Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/07GU2FT626wHHNX2Q3CZ9QFPIzA.roa
File: 07GU2FT626wHHNX2Q3CZ9QFPIzA.roa (raw, json)
Hash identifier: dweCTdWpe+GJyKTHVgkCF9WystXscP7QMypzonESo/I=
Subject key identifier: D3:B1:94:D8:54:FA:DB:AC:07:1C:D5:F6:43:70:99:F5:01:4F:23:30
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 018C213133A1BD3B353FD2F6CC8AE985680C
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/07GU2FT626wHHNX2Q3CZ9QFPIzA.roa
Signing time: Thu 30 Nov 2023 17:05:21 +0000
ROA not before: Thu 30 Nov 2023 17:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212128
IP address blocks: 176.114.92.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:31:33:a1:bd:3b:35:3f:d2:f6:cc:8a:e9:85:68:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Nov 30 17:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3b194d854fadbac071cd5f6437099f5014f2330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:36:a6:bf:5d:37:55:d6:aa:db:dc:99:ad:93:
de:e4:46:97:0d:2b:84:52:5e:da:20:dc:2b:16:9e:
27:87:ab:0a:33:25:6f:51:12:98:29:80:1a:ab:32:
4a:db:9c:e6:d7:f3:70:0d:f6:2f:63:7e:a2:ca:b0:
71:a5:e1:27:10:2e:ed:a3:bf:fc:09:49:e9:b4:33:
16:93:4f:d2:9b:00:e0:b7:ba:22:10:a8:ab:d0:86:
49:ce:04:18:1a:3c:94:43:dc:8f:5b:43:2d:fc:b0:
6e:f4:f6:b8:18:fe:f7:1b:ba:62:d4:98:ef:e1:8b:
1d:e4:25:44:28:48:59:99:c3:34:b7:cc:2c:75:3e:
01:c4:2a:30:c7:61:dc:cd:55:8e:9d:d1:79:e5:a8:
93:0e:05:71:43:b2:b5:30:5a:a6:11:97:c9:28:0d:
78:b0:34:40:cd:75:3d:08:00:0b:50:b2:0a:88:23:
ba:05:77:19:f2:a0:51:8e:13:4d:ee:98:b0:9e:99:
75:74:c5:cf:bf:f1:75:84:9c:bf:00:08:a3:f9:9f:
9b:0e:76:a7:3b:9a:3e:c2:ff:b3:43:af:f2:d5:cc:
80:ea:d0:46:a0:38:8c:a1:b0:fe:57:63:b3:a4:8f:
2e:da:b7:bd:b3:12:de:04:b9:44:bd:0d:4f:27:f7:
92:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B1:94:D8:54:FA:DB:AC:07:1C:D5:F6:43:70:99:F5:01:4F:23:30
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/07GU2FT626wHHNX2Q3CZ9QFPIzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.114.92.0/22
Signature Algorithm: sha256WithRSAEncryption
97:41:96:7a:64:8d:a0:b6:e1:1a:57:ef:77:0f:c2:d0:24:73:
dd:ff:41:46:4f:51:91:a0:23:f5:d0:20:67:c0:b5:3e:e3:b9:
b8:96:e9:cd:9f:ee:6e:63:0e:2f:4a:a7:c4:06:6b:f0:92:c3:
34:3b:0a:ae:b0:d1:f7:9a:77:35:1d:42:eb:c5:2a:76:ff:f9:
86:76:8e:e4:67:9c:8a:63:b4:d8:26:2d:0e:8f:8d:5e:74:57:
df:9c:13:f6:8c:2f:7a:96:32:06:b8:ee:7f:8f:42:0a:13:76:
1a:37:f5:81:e3:91:fc:cc:e2:19:b7:eb:82:07:e6:44:47:f1:
cd:2d:d9:ad:fc:2b:5f:a2:b5:2b:fd:49:5e:97:f5:5e:7e:ef:
db:1b:c0:69:8b:b7:e8:58:40:07:73:e9:89:6a:d4:8e:66:41:
ae:bc:8e:ba:7e:5e:a7:6a:2e:37:25:5e:4d:10:12:04:14:59:
4f:6e:32:25:e9:83:62:2d:cc:3d:bc:09:b9:5a:1d:72:24:2c:
27:13:03:d5:13:c7:9c:7e:10:21:33:31:e3:aa:b1:99:ef:50:
ea:1f:4a:ea:04:7b:2f:43:42:93:e8:3e:7c:9a:d7:d4:32:03:
bc:fb:83:22:7f:b5:37:4d:a1:81:39:2b:69:c5:db:7c:b0:13:
d1:d3:50:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwhMTOhvTs1P9L2zIrphWgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjMxMTMwMTcwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2IxOTRkODU0ZmFkYmFjMDcxY2Q1ZjY0MzcwOTlmNTAxNGYyMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDamv103Vdaq29yZrZPe5EaXDSuE
Ul7aINwrFp4nh6sKMyVvURKYKYAaqzJK25zm1/NwDfYvY36iyrBxpeEnEC7to7/8
CUnptDMWk0/SmwDgt7oiEKir0IZJzgQYGjyUQ9yPW0Mt/LBu9Pa4GP73G7pi1Jjv
4Ysd5CVEKEhZmcM0t8wsdT4BxCowx2HczVWOndF55aiTDgVxQ7K1MFqmEZfJKA14
sDRAzXU9CAALULIKiCO6BXcZ8qBRjhNN7piwnpl1dMXPv/F1hJy/AAij+Z+bDnan
O5o+wv+zQ6/y1cyA6tBGoDiMobD+V2OzpI8u2re9sxLeBLlEvQ1PJ/eS1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOxlNhU+tusBxzV9kNwmfUBTyMwMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvMDdHVTJGVDYyNndISE5YMlEzQ1o5UUZQSXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHJcMA0G
CSqGSIb3DQEBCwUAA4IBAQCXQZZ6ZI2gtuEaV+93D8LQJHPd/0FGT1GRoCP10CBn
wLU+47m4lunNn+5uYw4vSqfEBmvwksM0OwqusNH3mnc1HULrxSp2//mGdo7kZ5yK
Y7TYJi0Oj41edFffnBP2jC96ljIGuO5/j0IKE3YaN/WB45H8zOIZt+uCB+ZER/HN
Ldmt/CtforUr/Ulel/Vefu/bG8Bpi7foWEAHc+mJatSOZkGuvI66fl6nai43JV5N
EBIEFFlPbjIl6YNiLcw9vAm5Wh1yJCwnEwPVE8ecfhAhMzHjqrGZ71DqH0rqBHsv
Q0KT6D58mtfUMgO8+4Mif7U3TaGBOStpxdt8sBPR01DZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:49 2024 by rpki-client on console-ams.rpki-client.org