Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/7_9MFXwBVEOcOb7OQXidrKO7HBo.roa
File: 7_9MFXwBVEOcOb7OQXidrKO7HBo.roa (raw, json)
Hash identifier: kLH9F38PgtlUbwEpwY1PfpKD3Wi9/TThfzgvlSO33d8=
Subject key identifier: EF:FF:4C:15:7C:01:54:43:9C:39:BE:CE:41:78:9D:AC:A3:BB:1C:1A
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 0190E99A7F75BA4801F69E35C638A5730CA6
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/7_9MFXwBVEOcOb7OQXidrKO7HBo.roa
Signing time: Thu 25 Jul 2024 11:15:34 +0000
ROA not before: Thu 25 Jul 2024 11:15:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 194.106.212.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:9a:7f:75:ba:48:01:f6:9e:35:c6:38:a5:73:0c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jul 25 11:15:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efff4c157c0154439c39bece41789daca3bb1c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:69:06:58:47:63:ff:9a:d0:dc:c1:a8:ec:ca:
1b:9c:b7:cd:ba:52:35:eb:17:53:b7:5d:36:b5:08:
a9:2b:d6:3c:f9:13:a4:0a:f8:6f:10:99:10:0d:53:
9d:b2:83:ad:d6:15:1d:ff:3f:14:9c:9f:9b:b8:4a:
7f:12:c4:6e:37:81:73:ee:a7:96:3c:f3:f4:50:0e:
5e:cb:9c:18:ac:34:4a:a6:c9:65:f6:1f:ac:b0:3f:
59:e4:34:2d:6a:6c:39:f2:20:3a:5e:96:67:f2:1a:
b0:5f:ff:b8:b7:2c:d1:89:b6:80:5d:49:d0:22:0c:
c0:78:48:03:7d:26:8d:06:7d:54:14:36:0d:15:06:
4c:4a:67:78:85:5b:f4:5a:0f:ef:89:64:10:c9:be:
67:c7:18:5c:a1:c7:3a:f6:02:31:33:b8:5c:2d:5b:
90:04:42:b1:ec:b4:6d:8b:c9:83:ae:65:7c:f4:e1:
e5:cf:da:d5:63:21:bc:50:e3:65:a1:2e:c0:be:55:
50:3f:a4:ee:51:76:77:73:a3:c3:75:10:bf:73:12:
09:79:7f:d9:63:55:92:33:21:36:5b:cf:3a:ac:ee:
58:aa:36:0d:18:d9:20:86:5d:6b:97:73:0e:c9:7a:
4a:4a:fb:19:98:db:7d:d6:af:10:4f:d8:e9:48:66:
67:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:FF:4C:15:7C:01:54:43:9C:39:BE:CE:41:78:9D:AC:A3:BB:1C:1A
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/7_9MFXwBVEOcOb7OQXidrKO7HBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.106.212.0/23
Signature Algorithm: sha256WithRSAEncryption
14:a8:e5:b7:07:0d:90:28:ef:34:ad:dd:01:ff:e6:a6:a7:79:
ae:18:23:55:14:e1:bd:5e:6d:22:f2:6e:59:08:cb:35:85:08:
fc:bd:57:57:10:b1:86:fc:2c:6c:df:8d:08:aa:40:3f:e4:82:
28:ed:b9:58:82:67:1c:bf:f1:88:fc:e5:6d:b8:99:7f:fc:50:
19:b2:c8:02:49:b7:76:74:0e:c4:e8:01:8e:6d:e7:07:7a:2a:
4e:0d:15:eb:42:aa:53:4f:4f:35:6a:90:78:6a:9e:14:81:25:
82:69:c2:d3:3e:6c:59:2a:d9:ab:af:ca:99:9f:31:91:e0:de:
5d:b9:57:24:01:9a:f5:35:53:50:da:77:08:b9:7e:5c:c1:fb:
a2:68:d8:4e:1b:e3:3b:10:8f:f2:a4:8f:28:96:1f:15:07:e1:
61:b1:3b:03:a6:39:37:7d:26:1c:d5:91:c9:22:df:b0:57:76:
d6:b9:b0:2d:fc:22:b0:e8:65:e7:34:df:77:64:06:5b:54:4e:
97:4e:2b:6e:45:17:00:62:01:86:e3:af:ec:99:f4:3d:13:b3:
fc:62:08:82:b0:f8:0b:d4:77:77:52:0a:29:10:f5:ae:37:02:
bb:6b:cb:5b:cd:b8:02:96:60:72:79:3e:e7:26:36:99:3f:2e:
ef:a0:0c:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDpmn91ukgB9p41xjilcwymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNzI1MTExNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmZmNGMxNTdjMDE1NDQzOWMzOWJlY2U0MTc4OWRhY2EzYmIxYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWkGWEdj/5rQ3MGo7MobnLfNulI1
6xdTt102tQipK9Y8+ROkCvhvEJkQDVOdsoOt1hUd/z8UnJ+buEp/EsRuN4Fz7qeW
PPP0UA5ey5wYrDRKpsll9h+ssD9Z5DQtamw58iA6XpZn8hqwX/+4tyzRibaAXUnQ
IgzAeEgDfSaNBn1UFDYNFQZMSmd4hVv0Wg/viWQQyb5nxxhcocc69gIxM7hcLVuQ
BEKx7LRti8mDrmV89OHlz9rVYyG8UONloS7AvlVQP6TuUXZ3c6PDdRC/cxIJeX/Z
Y1WSMyE2W886rO5YqjYNGNkghl1rl3MOyXpKSvsZmNt91q8QT9jpSGZnfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO//TBV8AVRDnDm+zkF4nayjuxwaMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvN185TUZYd0JWRU9jT2I3T1FYaWRyS083SEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwmrUMA0G
CSqGSIb3DQEBCwUAA4IBAQAUqOW3Bw2QKO80rd0B/+amp3muGCNVFOG9Xm0i8m5Z
CMs1hQj8vVdXELGG/Cxs340IqkA/5IIo7blYgmccv/GI/OVtuJl//FAZssgCSbd2
dA7E6AGObecHeipODRXrQqpTT081apB4ap4UgSWCacLTPmxZKtmrr8qZnzGR4N5d
uVckAZr1NVNQ2ncIuX5cwfuiaNhOG+M7EI/ypI8olh8VB+FhsTsDpjk3fSYc1ZHJ
It+wV3bWubAt/CKw6GXnNN93ZAZbVE6XTituRRcAYgGG46/smfQ9E7P8YgiCsPgL
1Hd3UgopEPWuNwK7a8tbzbgClmByeT7nJjaZPy7voAzC
-----END CERTIFICATE-----
Generated at Fri Jul 26 10:21:39 2024 by rpki-client on console-fra.rpki-client.org