Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/_CvV7BLfVwdDVMcN_DCbbcPbTug.roa
File: _CvV7BLfVwdDVMcN_DCbbcPbTug.roa (raw, json)
Hash identifier: MdcMTOKNCLjseAcsi9a/3dud6sn3AAMiPdp/0ozrzc0=
Subject key identifier: FC:2B:D5:EC:12:DF:57:07:43:54:C7:0D:FC:30:9B:6D:C3:DB:4E:E8
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 018B1E67C1BC5C6FB6266DC0270D09678BCA
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/_CvV7BLfVwdDVMcN_DCbbcPbTug.roa
Signing time: Wed 11 Oct 2023 11:03:18 +0000
ROA not before: Wed 11 Oct 2023 11:03:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 194.8.80.0/24 maxlen: 24
93.115.6.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:67:c1:bc:5c:6f:b6:26:6d:c0:27:0d:09:67:8b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Oct 11 11:03:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc2bd5ec12df57074354c70dfc309b6dc3db4ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3a:d1:7a:d0:f2:ab:19:74:f3:33:1f:e2:f5:
ba:dc:49:70:82:12:bb:c8:8d:bc:1a:50:fe:61:20:
3f:08:0d:87:33:0f:5d:18:12:dd:96:5f:6e:12:8a:
d5:62:1d:ad:b7:c1:93:ee:1c:57:ea:e5:a2:51:2b:
e6:1f:10:a5:69:68:aa:68:10:29:67:9e:0a:22:a8:
6d:1a:74:07:c8:8c:19:13:e9:67:87:06:26:c3:0e:
e9:e0:9e:b7:ff:8a:0e:44:b0:e8:3e:a9:79:74:1c:
9a:05:1c:1c:1e:04:72:bc:fe:69:37:3e:37:f1:6e:
af:d8:5a:7e:08:78:ea:ba:7d:46:ed:61:e4:52:96:
dc:1c:bf:18:7f:2e:62:f1:1f:4a:48:e2:cf:7f:21:
d4:dd:dd:56:85:77:f6:2b:c5:79:8e:c0:c0:55:46:
8d:bf:27:7e:7b:6a:9e:50:25:cc:79:0f:d9:f0:84:
55:45:e1:7f:b1:54:d3:ef:76:be:ee:59:74:d5:a5:
4d:cf:e0:32:7f:9e:47:ce:a2:ba:06:e2:b2:a2:a5:
81:a8:ca:ba:ec:7e:11:b6:35:8d:5b:88:a4:a5:0d:
3e:a9:3a:4d:1a:b6:7f:74:c6:1d:37:96:4a:4a:5a:
b0:c2:47:7a:46:c8:c1:76:81:7c:f5:9d:e0:63:8e:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:2B:D5:EC:12:DF:57:07:43:54:C7:0D:FC:30:9B:6D:C3:DB:4E:E8
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/_CvV7BLfVwdDVMcN_DCbbcPbTug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.6.0/24
194.8.80.0/24
Signature Algorithm: sha256WithRSAEncryption
07:14:b4:da:8e:5e:3d:b0:ec:32:18:89:50:9c:ce:24:cb:01:
31:fc:57:77:65:fc:7a:9c:9a:eb:e8:9d:c3:50:38:39:ff:0b:
44:de:d7:8c:83:e9:ef:33:fe:61:02:25:74:cb:25:b4:bf:a8:
00:23:3a:a9:57:3a:09:9c:e4:5c:f4:e6:11:47:26:94:4e:9c:
ae:4c:e7:81:53:56:20:57:67:43:e5:88:b9:91:a6:cf:7f:f1:
a8:19:83:14:9d:45:09:26:c0:3e:88:cb:b1:2e:81:d1:8a:16:
c0:a0:eb:5d:58:3b:c2:9b:f5:11:32:86:37:17:b6:12:30:99:
c4:9f:79:a5:10:0a:e0:43:09:56:1c:f5:17:fa:f2:d4:c9:9c:
d7:e8:1f:c0:cc:a5:da:96:b6:dc:31:80:89:a2:bf:1b:d3:d3:
7e:b6:e4:95:54:0a:0e:79:02:e9:03:d2:4d:8a:85:a1:c6:6d:
5d:80:0e:9e:12:34:e5:1d:c1:24:51:3e:3b:2e:fd:1e:7a:5d:
0a:32:a1:b4:f5:5e:c3:c7:b5:58:e4:37:80:67:3b:7b:2b:4c:
07:f9:25:14:62:02:ad:85:4d:f0:1e:4e:15:71:44:15:a3:70:
8e:0e:98:e0:67:e7:42:23:88:e5:7b:9d:ab:7c:49:3a:be:9d:
66:de:40:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYseZ8G8XG+2Jm3AJw0JZ4vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjMxMDExMTEwMzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzJiZDVlYzEyZGY1NzA3NDM1NGM3MGRmYzMwOWI2ZGMzZGI0ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjrRetDyqxl08zMf4vW63ElwghK7
yI28GlD+YSA/CA2HMw9dGBLdll9uEorVYh2tt8GT7hxX6uWiUSvmHxClaWiqaBAp
Z54KIqhtGnQHyIwZE+lnhwYmww7p4J63/4oORLDoPql5dByaBRwcHgRyvP5pNz43
8W6v2Fp+CHjqun1G7WHkUpbcHL8Yfy5i8R9KSOLPfyHU3d1WhXf2K8V5jsDAVUaN
vyd+e2qeUCXMeQ/Z8IRVReF/sVTT73a+7ll01aVNz+Ayf55HzqK6BuKyoqWBqMq6
7H4RtjWNW4ikpQ0+qTpNGrZ/dMYdN5ZKSlqwwkd6RsjBdoF89Z3gY45AJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwr1ewS31cHQ1THDfwwm23D207oMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvX0N2VjdCTGZWd2REVk1jTl9EQ2JiY1BiVHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXXMGAwQA
wghQMA0GCSqGSIb3DQEBCwUAA4IBAQAHFLTajl49sOwyGIlQnM4kywEx/Fd3Zfx6
nJrr6J3DUDg5/wtE3teMg+nvM/5hAiV0yyW0v6gAIzqpVzoJnORc9OYRRyaUTpyu
TOeBU1YgV2dD5Yi5kabPf/GoGYMUnUUJJsA+iMuxLoHRihbAoOtdWDvCm/URMoY3
F7YSMJnEn3mlEArgQwlWHPUX+vLUyZzX6B/AzKXalrbcMYCJor8b09N+tuSVVAoO
eQLpA9JNioWhxm1dgA6eEjTlHcEkUT47Lv0eel0KMqG09V7Dx7VY5DeAZzt7K0wH
+SUUYgKthU3wHk4VcUQVo3CODpjgZ+dCI4jle52rfEk6vp1m3kBZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org