Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/cmnQk748iTC-Hy8xe7DNEGgoZKw.roa
File: cmnQk748iTC-Hy8xe7DNEGgoZKw.roa (raw, json)
Hash identifier: bxykpxWZszNXbKcfO9wYr8cIyzgo4jh/TP24gCFdXXY=
Subject key identifier: 72:69:D0:93:BE:3C:89:30:BE:1F:2F:31:7B:B0:CD:10:68:28:64:AC
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018572FA5FC13A9307B1C1C77B98C2542F48
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/cmnQk748iTC-Hy8xe7DNEGgoZKw.roa
Signing time: Mon 02 Jan 2023 14:54:49 +0000
ROA not before: Mon 02 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202097
IP address blocks: 213.192.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5f:c1:3a:93:07:b1:c1:c7:7b:98:c2:54:2f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7269d093be3c8930be1f2f317bb0cd10682864ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:4f:4a:ae:1d:ca:c1:99:0c:66:ad:47:91:04:
53:ca:d9:c8:1f:4e:d8:a1:8b:14:9a:21:71:b9:df:
d5:a1:a7:7b:86:bf:c4:66:4e:18:7d:77:8a:34:e7:
97:a9:06:7a:db:8f:06:bf:0b:c7:e9:25:11:e1:bd:
e6:d4:b2:cd:42:34:6a:54:c3:2b:f3:93:a3:27:c4:
59:72:2c:44:e9:76:20:f6:d4:a9:8f:08:64:75:ec:
e5:84:d2:62:17:03:f0:91:f9:90:fe:2b:85:5d:27:
e5:10:dc:74:5f:1c:e6:35:38:1b:1b:b1:8c:ac:0d:
fc:d3:24:17:3d:0b:9c:4b:a3:40:b2:67:2a:d5:75:
48:a8:fc:00:75:4b:d6:8c:a6:af:89:25:fe:95:dc:
ab:55:50:0e:1f:6f:1e:4a:5c:cf:86:de:5a:41:67:
4c:16:19:5a:bb:fd:13:23:9f:47:6c:bd:19:54:58:
15:b3:f3:00:61:ac:7e:f7:34:be:07:04:a2:93:82:
5a:8c:18:bc:fe:b0:12:d3:bc:e7:0c:e5:1c:2f:00:
0e:11:dc:60:18:4d:5b:91:c4:15:aa:b5:17:3a:ec:
cb:a0:04:58:6b:14:65:ad:61:71:20:f2:ae:02:52:
10:fd:db:e7:fb:d0:41:1f:69:d5:d2:e1:d9:52:a1:
41:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:69:D0:93:BE:3C:89:30:BE:1F:2F:31:7B:B0:CD:10:68:28:64:AC
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/cmnQk748iTC-Hy8xe7DNEGgoZKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.243.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:d8:03:8d:27:21:61:a6:3b:b9:6d:8c:50:63:b0:16:28:36:
38:b4:37:97:79:a2:87:f1:15:d4:75:cf:c2:a7:3c:d9:81:a4:
00:27:90:3d:8e:b8:42:97:d3:f1:e9:2e:39:75:27:9f:de:4f:
14:0c:4b:9f:59:4b:77:f9:6c:cb:31:01:a4:2b:79:21:04:79:
df:f1:3c:19:f9:82:bd:35:31:50:43:18:c4:5c:04:22:56:f1:
f1:09:a8:84:85:53:8c:56:34:40:84:89:fa:2c:bd:de:37:51:
87:cc:1c:b0:ff:32:7c:00:be:69:bb:45:78:35:35:69:93:be:
69:1c:5f:40:38:cb:1b:e5:01:33:fa:6a:7b:92:0b:a3:10:21:
27:48:69:e8:b4:8a:a5:45:05:dd:cd:67:0a:06:50:87:0d:d2:
3e:e9:41:1f:30:09:3a:75:e2:eb:fe:e4:02:da:b1:d1:fc:e9:
2b:a4:62:f1:db:c8:7a:91:85:82:c5:ad:91:ff:f2:4a:df:ac:
ad:22:bf:93:04:52:8e:c4:57:e3:93:c1:69:bc:f4:87:3e:30:
14:6c:0b:a2:83:2f:17:09:12:6d:ba:25:57:ff:a7:8b:d1:f7:
d7:fe:16:09:17:96:32:60:b5:36:21:d0:c6:81:21:48:be:94:
28:a3:0d:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+l/BOpMHscHHe5jCVC9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMTAyMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjY5ZDA5M2JlM2M4OTMwYmUxZjJmMzE3YmIwY2QxMDY4Mjg2NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgE9Krh3KwZkMZq1HkQRTytnIH07Y
oYsUmiFxud/Voad7hr/EZk4YfXeKNOeXqQZ6248GvwvH6SUR4b3m1LLNQjRqVMMr
85OjJ8RZcixE6XYg9tSpjwhkdezlhNJiFwPwkfmQ/iuFXSflENx0XxzmNTgbG7GM
rA380yQXPQucS6NAsmcq1XVIqPwAdUvWjKaviSX+ldyrVVAOH28eSlzPht5aQWdM
Fhlau/0TI59HbL0ZVFgVs/MAYax+9zS+BwSik4JajBi8/rAS07znDOUcLwAOEdxg
GE1bkcQVqrUXOuzLoARYaxRlrWFxIPKuAlIQ/dvn+9BBH2nV0uHZUqFBPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJp0JO+PIkwvh8vMXuwzRBoKGSsMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvY21uUWs3NDhpVEMtSHk4eGU3RE5FR2dvWkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1cDzMA0G
CSqGSIb3DQEBCwUAA4IBAQDr2AONJyFhpju5bYxQY7AWKDY4tDeXeaKH8RXUdc/C
pzzZgaQAJ5A9jrhCl9Px6S45dSef3k8UDEufWUt3+WzLMQGkK3khBHnf8TwZ+YK9
NTFQQxjEXAQiVvHxCaiEhVOMVjRAhIn6LL3eN1GHzByw/zJ8AL5pu0V4NTVpk75p
HF9AOMsb5QEz+mp7kgujECEnSGnotIqlRQXdzWcKBlCHDdI+6UEfMAk6deLr/uQC
2rHR/OkrpGLx28h6kYWCxa2R//JK36ytIr+TBFKOxFfjk8FpvPSHPjAUbAuigy8X
CRJtuiVX/6eL0ffX/hYJF5YyYLU2IdDGgSFIvpQoow2F
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:43 2023 by rpki-client on console-fra.rpki-client.org