Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/1-7m2LTz71X3wlRMSHor-4Og7BoU.roa
File: 1-7m2LTz71X3wlRMSHor-4Og7BoU.roa (raw, json)
Hash identifier: pHM25oiXNQbIiPXNJ94rZzXRDSHjUHrOGZK+77HFjrs=
Subject key identifier: FB:B9:B6:2D:3C:FB:D5:7D:F0:95:13:12:1E:8A:FE:E0:E8:3B:06:85
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018572FA6143979AD67BBA1EF1D5C0108380
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/1-7m2LTz71X3wlRMSHor-4Og7BoU.roa
Signing time: Mon 02 Jan 2023 14:54:49 +0000
ROA not before: Mon 02 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208027
IP address blocks: 213.192.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:61:43:97:9a:d6:7b:ba:1e:f1:d5:c0:10:83:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbb9b62d3cfbd57df09513121e8afee0e83b0685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:7d:83:bb:73:10:e5:de:ce:e9:d3:2c:8c:
16:2d:69:18:bc:de:17:a1:36:2f:72:05:bb:86:d8:
c8:e2:05:fd:e2:30:94:d4:f1:f5:d6:6a:49:bf:3e:
e5:f1:9a:8e:e1:57:ca:8b:2b:de:98:8d:cc:eb:41:
87:cd:87:86:38:eb:90:b0:2d:ca:d1:36:e6:67:8f:
4e:d3:a2:8d:e7:18:50:99:c5:fd:1b:33:80:c3:81:
24:01:b2:ac:bb:ea:ac:09:79:c4:ae:81:25:f5:6d:
72:28:3a:ee:a8:c6:b4:03:c8:5c:2b:15:6d:b0:85:
f8:02:75:90:a9:90:3e:f4:e1:06:21:e6:f8:61:5a:
26:99:60:f1:39:9d:2a:b7:45:9f:07:eb:14:d0:59:
c6:d8:33:85:d2:db:61:24:fc:e4:3a:b2:53:36:90:
e4:9e:58:d9:9b:4d:bc:7b:81:9a:64:77:b2:70:8d:
95:33:41:03:48:1e:fa:61:5f:12:d4:85:63:44:ef:
4a:13:d8:8c:79:51:89:1f:b4:a0:29:1e:29:d8:02:
df:9d:12:54:0f:6c:72:45:5f:77:ef:b7:6e:08:9b:
96:42:21:fc:c3:68:1b:b3:8a:a7:82:61:1f:b4:10:
e4:3f:3c:ec:c9:11:90:6b:38:aa:c1:83:7c:5f:92:
d7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B9:B6:2D:3C:FB:D5:7D:F0:95:13:12:1E:8A:FE:E0:E8:3B:06:85
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/1-7m2LTz71X3wlRMSHor-4Og7BoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
da:09:55:65:6d:9b:a1:bd:c8:58:e2:ec:83:5f:9c:c2:95:b2:
38:38:50:21:99:cc:a0:3c:ae:65:27:4c:9f:b3:91:96:0f:97:
23:85:35:97:f2:9f:e5:2b:bc:54:3b:99:ce:10:e9:30:34:70:
e3:28:39:8b:12:bd:2e:1a:aa:57:0f:fa:d7:1f:26:ee:26:01:
8d:13:32:30:89:b7:09:ad:4a:b8:6a:f0:17:e4:8f:d9:9a:f2:
f0:74:07:44:ad:f6:8f:71:6d:f0:56:e7:de:b2:2a:65:fc:3a:
22:81:c1:3e:3f:68:7e:eb:a1:1b:22:ee:bb:b1:f5:02:f6:5d:
c7:a5:db:ae:42:f9:25:de:ff:74:a8:6d:bf:97:9c:5c:df:9d:
5c:8a:b5:24:f7:fe:c7:7a:6a:07:13:70:8c:f9:29:d3:8c:38:
2d:d0:d9:32:24:04:ad:d4:69:7f:15:09:2b:51:e5:e4:32:67:
d4:f8:f6:9f:b6:19:b2:01:6e:c1:61:e9:de:59:25:37:c1:e4:
e6:3d:11:ae:9f:39:42:43:80:c0:85:84:9d:34:e0:cf:e6:8d:
48:ec:4d:57:e0:30:55:b2:3b:59:04:01:8d:2e:f1:82:24:81:
7c:e9:16:5d:4b:b0:f7:f8:dd:44:83:5a:b9:18:04:6c:51:43:
e8:4a:e8:4f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVy+mFDl5rWe7oe8dXAEIOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMTAyMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmI5YjYyZDNjZmJkNTdkZjA5NTEzMTIxZThhZmVlMGU4M2IwNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujZ9g7tzEOXezunTLIwWLWkYvN4X
oTYvcgW7htjI4gX94jCU1PH11mpJvz7l8ZqO4VfKiyvemI3M60GHzYeGOOuQsC3K
0TbmZ49O06KN5xhQmcX9GzOAw4EkAbKsu+qsCXnEroEl9W1yKDruqMa0A8hcKxVt
sIX4AnWQqZA+9OEGIeb4YVommWDxOZ0qt0WfB+sU0FnG2DOF0tthJPzkOrJTNpDk
nljZm028e4GaZHeycI2VM0EDSB76YV8S1IVjRO9KE9iMeVGJH7SgKR4p2ALfnRJU
D2xyRV9377duCJuWQiH8w2gbs4qngmEftBDkPzzsyRGQaziqwYN8X5LX1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPu5ti08+9V98JUTEh6K/uDoOwaFMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvMS03bTJMVHo3MVgzd2xSTVNIb3ItNE9nN0JvVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJh
Ni8xLzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXA1jAN
BgkqhkiG9w0BAQsFAAOCAQEA2glVZW2bob3IWOLsg1+cwpWyODhQIZnMoDyuZSdM
n7ORlg+XI4U1l/Kf5Su8VDuZzhDpMDRw4yg5ixK9LhqqVw/61x8m7iYBjRMyMIm3
Ca1KuGrwF+SP2Zry8HQHRK32j3Ft8Fbn3rIqZfw6IoHBPj9ofuuhGyLuu7H1AvZd
x6XbrkL5Jd7/dKhtv5ecXN+dXIq1JPf+x3pqBxNwjPkp04w4LdDZMiQErdRpfxUJ
K1Hl5DJn1Pj2n7YZsgFuwWHp3lklN8Hk5j0Rrp85QkOAwIWEnTTgz+aNSOxNV+Aw
VbI7WQQBjS7xgiSBfOkWXUuw9/jdRINauRgEbFFD6EroTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:51 2024 by rpki-client on console-fra.rpki-client.org