Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/u_j_9k6unAUOnAE_ELHt1BShxPQ.roa
File: u_j_9k6unAUOnAE_ELHt1BShxPQ.roa (raw, json)
Hash identifier: fCRugTSCQCzvx/lgrN7TOlOAP+5FvhJTA8lkAv/Tm+s=
Subject key identifier: BB:F8:FF:F6:4E:AE:9C:05:0E:9C:01:3F:10:B1:ED:D4:14:A1:C4:F4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018C69389A744E4914E93DE011790D7D1E37
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/u_j_9k6unAUOnAE_ELHt1BShxPQ.roa
Signing time: Thu 14 Dec 2023 16:46:06 +0000
ROA not before: Thu 14 Dec 2023 16:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216326
IP address blocks: 92.52.218.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:38:9a:74:4e:49:14:e9:3d:e0:11:79:0d:7d:1e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 14 16:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbf8fff64eae9c050e9c013f10b1edd414a1c4f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:53:6e:f0:4e:cb:f5:a8:1a:cd:21:11:11:13:
48:91:6d:f4:88:33:0e:37:28:ec:77:06:46:9e:ff:
7f:e7:7c:93:fc:a4:18:54:5a:82:78:da:b6:71:db:
0f:09:4f:39:1b:84:b1:2b:2d:74:29:7e:b9:14:cb:
b4:48:c9:de:02:fe:5a:de:99:19:e1:c6:b0:9f:5d:
44:37:63:40:61:b7:18:6f:49:0e:e1:23:5a:e3:a2:
b8:01:60:e4:af:d1:f6:86:73:2e:a0:7c:93:ed:cc:
90:bd:cb:ad:3d:a5:25:5d:16:18:24:28:eb:71:07:
5b:5a:3d:2d:c9:7b:c1:3f:0b:d0:e0:ab:87:b4:4c:
ea:0d:7b:ad:46:ce:23:03:df:7f:1a:7b:40:e3:1a:
95:e6:67:0a:24:a5:96:8a:bf:0b:f2:ef:7c:dc:66:
6e:84:de:e4:4d:82:ea:84:55:e9:30:2d:b6:f2:0a:
82:8b:a4:02:29:27:dd:b6:1e:f2:a2:ed:4f:7b:69:
74:f9:44:8c:a7:47:45:1e:1a:95:63:90:f6:fb:50:
ce:86:12:0b:da:1a:9f:1e:0a:b0:63:98:17:82:53:
b1:aa:57:88:50:66:f4:b6:8f:a3:50:04:b6:94:01:
f1:fe:4f:63:2f:5c:55:58:1d:7b:07:b2:7d:9c:ed:
04:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F8:FF:F6:4E:AE:9C:05:0E:9C:01:3F:10:B1:ED:D4:14:A1:C4:F4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/u_j_9k6unAUOnAE_ELHt1BShxPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.52.218.0/24
178.210.235.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:aa:b2:29:7b:5c:61:78:67:93:21:a1:b2:9e:02:09:4e:a1:
44:22:ce:8f:8a:ac:96:da:88:b9:fb:e9:87:04:39:11:6f:2f:
ec:34:6e:ac:b2:e3:86:8c:66:73:58:d6:b5:cc:3c:0c:f0:b4:
92:e7:f6:3a:84:c2:35:0b:b9:c2:7e:e1:25:4f:98:5b:e7:b1:
ca:25:0a:d7:a4:3d:0d:ef:b4:db:9d:ac:cb:b4:53:7c:da:f2:
6f:43:7e:65:15:1c:f0:7e:b4:c5:06:00:e4:aa:1e:d1:e4:59:
92:09:33:98:f7:d2:ed:15:c4:e0:91:c7:ad:dc:88:67:87:c2:
fc:da:93:f5:fe:02:e8:ca:cb:74:f4:09:63:c7:2e:4f:2b:b4:
4a:a6:39:84:7b:8c:f1:a1:65:b4:22:58:b9:11:e8:af:2f:1d:
57:db:0b:b1:c3:91:85:df:fe:b2:01:de:b4:c7:09:8e:46:51:
2d:60:97:32:00:8a:d0:02:11:a7:c6:2d:fb:f5:d6:60:81:a5:
dc:ff:65:6e:65:a3:d6:8e:44:fc:7c:46:e3:6a:06:06:30:b9:
fe:8a:27:63:99:80:44:c3:5e:63:79:d8:0a:c9:28:9f:4d:5b:
ad:5b:22:82:98:31:75:8b:a7:1e:27:cc:00:19:11:19:48:db:
7c:91:d6:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxpOJp0TkkU6T3gEXkNfR43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMjE0MTY0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmY4ZmZmNjRlYWU5YzA1MGU5YzAxM2YxMGIxZWRkNDE0YTFjNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVNu8E7L9agazSERERNIkW30iDMO
NyjsdwZGnv9/53yT/KQYVFqCeNq2cdsPCU85G4SxKy10KX65FMu0SMneAv5a3pkZ
4cawn11EN2NAYbcYb0kO4SNa46K4AWDkr9H2hnMuoHyT7cyQvcutPaUlXRYYJCjr
cQdbWj0tyXvBPwvQ4KuHtEzqDXutRs4jA99/GntA4xqV5mcKJKWWir8L8u983GZu
hN7kTYLqhFXpMC228gqCi6QCKSfdth7you1Pe2l0+USMp0dFHhqVY5D2+1DOhhIL
2hqfHgqwY5gXglOxqleIUGb0to+jUAS2lAHx/k9jL1xVWB17B7J9nO0EkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLv4//ZOrpwFDpwBPxCx7dQUocT0MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdV9qXzlrNnVuQVVPbkFFX0VMSHQxQlNoeFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXDTaAwQA
stLrMA0GCSqGSIb3DQEBCwUAA4IBAQBvqrIpe1xheGeTIaGyngIJTqFEIs6PiqyW
2oi5++mHBDkRby/sNG6ssuOGjGZzWNa1zDwM8LSS5/Y6hMI1C7nCfuElT5hb57HK
JQrXpD0N77TbnazLtFN82vJvQ35lFRzwfrTFBgDkqh7R5FmSCTOY99LtFcTgkcet
3Ihnh8L82pP1/gLoyst09Aljxy5PK7RKpjmEe4zxoWW0Ili5EeivLx1X2wuxw5GF
3/6yAd60xwmORlEtYJcyAIrQAhGnxi379dZggaXc/2VuZaPWjkT8fEbjagYGMLn+
iidjmYBEw15jedgKySifTVutWyKCmDF1i6ceJ8wAGREZSNt8kdbb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org