Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/w2AMmSA0sbLbymNWQBZ05mzQIvY.roa
File: w2AMmSA0sbLbymNWQBZ05mzQIvY.roa (raw, json)
Hash identifier: UYUu9eOhgW1ao6NAntNVing9gpLVS5VwC6i1IArrelg=
Subject key identifier: C3:60:0C:99:20:34:B1:B2:DB:CA:63:56:40:16:74:E6:6C:D0:22:F6
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018572FA5E4E656D17FC775ACD9C69FCEC5F
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/w2AMmSA0sbLbymNWQBZ05mzQIvY.roa
Signing time: Mon 02 Jan 2023 14:54:48 +0000
ROA not before: Mon 02 Jan 2023 14:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49635
IP address blocks: 213.192.233.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5e:4e:65:6d:17:fc:77:5a:cd:9c:69:fc:ec:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 14:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3600c992034b1b2dbca6356401674e66cd022f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e2:08:ee:33:03:13:26:9d:99:2b:3e:e6:fe:
36:aa:3f:6f:08:e2:de:ee:76:44:bc:a6:a4:80:f2:
e3:c6:0e:ac:5b:f3:f9:38:07:69:21:74:b9:b9:cb:
44:9b:29:b2:34:25:b4:c8:e4:f4:41:5b:f1:ef:cc:
b5:26:22:03:a1:ce:a1:cc:17:56:8f:38:2f:7f:a5:
a8:51:2f:fe:bd:fc:b1:4f:55:e0:22:bd:ae:bb:10:
92:19:8f:8b:f1:c9:5d:87:ac:6a:76:f1:07:cb:3d:
d5:bb:0c:65:00:a1:da:a0:88:96:22:63:19:bc:e4:
6f:58:4c:ff:ef:9b:41:92:ec:3c:29:35:96:18:11:
ea:3f:0a:54:98:06:e6:fa:a4:c9:21:68:18:70:83:
b6:db:d4:5f:78:1a:62:d5:78:7a:03:c0:70:1a:2c:
dc:b8:2d:05:fc:5f:f7:07:a3:8e:f5:4b:18:83:f7:
7d:26:52:66:0c:46:6a:73:85:4d:54:46:56:b5:f5:
55:14:55:1d:bf:b8:5a:28:24:34:cc:d4:16:72:dc:
e3:d2:11:8c:4b:ec:53:f6:c1:44:1a:de:40:41:6b:
00:41:98:a7:43:23:f8:09:5d:de:89:b6:e6:28:71:
3d:04:70:88:b0:9a:ed:be:26:7e:40:52:78:c3:f6:
00:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:60:0C:99:20:34:B1:B2:DB:CA:63:56:40:16:74:E6:6C:D0:22:F6
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/w2AMmSA0sbLbymNWQBZ05mzQIvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.233.0/24
Signature Algorithm: sha256WithRSAEncryption
35:fa:98:2b:8e:38:48:b0:6f:04:13:ba:2d:1e:47:63:82:7e:
86:7d:4f:a5:81:26:0c:fb:7d:44:56:82:b7:b1:f4:9a:6a:94:
21:34:ff:de:61:ab:61:6f:a6:9d:95:15:1e:ab:14:d4:1c:14:
87:b2:49:f3:8e:81:95:4b:03:e2:98:c6:3b:c4:9a:89:8c:a1:
04:73:08:b7:78:42:15:91:dc:85:57:05:d8:54:bf:57:bd:b3:
7f:8f:30:11:b6:cc:4e:13:11:5b:eb:53:ef:39:80:7d:5f:c5:
cb:a5:8b:37:3d:a4:65:04:00:25:75:fc:f5:0c:2f:cd:83:29:
f4:29:c6:a5:3c:e7:a6:73:15:05:93:b3:3d:fd:b5:91:a9:47:
3a:53:e4:4a:8d:20:78:23:d5:5d:92:b0:62:9e:66:8f:08:cf:
3f:e5:cc:6c:11:60:e4:de:02:b1:f5:12:f0:1a:c2:8d:fe:74:
e0:da:bc:0a:28:51:5e:81:da:6a:41:d2:9f:44:94:35:9e:70:
dc:50:a7:b1:39:16:03:bb:1f:dc:8d:b5:71:94:4e:86:86:07:
d0:be:69:27:dd:ea:68:5a:f5:34:a8:27:c1:bd:78:a1:8e:b8:
84:0d:af:fd:0d:de:f5:36:68:09:cc:ff:96:67:4b:ed:a0:1b:
a4:3b:7e:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+l5OZW0X/HdazZxp/OxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMTAyMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzYwMGM5OTIwMzRiMWIyZGJjYTYzNTY0MDE2NzRlNjZjZDAyMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOII7jMDEyadmSs+5v42qj9vCOLe
7nZEvKakgPLjxg6sW/P5OAdpIXS5uctEmymyNCW0yOT0QVvx78y1JiIDoc6hzBdW
jzgvf6WoUS/+vfyxT1XgIr2uuxCSGY+L8cldh6xqdvEHyz3VuwxlAKHaoIiWImMZ
vORvWEz/75tBkuw8KTWWGBHqPwpUmAbm+qTJIWgYcIO229RfeBpi1Xh6A8BwGizc
uC0F/F/3B6OO9UsYg/d9JlJmDEZqc4VNVEZWtfVVFFUdv7haKCQ0zNQWctzj0hGM
S+xT9sFEGt5AQWsAQZinQyP4CV3eibbmKHE9BHCIsJrtviZ+QFJ4w/YApwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMNgDJkgNLGy28pjVkAWdOZs0CL2MB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvdzJBTW1TQTBzYkxieW1OV1FCWjA1bXpRSXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1cDpMA0G
CSqGSIb3DQEBCwUAA4IBAQA1+pgrjjhIsG8EE7otHkdjgn6GfU+lgSYM+31EVoK3
sfSaapQhNP/eYathb6adlRUeqxTUHBSHsknzjoGVSwPimMY7xJqJjKEEcwi3eEIV
kdyFVwXYVL9XvbN/jzARtsxOExFb61PvOYB9X8XLpYs3PaRlBAAldfz1DC/Ngyn0
KcalPOemcxUFk7M9/bWRqUc6U+RKjSB4I9VdkrBinmaPCM8/5cxsEWDk3gKx9RLw
GsKN/nTg2rwKKFFegdpqQdKfRJQ1nnDcUKexORYDux/cjbVxlE6GhgfQvmkn3epo
WvU0qCfBvXihjriEDa/9Dd71NmgJzP+WZ0vtoBukO37T
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:33 2023 by rpki-client on console-ams.rpki-client.org