d:22:37:57:29:94:28:1b:eb:8b:4b:
dd:a6:a6:14:76:69:e8:57:1b:95:da:0e:e4:86:f5:
ce:54:69:22:38:08:f8:ad:ff:a1:27:8b:38:34:67:
6b:72:c0:c4:b1:47:f2:ff:24:89:0c:7e:8b:be:a9:
2a:6d:b2:d5:5f:7f:ef:74:43:6c:de:57:43:15:31:
81:e0:e7:5f:e6:ed:53:4f:d1:19:5e:d9:97:f0:d5:
67:27:fb:0d:f9:9f:05:4a:32:43:38:65:53:8a:73:
f6:8f:18:ea:5c:b4:0d:07:0e:6d:31:c1:96:2b:2f:
93:89:cb:a3:f5:f3:da:75:2c:1d:74:bf:a3:9a:cc:
f5:7b:01:45:33:06:75:28:73:86:d7:33:0e:96:3e:
07:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:96:FE:F9:51:BF:B6:68:E2:18:2B:F2:04:F1:D6:65:A0:91:4C:88
X509v3 Authority Key Identifier:
keyid:56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/wJb--VG_tmjiGCvyBPHWZaCRTIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.212.124.0/23
Signature Algorithm: sha256WithRSAEncryption
44:8e:7e:e4:50:b2:ad:02:6a:63:9b:87:4d:e6:07:79:66:11:
ec:ca:f4:48:d3:24:4c:a2:f5:18:90:ca:ce:d2:a5:33:88:49:
5f:70:57:99:6a:b5:c2:d0:dc:93:a8:07:fc:22:48:bb:ba:0e:
40:45:84:a7:9e:0f:c8:2f:f5:4a:94:9c:21:f2:55:09:b4:94:
9a:31:9d:21:60:bc:0d:ac:1c:18:0c:41:51:84:9c:17:f8:ac:
4c:40:da:5c:7c:4c:cc:b8:28:ac:9c:b7:11:4d:a8:51:ae:47:
70:cb:29:70:5b:38:c8:0a:79:7b:e7:82:14:6f:cf:7e:18:1f:
8c:f3:a2:43:76:38:cb:77:ec:74:2c:3e:b6:45:70:1b:9a:4f:
de:fc:34:3a:d0:dd:8f:a8:a1:ef:f3:66:76:e2:72:ed:48:6a:
76:22:23:80:f8:95:ff:e1:48:1a:b3:47:d7:5f:5d:97:5d:6c:
e7:f8:cd:74:32:a0:47:ec:e1:e8:ae:37:d9:00:87:be:00:c4:
1d:0e:db:44:b9:09:2a:54:95:ab:57:06:37:5c:54:9c:46:09:
b7:b7:30:28:89:99:e2:85:de:de:cf:d0:6c:c2:5b:7a:89:b9:
50:8a:c1:24:ea:23:69:29:27:e3:94:69:9a:fb:8a:68:27:b0:
0d:85:5b:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECeIKajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmM4YTE3MTNjNzQ3NmUwMGVkMmI3N2ZkOThmZDg5MzMwMzY1ZDg3MB4XDTIyMDEw
MTA2NTQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzA5NmZlZjk1MWJm
YjY2OGUyMTgyYmYyMDRmMWQ2NjVhMDkxNGM4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCdN8w2uT20X+DxG113vXx6S1B9CEuPcVz6G9esHSL2PIDC
WXpiW6Ihp+EkUQCgo6WQ+Sd6P0M6LBPdgcgQsgrpsyaT6p7ZsGYzpqXIA78GlYrC
P+1i3oqnZ70cWGAMYTl5GNMCOBptg3G1nk0iN1cplCgb64tL3aamFHZp6FcbldoO
5Ib1zlRpIjgI+K3/oSeLODRna3LAxLFH8v8kiQx+i76pKm2y1V9/73RDbN5XQxUx
geDnX+btU0/RGV7Zl/DVZyf7DfmfBUoyQzhlU4pz9o8Y6ly0DQcObTHBlisvk4nL
o/Xz2nUsHXS/o5rM9XsBRTMGdShzhtczDpY+By0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTAlv75Ub+2aOIYK/IE8dZloJFMiDAfBgNVHSMEGDAWgBRWyKFxPHR24A7S
t3/Zj9iTMDZdhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZzaWhjVHgwZHVBTzByZF8yWV9Za3pBMlhZYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvMjNkNTI1LTgyOTYtNGY5Yy05ZGU0LTkxZTMyYzUxNzE1Mi8x
L3dKYi0tVkdfdG1qaUdDdnlCUEhXWmFDUlRJZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
MjNkNTI1LTgyOTYtNGY5Yy05ZGU0LTkxZTMyYzUxNzE1Mi8xL1ZzaWhjVHgwZHVB
TzByZF8yWV9Za3pBMlhZYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbzUfDANBgkqhkiG9w0BAQsFAAOC
AQEARI5+5FCyrQJqY5uHTeYHeWYR7Mr0SNMkTKL1GJDKztKlM4hJX3BXmWq1wtDc
k6gH/CJIu7oOQEWEp54PyC/1SpScIfJVCbSUmjGdIWC8DawcGAxBUYScF/isTEDa
XHxMzLgorJy3EU2oUa5HcMspcFs4yAp5e+eCFG/PfhgfjPOiQ3Y4y3fsdCw+tkVw
G5pP3vw0OtDdj6ih7/NmduJy7UhqdiIjgPiV/+FIGrNH119dl11s5/jNdDKgR+zh
6K432QCHvgDEHQ7bRLkJKlSVq1cGN1xUnEYJt7cwKImZ4oXe3s/QbMJbeom5UIrB
JOojaSkn45RpmvuKaCewDYVbJg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:09 2023 by rpki-client on console-fra.rpki-client.org