Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/e197fc-7bf1-4ec5-ab4e-5cabe6d54c93/1/K9n3HPsbfXX8xXc_vuaxRy9_U88.roa
File: K9n3HPsbfXX8xXc_vuaxRy9_U88.roa (raw, json)
Hash identifier: Sw8M4MiYLMbQo1w4h2FdOyOK3cAUoB3tou2UCEMEDBs=
Subject key identifier: 2B:D9:F7:1C:FB:1B:7D:75:FC:C5:77:3F:BE:E6:B1:47:2F:7F:53:CF
Certificate issuer: /CN=f25b336456b47dfc0f39dc91a6b882a4aabbeab3
Certificate serial: 018CC26CEE5E6B034247DED2891605CCF1F9
Authority key identifier: F2:5B:33:64:56:B4:7D:FC:0F:39:DC:91:A6:B8:82:A4:AA:BB:EA:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8lszZFa0ffwPOdyRpriCpKq76rM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/e197fc-7bf1-4ec5-ab4e-5cabe6d54c93/1/K9n3HPsbfXX8xXc_vuaxRy9_U88.roa
Signing time: Mon 01 Jan 2024 00:29:27 +0000
ROA not before: Mon 01 Jan 2024 00:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 194.76.217.0/24 maxlen: 24
194.76.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:ee:5e:6b:03:42:47:de:d2:89:16:05:cc:f1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f25b336456b47dfc0f39dc91a6b882a4aabbeab3
Validity
Not Before: Jan 1 00:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bd9f71cfb1b7d75fcc5773fbee6b1472f7f53cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bc:d7:4b:df:50:2f:be:8a:d0:ef:43:f2:e0:
c1:30:a6:4d:dc:e9:f1:b6:13:ae:7f:d7:3b:2d:02:
6b:b3:01:42:a0:80:a4:7d:1a:ad:91:63:65:58:3e:
8e:b6:dd:62:e0:34:4f:75:89:13:8e:29:ba:d7:41:
2a:42:79:41:d6:7b:f8:3d:8b:0f:4f:16:6a:b0:f6:
e8:aa:e7:ce:8d:7e:70:8a:c0:57:93:85:3a:0d:a0:
e3:6b:51:4c:58:86:4c:bf:7a:6a:12:28:42:6c:a8:
70:a4:9f:f8:51:45:96:89:86:f9:35:67:86:38:83:
2d:29:39:69:c9:37:65:a1:6e:e9:93:58:58:64:8f:
2c:51:9a:12:06:40:58:32:26:f1:da:67:a5:b2:fa:
c8:c7:06:28:e1:66:c8:06:dc:47:a5:54:a5:3e:ff:
26:5d:6f:11:99:3f:78:47:e3:a4:b7:9c:82:b0:59:
fb:80:fc:e3:2c:ee:3e:61:6f:f4:b2:9a:a4:1a:77:
03:e7:e0:03:74:e1:31:56:66:cf:d0:6e:b1:8e:ed:
3e:18:33:7e:da:80:ad:dc:f0:e8:ef:51:a1:84:b0:
03:ea:8d:fe:7f:d0:ec:5f:e3:bd:30:ef:50:3e:f2:
65:fb:0e:b1:06:aa:f5:1d:51:8f:a4:bf:2c:bb:6a:
a2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D9:F7:1C:FB:1B:7D:75:FC:C5:77:3F:BE:E6:B1:47:2F:7F:53:CF
X509v3 Authority Key Identifier:
keyid:F2:5B:33:64:56:B4:7D:FC:0F:39:DC:91:A6:B8:82:A4:AA:BB:EA:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8lszZFa0ffwPOdyRpriCpKq76rM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e197fc-7bf1-4ec5-ab4e-5cabe6d54c93/1/K9n3HPsbfXX8xXc_vuaxRy9_U88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e197fc-7bf1-4ec5-ab4e-5cabe6d54c93/1/8lszZFa0ffwPOdyRpriCpKq76rM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.217.0-194.76.218.255
