Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/T0GgkBw9zh2YdGAdyz3HqAnuo3E.roa
File: T0GgkBw9zh2YdGAdyz3HqAnuo3E.roa (raw, json)
Hash identifier: My4t5tXJM2k7K3e0ZULgA5KpYQyxpK4oidyqWaBHVgU=
Subject key identifier: 4F:41:A0:90:1C:3D:CE:1D:98:74:60:1D:CB:3D:C7:A8:09:EE:A3:71
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 018CC424559724AF87031E6C9053294E50A4
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/T0GgkBw9zh2YdGAdyz3HqAnuo3E.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29172
IP address blocks: 176.223.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:55:97:24:af:87:03:1e:6c:90:53:29:4e:50:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f41a0901c3dce1d9874601dcb3dc7a809eea371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:00:fa:ce:3f:5d:0a:75:1e:9c:02:61:09:3c:
bb:6d:36:34:17:fa:49:37:a4:9e:d5:f9:7d:6a:33:
1f:a1:c5:42:51:b3:c3:2e:fc:a5:a4:59:90:68:9c:
89:ea:c4:7b:62:73:a3:8a:de:7d:05:ee:b7:07:fd:
ca:7c:d4:49:2d:22:93:98:75:c9:2d:39:68:e0:8b:
c7:c9:c5:d7:09:a5:3c:d8:d1:8d:94:c2:d8:6d:13:
55:e0:ba:86:c4:64:f3:77:9d:d5:ad:bc:64:f5:59:
6d:26:58:24:f9:1e:b7:a7:b9:95:96:31:be:15:ed:
d3:89:2c:d6:ca:ab:40:d1:1a:d9:30:54:e9:fe:95:
a0:a8:af:7b:e0:63:16:eb:de:b1:cb:bb:8d:fb:56:
94:1a:74:41:f7:93:bc:21:21:a1:d6:10:0a:55:2e:
f0:ba:9f:62:1c:90:7e:cb:f5:29:1e:7f:83:c5:c6:
c8:75:f9:c2:4a:16:fe:90:94:00:f4:2f:1d:fa:60:
0c:2a:47:af:b2:e2:27:e4:56:d4:56:07:08:a1:c3:
2c:c8:1b:df:41:e8:e0:46:e8:34:aa:4f:a3:c7:3c:
39:a6:ff:43:d1:a6:9e:e9:fc:93:db:af:ae:cf:9f:
65:51:d4:5e:a2:7e:e1:aa:5f:71:9e:69:58:f5:aa:
d5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:41:A0:90:1C:3D:CE:1D:98:74:60:1D:CB:3D:C7:A8:09:EE:A3:71
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/T0GgkBw9zh2YdGAdyz3HqAnuo3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.223.167.0/24
Signature Algorithm: sha256WithRSAEncryption
32:f7:0f:0d:41:44:82:e4:67:22:c0:03:7a:ed:46:88:58:f4:
fb:17:23:16:2d:9e:ca:88:6e:47:c4:29:bb:a1:28:00:9f:71:
32:04:2c:45:d0:09:86:61:7f:67:72:dd:a3:eb:96:20:cb:7a:
b0:6f:53:e0:61:e7:25:5d:d3:0e:48:a5:2d:72:8f:ce:d4:d3:
b7:cc:27:3d:e3:73:e6:9f:13:bf:cb:6f:00:60:bf:70:a8:d0:
5b:08:de:78:50:05:2b:29:f6:ac:cf:16:5b:8d:37:fa:56:ac:
7d:7e:91:b3:36:48:7f:6d:f7:a0:57:8d:3f:b2:15:c2:ae:2f:
9a:92:df:74:44:f1:e5:68:20:f5:f9:c9:a6:7e:fe:35:3f:d0:
ea:2d:64:95:83:ec:9b:36:c7:50:84:92:5f:f0:05:23:ee:22:
b1:c3:c8:00:61:15:f2:d6:de:01:4f:89:69:4f:7f:46:da:68:
e0:a1:bb:11:06:30:76:f9:1d:12:67:91:dc:52:8e:1d:43:b1:
6c:4f:76:fa:9a:1f:dc:5e:af:ec:a3:1b:7b:f8:f7:2c:81:f8:
51:e4:79:04:a2:be:32:1b:31:0f:23:61:24:fd:62:5c:87:4f:
b0:11:32:2b:e4:a8:35:2f:f0:f3:9b:d6:78:40:e6:2f:84:32:
38:ad:68:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFWXJK+HAx5skFMpTlCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQxYTA5MDFjM2RjZTFkOTg3NDYwMWRjYjNkYzdhODA5ZWVhMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwD6zj9dCnUenAJhCTy7bTY0F/pJ
N6Se1fl9ajMfocVCUbPDLvylpFmQaJyJ6sR7YnOjit59Be63B/3KfNRJLSKTmHXJ
LTlo4IvHycXXCaU82NGNlMLYbRNV4LqGxGTzd53Vrbxk9VltJlgk+R63p7mVljG+
Fe3TiSzWyqtA0RrZMFTp/pWgqK974GMW696xy7uN+1aUGnRB95O8ISGh1hAKVS7w
up9iHJB+y/UpHn+DxcbIdfnCShb+kJQA9C8d+mAMKkevsuIn5FbUVgcIocMsyBvf
QejgRug0qk+jxzw5pv9D0aae6fyT26+uz59lUdReon7hql9xnmlY9arVSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9BoJAcPc4dmHRgHcs9x6gJ7qNxMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvVDBHZ2tCdzl6aDJZZEdBZHl6M0hxQW51bzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsN+nMA0G
CSqGSIb3DQEBCwUAA4IBAQAy9w8NQUSC5GciwAN67UaIWPT7FyMWLZ7KiG5HxCm7
oSgAn3EyBCxF0AmGYX9nct2j65Ygy3qwb1PgYeclXdMOSKUtco/O1NO3zCc943Pm
nxO/y28AYL9wqNBbCN54UAUrKfaszxZbjTf6Vqx9fpGzNkh/bfegV40/shXCri+a
kt90RPHlaCD1+cmmfv41P9DqLWSVg+ybNsdQhJJf8AUj7iKxw8gAYRXy1t4BT4lp
T39G2mjgobsRBjB2+R0SZ5HcUo4dQ7FsT3b6mh/cXq/soxt7+PcsgfhR5HkEor4y
GzEPI2Ek/WJch0+wETIr5Kg1L/Dzm9Z4QOYvhDI4rWiJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:46 2024 by rpki-client on console-fra.rpki-client.org