Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/e-eQ_ZPImf3pAz8CBfloEcb5gj0.roa
File: e-eQ_ZPImf3pAz8CBfloEcb5gj0.roa (raw, json)
Hash identifier: K+thPuSXZjk5UgfLsL1qt8h0N7ejdQ0w1g7qGJrmqJs=
Subject key identifier: 7B:E7:90:FD:93:C8:99:FD:E9:03:3F:02:05:F9:68:11:C6:F9:82:3D
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 018CC9BC6122B93EA167654646C917185E0A
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/e-eQ_ZPImf3pAz8CBfloEcb5gj0.roa
Signing time: Tue 02 Jan 2024 10:33:35 +0000
ROA not before: Tue 02 Jan 2024 10:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212128
IP address blocks: 176.114.92.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:61:22:b9:3e:a1:67:65:46:46:c9:17:18:5e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Jan 2 10:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7be790fd93c899fde9033f0205f96811c6f9823d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a0:30:ef:0b:cc:73:45:8e:81:d3:31:15:12:
d7:eb:a8:a5:b7:12:ac:1e:ec:7d:c2:ae:9e:1b:b9:
69:1a:90:96:a6:1d:1b:af:a6:9e:26:33:93:fb:17:
06:1f:56:7e:fb:65:aa:64:12:bb:8e:da:e4:64:02:
41:d6:a7:ad:e1:b3:5b:be:02:fc:a2:f4:cc:4b:04:
93:3c:d5:a1:97:02:9c:7d:de:a7:8e:90:e7:41:2b:
5d:37:71:01:f6:8d:d1:b7:29:b8:86:d6:fc:3c:03:
a1:30:83:fe:d3:fd:96:85:3e:47:d3:da:2b:9d:e0:
66:08:5f:37:c6:bf:05:aa:ef:24:14:b5:b6:04:6a:
e9:c7:f6:f7:80:8b:a4:fa:b2:06:65:ab:8c:35:54:
c1:e7:85:7b:94:30:ee:7b:21:71:9d:bc:cd:3b:6c:
9e:34:af:c4:e7:32:79:26:93:71:db:06:c3:4c:31:
8e:76:90:f9:c8:ed:ab:89:b6:6b:d1:4b:28:69:88:
3e:cc:4b:65:8d:71:21:4e:ea:f0:67:18:7b:f4:4d:
5f:60:a8:ef:04:03:6a:f9:dc:5c:49:86:cd:86:2c:
18:bc:0a:e8:49:cd:58:db:04:a3:93:50:b9:1e:be:
87:56:77:0f:38:04:b0:42:79:f0:65:ec:86:e0:6e:
97:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E7:90:FD:93:C8:99:FD:E9:03:3F:02:05:F9:68:11:C6:F9:82:3D
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/e-eQ_ZPImf3pAz8CBfloEcb5gj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.114.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:a8:ab:9d:4e:b6:c2:e3:04:60:8d:a8:b3:63:91:1e:81:45:
ab:a1:a9:8c:2e:88:46:b3:1b:f2:0f:37:ce:6a:7a:11:3b:96:
d7:64:3f:79:a0:71:f1:48:74:c6:e1:5a:ea:c4:0b:c1:f9:c8:
e7:89:5e:75:30:6a:e0:7b:8a:1f:1d:d4:d6:15:c1:f4:4f:e2:
db:f4:06:d9:5c:95:46:b7:a9:64:47:75:21:72:98:1b:84:0f:
d4:fa:21:2d:ef:c6:f3:b4:2a:aa:54:76:6a:f8:2e:06:eb:5f:
15:6b:d3:d8:e2:a7:8e:d9:58:da:9a:b3:b2:88:de:c6:26:54:
1e:bb:98:98:01:87:e3:84:6b:b8:7b:35:35:a1:17:b7:69:47:
62:37:3a:b5:89:a0:13:1e:df:94:b8:d6:dd:0c:79:b5:93:d6:
cd:7f:93:95:38:67:4a:0e:ac:06:db:68:7d:3c:11:b8:f4:a4:
b1:9b:1b:2d:5a:6c:76:55:ac:16:a3:e7:37:42:59:7f:16:69:
6a:0f:b0:b1:16:29:aa:02:aa:86:61:0e:b8:f1:dd:b1:54:97:
11:e9:3c:b4:4f:6d:c0:ed:ab:7e:67:b3:e0:2d:6e:e3:43:70:
84:e2:53:e1:7d:90:40:46:65:a7:6b:14:e0:db:b7:a5:51:ba:
21:da:36:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvGEiuT6hZ2VGRskXGF4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjQwMTAyMTAzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmU3OTBmZDkzYzg5OWZkZTkwMzNmMDIwNWY5NjgxMWM2Zjk4MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6Aw7wvMc0WOgdMxFRLX66iltxKs
Hux9wq6eG7lpGpCWph0br6aeJjOT+xcGH1Z++2WqZBK7jtrkZAJB1qet4bNbvgL8
ovTMSwSTPNWhlwKcfd6njpDnQStdN3EB9o3Rtym4htb8PAOhMIP+0/2WhT5H09or
neBmCF83xr8Fqu8kFLW2BGrpx/b3gIuk+rIGZauMNVTB54V7lDDueyFxnbzNO2ye
NK/E5zJ5JpNx2wbDTDGOdpD5yO2ribZr0UsoaYg+zEtljXEhTurwZxh79E1fYKjv
BANq+dxcSYbNhiwYvAroSc1Y2wSjk1C5Hr6HVncPOASwQnnwZeyG4G6XGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvnkP2TyJn96QM/AgX5aBHG+YI9MB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvZS1lUV9aUEltZjNwQXo4Q0JmbG9FY2I1Z2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHJcMA0G
CSqGSIb3DQEBCwUAA4IBAQANqKudTrbC4wRgjaizY5EegUWroamMLohGsxvyDzfO
anoRO5bXZD95oHHxSHTG4VrqxAvB+cjniV51MGrge4ofHdTWFcH0T+Lb9AbZXJVG
t6lkR3UhcpgbhA/U+iEt78bztCqqVHZq+C4G618Va9PY4qeO2VjamrOyiN7GJlQe
u5iYAYfjhGu4ezU1oRe3aUdiNzq1iaATHt+UuNbdDHm1k9bNf5OVOGdKDqwG22h9
PBG49KSxmxstWmx2VawWo+c3Qll/FmlqD7CxFimqAqqGYQ648d2xVJcR6Ty0T23A
7at+Z7PgLW7jQ3CE4lPhfZBARmWnaxTg27elUboh2jaE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:49 2024 by rpki-client on console-ams.rpki-client.org