Signature Algorithm: sha256WithRSAEncryption
8e:ea:62:f4:f2:c7:9f:9d:ce:59:81:e4:c7:20:3e:16:e0:a4:
57:0d:77:f3:5d:d6:00:13:5a:aa:a8:58:c1:b6:54:b7:d3:8c:
51:f0:4b:93:8b:45:52:05:ab:ca:eb:7e:af:93:e5:d7:6b:d9:
39:cd:a7:85:ee:44:23:d1:d6:be:dd:c9:69:29:b9:31:3f:13:
49:65:50:74:b6:1d:c7:fd:44:66:bb:e9:91:c5:a5:05:11:16:
ab:b0:a5:8b:4b:0c:64:a1:3b:6a:6b:e0:ef:40:57:9d:d9:3c:
bb:16:db:91:6a:2a:bc:15:d9:ed:9c:41:54:48:62:39:8a:78:
c5:49:3a:9b:bd:0f:56:1c:53:ac:04:6c:4c:97:b7:96:75:b3:
2c:b6:62:c4:1a:cd:02:58:ea:a1:ff:50:96:c6:6c:9d:df:02:
37:e4:f9:a6:c3:6d:e8:dc:a7:82:31:7f:c3:b3:e4:f2:98:33:
fb:44:71:0a:1e:ad:b4:7e:99:16:18:59:60:22:db:20:2c:15:
56:22:1a:9c:94:60:92:89:9b:a6:e7:c5:ca:ad:4e:f0:f0:41:
d1:cf:d1:ff:a6:67:f6:d8:90:6e:ef:c1:52:52:b5:93:91:13:
09:eb:fb:20:33:20:c5:9a:6d:f4:60:01:3f:42:61:a8:8c:85:
2c:6e:48:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbO5eawNCR97SiRYFzPH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNWIzMzY0NTZiNDdkZmMwZjM5ZGM5MWE2Yjg4MmE0YWFi
YmVhYjMwHhcNMjQwMTAxMDAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ5ZjcxY2ZiMWI3ZDc1ZmNjNTc3M2ZiZWU2YjE0NzJmN2Y1M2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLzXS99QL76K0O9D8uDBMKZN3Onx
thOuf9c7LQJrswFCoICkfRqtkWNlWD6Ott1i4DRPdYkTjim610EqQnlB1nv4PYsP
TxZqsPboqufOjX5wisBXk4U6DaDja1FMWIZMv3pqEihCbKhwpJ/4UUWWiYb5NWeG
OIMtKTlpyTdloW7pk1hYZI8sUZoSBkBYMibx2melsvrIxwYo4WbIBtxHpVSlPv8m
XW8RmT94R+Okt5yCsFn7gPzjLO4+YW/0spqkGncD5+ADdOExVmbP0G6xju0+GDN+
2oCt3PDo71GhhLAD6o3+f9DsX+O9MO9QPvJl+w6xBqr1HVGPpL8su2qiXwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCvZ9xz7G311/MV3P77msUcvf1PPMB8GA1UdIwQY
MBaAFPJbM2RWtH38Dznckaa4gqSqu+qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGxzelpGYTBmZndQT2R5UnByaUNwS3E3NnJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9lMTk3ZmMtN2JmMS00ZWM1LWFiNGUt
NWNhYmU2ZDU0YzkzLzEvSzluM0hQc2JmWFg4eFhjX3Z1YXhSeTlfVTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9lMTk3ZmMtN2JmMS00ZWM1LWFiNGUtNWNhYmU2ZDU0Yzkz
LzEvOGxzelpGYTBmZndQT2R5UnByaUNwS3E3NnJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCTNkD
BADCTNowDQYJKoZIhvcNAQELBQADggEBAI7qYvTyx5+dzlmB5McgPhbgpFcNd/Nd
1gATWqqoWMG2VLfTjFHwS5OLRVIFq8rrfq+T5ddr2TnNp4XuRCPR1r7dyWkpuTE/
E0llUHS2Hcf9RGa76ZHFpQURFquwpYtLDGShO2pr4O9AV53ZPLsW25FqKrwV2e2c
QVRIYjmKeMVJOpu9D1YcU6wEbEyXt5Z1syy2YsQazQJY6qH/UJbGbJ3fAjfk+abD
bejcp4Ixf8Oz5PKYM/tEcQoerbR+mRYYWWAi2yAsFVYiGpyUYJKJm6bnxcqtTvDw
QdHP0f+mZ/bYkG7vwVJStZOREwnr+yAzIMWabfRgAT9CYaiMhSxuSM4=
-----END CERTIFICATE-----
Generated at Thu Aug 8 10:58:18 2024 by rpki-client on console-fra.rpki-client.org