Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/8FnxR-fq_8EhWCiGjDHoLB-UFko.roa
File: 8FnxR-fq_8EhWCiGjDHoLB-UFko.roa (raw, json)
Hash identifier: epMcmLJLybzI1Rvb2B+HMUM3gXyKBEeiChCAlEKoG54=
Subject key identifier: F0:59:F1:47:E7:EA:FF:C1:21:58:28:86:8C:31:E8:2C:1F:94:16:4A
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 018E3243C58C787E3CB2D036D8B37C074BF5
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/8FnxR-fq_8EhWCiGjDHoLB-UFko.roa
Signing time: Tue 12 Mar 2024 10:44:46 +0000
ROA not before: Tue 12 Mar 2024 10:44:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 87.236.150.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c5:8c:78:7e:3c:b2:d0:36:d8:b3:7c:07:4b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Mar 12 10:44:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f059f147e7eaffc1215828868c31e82c1f94164a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e2:fe:30:de:82:31:1a:f0:d0:7d:b2:3a:95:
f1:32:a3:14:75:a3:9c:dd:d8:4d:c2:60:41:7c:60:
c2:07:3e:79:f8:11:7a:45:9a:81:a0:ff:c0:e8:68:
31:4e:a4:59:ed:e0:4b:6c:cf:1c:36:37:f9:02:37:
de:61:33:97:f5:ae:81:83:b6:91:4e:3e:d8:22:84:
9d:48:da:9f:75:93:1d:6b:98:ee:7c:15:4d:06:5a:
83:e0:25:c5:7f:52:91:14:4b:5f:f9:02:d5:1d:c0:
ac:bb:af:ff:09:dc:57:79:fc:58:65:c6:df:03:7d:
84:7d:7d:30:6d:43:e5:09:f3:5a:70:98:a5:fc:51:
22:b6:93:f5:3c:b1:ef:56:4c:f4:0e:9e:77:b0:2d:
bb:c6:d6:79:77:e0:98:44:52:82:7a:07:e0:26:2a:
59:42:cc:e1:68:62:1b:81:3d:08:93:ef:c2:92:1a:
e1:d3:06:36:c9:d0:4b:06:91:a3:03:ae:23:86:c1:
7a:19:c0:80:e8:5d:95:c5:38:56:9a:94:cc:0f:26:
f0:d9:80:85:72:3c:7c:f9:76:4c:b6:11:76:d7:50:
f3:83:8f:6d:36:19:e2:18:e2:61:77:d6:6e:37:c5:
17:86:9b:e2:60:2d:f9:72:24:aa:39:5c:b8:f1:95:
a7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:59:F1:47:E7:EA:FF:C1:21:58:28:86:8C:31:E8:2C:1F:94:16:4A
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/8FnxR-fq_8EhWCiGjDHoLB-UFko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.150.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:27:88:d1:be:68:a4:5a:57:7e:7b:a9:82:6e:0a:90:18:56:
9a:bb:3a:9a:d3:c1:fc:d0:d0:fe:10:bc:fb:75:dc:01:8d:67:
09:33:9b:b7:95:6d:a5:23:a4:40:f6:52:03:95:89:3b:65:ba:
a8:f5:46:c2:68:e7:82:98:ee:0d:a9:fe:64:33:cd:0f:61:cf:
d7:bd:9d:83:bf:01:aa:53:c6:65:bb:bb:50:5e:91:c6:a8:02:
66:82:10:ff:01:24:ea:1e:1b:86:9d:72:54:b7:c6:b0:c3:f1:
9d:06:81:b7:89:10:df:1e:f2:b9:6c:51:f8:f5:bb:49:91:53:
ff:39:d1:57:5a:d4:e3:72:a5:6d:a3:29:44:38:16:2e:7e:73:
3a:1e:64:2c:a3:b0:b8:b0:c3:84:ca:bb:79:65:35:a4:bf:78:
45:49:8b:17:4e:ad:7f:bc:f2:9c:1a:3c:08:a2:20:17:5b:92:
32:10:fb:b9:97:2a:58:79:be:de:4b:d3:8c:14:86:36:b1:8d:
d2:79:9f:6d:10:22:34:68:06:ae:e0:f9:52:f9:34:25:8b:6a:
be:bf:7c:00:97:05:c9:9b:78:8e:d2:56:11:8d:c7:38:7f:91:
ef:2e:e9:95:62:14:6e:7d:1e:45:c0:4c:7a:be:00:0b:fc:7a:
dc:fc:8e:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8WMeH48stA22LN8B0v1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjQwMzEyMTA0NDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDU5ZjE0N2U3ZWFmZmMxMjE1ODI4ODY4YzMxZTgyYzFmOTQxNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeL+MN6CMRrw0H2yOpXxMqMUdaOc
3dhNwmBBfGDCBz55+BF6RZqBoP/A6GgxTqRZ7eBLbM8cNjf5AjfeYTOX9a6Bg7aR
Tj7YIoSdSNqfdZMda5jufBVNBlqD4CXFf1KRFEtf+QLVHcCsu6//CdxXefxYZcbf
A32EfX0wbUPlCfNacJil/FEitpP1PLHvVkz0Dp53sC27xtZ5d+CYRFKCegfgJipZ
QszhaGIbgT0Ik+/Ckhrh0wY2ydBLBpGjA64jhsF6GcCA6F2VxThWmpTMDybw2YCF
cjx8+XZMthF211Dzg49tNhniGOJhd9ZuN8UXhpviYC35ciSqOVy48ZWngQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBZ8Ufn6v/BIVgohowx6CwflBZKMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvOEZueFItZnFfOEVoV0NpR2pESG9MQi1VRmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+yWMA0G
CSqGSIb3DQEBCwUAA4IBAQChJ4jRvmikWld+e6mCbgqQGFaauzqa08H80ND+ELz7
ddwBjWcJM5u3lW2lI6RA9lIDlYk7Zbqo9UbCaOeCmO4Nqf5kM80PYc/XvZ2DvwGq
U8Zlu7tQXpHGqAJmghD/ASTqHhuGnXJUt8aww/GdBoG3iRDfHvK5bFH49btJkVP/
OdFXWtTjcqVtoylEOBYufnM6HmQso7C4sMOEyrt5ZTWkv3hFSYsXTq1/vPKcGjwI
oiAXW5IyEPu5lypYeb7eS9OMFIY2sY3SeZ9tECI0aAau4PlS+TQli2q+v3wAlwXJ
m3iO0lYRjcc4f5HvLumVYhRufR5FwEx6vgAL/Hrc/I6B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org