Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Pc1XRD8YvhZIxT63f8gbx8iDsCg.roa
File: Pc1XRD8YvhZIxT63f8gbx8iDsCg.roa (raw, json)
Hash identifier: rkH4YX6JVaPnZpMMaUR5DDDlOSdqv2Nxo45J6Zd7rBo=
Subject key identifier: 3D:CD:57:44:3F:18:BE:16:48:C5:3E:B7:7F:C8:1B:C7:C8:83:B0:28
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 0186A736EF67B2E78F763E65EE5C27DEA9BE
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Pc1XRD8YvhZIxT63f8gbx8iDsCg.roa
Signing time: Fri 03 Mar 2023 11:24:00 +0000
ROA not before: Fri 03 Mar 2023 11:24:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8239
IP address blocks: 213.192.196.0/24 maxlen: 24
212.59.192.0/19 maxlen: 24
195.5.64.0/19 maxlen: 24
2001:ac0:c800::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:36:ef:67:b2:e7:8f:76:3e:65:ee:5c:27:de:a9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Mar 3 11:24:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dcd57443f18be1648c53eb77fc81bc7c883b028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:5e:d7:8c:bb:15:04:56:1c:23:66:12:1b:
98:b7:bd:70:d4:d0:33:a5:2e:9e:59:db:50:a1:4e:
c7:b5:a4:80:4c:da:bd:13:a8:01:f3:27:66:47:98:
99:8c:1f:30:05:c5:1f:62:d3:fa:52:c5:4c:c0:99:
15:72:37:79:17:ef:37:57:b3:29:6d:5f:52:2a:be:
63:82:ca:c7:ad:cb:df:ca:db:dc:12:37:f7:d3:13:
0f:c9:37:ca:17:5d:7a:76:23:60:3e:16:f3:5f:b8:
55:43:28:4f:26:e1:bf:72:02:b7:20:8d:5b:66:b7:
6e:2a:a9:f7:c6:17:4d:87:6c:a0:96:b7:ba:e1:a1:
3d:80:c8:73:74:d0:50:58:a5:7c:e3:fc:2d:3d:b7:
04:ad:e6:3d:9c:12:e6:09:82:e8:ba:5f:dc:24:f4:
fb:6d:e0:a5:3d:c1:41:13:a6:69:da:f4:b2:62:c0:
d4:84:a3:f9:3a:46:7d:32:50:b8:b2:48:89:6c:8d:
0f:66:36:13:cd:f5:06:77:bb:dd:a2:10:1a:21:04:
ba:93:1e:08:a7:55:42:d8:d9:12:46:74:57:59:16:
af:26:57:46:fe:75:c4:5c:d9:5e:28:6d:af:59:3b:
45:c2:17:45:11:3c:5a:4e:4b:23:78:5c:19:f7:1b:
15:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CD:57:44:3F:18:BE:16:48:C5:3E:B7:7F:C8:1B:C7:C8:83:B0:28
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Pc1XRD8YvhZIxT63f8gbx8iDsCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.64.0/19
212.59.192.0/19
213.192.196.0/24
IPv6:
2001:ac0:c800::/44
Signature Algorithm: sha256WithRSAEncryption
3f:64:76:8a:b6:4c:38:ee:b8:3c:50:5d:63:f2:b7:8c:20:a2:
a8:dd:32:61:a3:7a:a0:32:e9:aa:ba:c2:19:c7:a3:36:e8:32:
4b:14:ba:b7:6b:08:28:69:fc:48:8c:75:81:f0:a4:d6:72:c5:
4e:58:00:17:39:21:9e:a0:d6:39:a2:6b:50:17:5f:dc:4e:1d:
bf:72:6d:2b:37:2e:ac:26:52:da:32:0b:22:a5:6e:8b:ae:ed:
ab:4f:25:70:b9:14:ed:c3:ef:cc:00:80:92:4e:08:56:70:2e:
63:89:b4:b3:40:70:fd:e4:c5:98:4a:64:21:4f:05:d9:4c:29:
77:78:f7:9c:4d:ef:0b:2c:7a:63:08:c1:5b:5e:53:25:e1:b4:
5d:82:e8:1b:84:cf:e7:05:c6:14:19:a7:3e:bd:5c:86:b8:64:
00:88:42:86:0d:b6:a0:a6:71:e9:35:a3:c3:83:fe:58:dd:a3:
b0:54:0a:46:1a:d9:8d:77:33:ce:f9:fb:3a:d9:34:48:d3:7b:
b5:b8:a6:3d:5c:c0:ff:e9:5c:55:9f:bf:2f:a7:ae:6c:7a:3d:
79:7f:a7:e0:a3:be:42:21:58:b0:81:9d:18:36:96:34:0d:ad:
6c:aa:5c:e6:1e:18:e5:95:72:18:9f:45:0d:da:cc:9a:8b:06:
3e:ef:15:2d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYanNu9nsuePdj5l7lwn3qm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMzAzMTEyNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGNkNTc0NDNmMThiZTE2NDhjNTNlYjc3ZmM4MWJjN2M4ODNiMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG5e14y7FQRWHCNmEhuYt71w1NAz
pS6eWdtQoU7HtaSATNq9E6gB8ydmR5iZjB8wBcUfYtP6UsVMwJkVcjd5F+83V7Mp
bV9SKr5jgsrHrcvfytvcEjf30xMPyTfKF116diNgPhbzX7hVQyhPJuG/cgK3II1b
ZrduKqn3xhdNh2yglre64aE9gMhzdNBQWKV84/wtPbcEreY9nBLmCYLoul/cJPT7
beClPcFBE6Zp2vSyYsDUhKP5OkZ9MlC4skiJbI0PZjYTzfUGd7vdohAaIQS6kx4I
p1VC2NkSRnRXWRavJldG/nXEXNleKG2vWTtFwhdFETxaTksjeFwZ9xsVBwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD3NV0Q/GL4WSMU+t3/IG8fIg7AoMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvUGMxWFJEOFl2aFpJeFQ2M2Y4Z2J4OGlEc0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQFwwVAAwQF
1DvAAwQA1cDEMA8EAgACMAkDBwQgAQrAyAAwDQYJKoZIhvcNAQELBQADggEBAD9k
doq2TDjuuDxQXWPyt4wgoqjdMmGjeqAy6aq6whnHozboMksUurdrCChp/EiMdYHw
pNZyxU5YABc5IZ6g1jmia1AXX9xOHb9ybSs3LqwmUtoyCyKlbouu7atPJXC5FO3D
78wAgJJOCFZwLmOJtLNAcP3kxZhKZCFPBdlMKXd495xN7wssemMIwVteUyXhtF2C
6BuEz+cFxhQZpz69XIa4ZACIQoYNtqCmcek1o8OD/ljdo7BUCkYa2Y13M875+zrZ
NEjTe7W4pj1cwP/pXFWfvy+nrmx6PXl/p+CjvkIhWLCBnRg2ljQNrWyqXOYeGOWV
chifRQ3azJqLBj7vFS0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:02 2024 by rpki-client on console-ams.rpki-client.org