Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/iUOlUJ1w6zmdxizyzUhFZAZgVz8.roa
File: iUOlUJ1w6zmdxizyzUhFZAZgVz8.roa (raw, json)
Hash identifier: OeThQdwmsWqBK7v+XyIoNaKT5CaR0lxZstQERaes2TY=
Subject key identifier: 89:43:A5:50:9D:70:EB:39:9D:C6:2C:F2:CD:48:45:64:06:60:57:3F
Certificate issuer: /CN=bb8321c05d501edb499190c0c4a3089d246c5b76
Certificate serial: 01840ECFD501B82507B1AC3F03E350526F71
Authority key identifier: BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/iUOlUJ1w6zmdxizyzUhFZAZgVz8.roa
Signing time: Tue 25 Oct 2022 11:03:32 +0000
ROA not before: Tue 25 Oct 2022 11:03:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211439
IP address blocks: 37.44.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:cf:d5:01:b8:25:07:b1:ac:3f:03:e3:50:52:6f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8321c05d501edb499190c0c4a3089d246c5b76
Validity
Not Before: Oct 25 11:03:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8943a5509d70eb399dc62cf2cd4845640660573f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f8:ce:9b:96:97:63:d2:73:cc:11:19:01:3b:
81:cb:82:99:a9:b4:08:ca:3c:b1:67:42:32:98:d7:
9c:83:5c:6d:fe:42:89:8a:55:29:c7:d6:db:2d:89:
72:5c:1e:61:da:8a:e5:ea:08:e6:05:19:d7:a1:85:
eb:27:a8:88:3d:0e:fb:61:53:33:86:39:6b:77:3a:
aa:4c:51:af:ec:af:f0:54:39:01:88:bc:3f:f6:fa:
ef:fa:ae:b9:a2:b0:84:a5:26:4a:3c:84:4d:52:a9:
3e:59:5c:fe:06:47:c3:75:89:7b:ec:b0:c9:b5:08:
e9:be:54:98:a7:2b:13:43:e1:37:4f:3e:d9:47:fd:
42:b9:73:e9:17:ad:22:29:91:30:64:94:63:b6:70:
0d:ad:50:6c:e3:9c:ac:cc:d2:e5:d9:c2:13:6d:f2:
9f:70:26:b5:ef:2f:4c:d8:0e:cb:da:05:1c:bc:ae:
70:0e:c5:2f:5b:17:48:a8:6e:e9:bc:46:20:ba:0e:
97:3a:8d:31:1d:45:a4:f3:99:ba:50:c4:e7:be:f9:
cb:a6:3a:96:06:26:2e:71:e3:c6:ef:ef:4c:44:31:
ba:ff:10:2a:1d:06:f8:f1:5b:a9:66:99:21:fb:57:
0e:0f:0c:7c:a5:a4:ee:9f:d7:11:7c:5d:fb:8b:81:
76:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:43:A5:50:9D:70:EB:39:9D:C6:2C:F2:CD:48:45:64:06:60:57:3F
X509v3 Authority Key Identifier:
keyid:BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/iUOlUJ1w6zmdxizyzUhFZAZgVz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/u4MhwF1QHttJkZDAxKMInSRsW3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.215.0/24
Signature Algorithm: sha256WithRSAEncryption
89:c0:82:1e:3d:a1:c6:bd:60:7c:b8:e5:3d:05:ec:7c:e8:85:
b5:ac:fd:bd:b6:47:f7:54:92:ce:90:26:dd:6d:ae:cc:f1:8d:
3c:24:37:3a:c9:35:d5:e6:12:05:08:f5:e3:51:86:48:5d:9a:
06:06:bc:3c:06:ba:8b:c7:30:c6:52:0c:67:00:ac:b7:3e:89:
80:9a:c2:82:77:c0:4e:d1:86:35:e7:6d:cd:87:b4:a5:32:4e:
5d:15:29:de:50:c3:e7:93:98:b6:28:df:1d:a1:fe:37:67:5f:
7e:01:5c:ca:ad:d6:18:d4:68:c6:c4:b7:91:3e:8b:89:85:3d:
a1:27:ff:9e:98:bd:38:3a:60:41:85:95:57:06:25:d4:b7:a5:
89:35:d0:eb:f5:8e:5a:90:41:4a:a7:1d:8a:42:78:99:a1:90:
fa:dd:09:70:65:9e:d4:65:71:ca:c5:2b:bb:27:f5:ea:cb:ee:
66:cb:80:f7:7f:a8:c1:92:ce:d5:48:51:95:9a:95:da:16:b7:
2d:28:30:4f:e2:a9:81:92:5b:ff:88:61:5b:c7:31:7f:9b:d9:
bb:2d:1a:f7:68:96:e2:b9:15:25:ab:be:f6:49:03:ce:cb:03:
22:cf:75:1a:2a:5a:64:a8:a4:45:f7:22:d5:66:5b:72:ae:0e:
50:76:d4:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQOz9UBuCUHsaw/A+NQUm9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMyMWMwNWQ1MDFlZGI0OTkxOTBjMGM0YTMwODlkMjQ2
YzViNzYwHhcNMjIxMDI1MTEwMzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQzYTU1MDlkNzBlYjM5OWRjNjJjZjJjZDQ4NDU2NDA2NjA1NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfjOm5aXY9JzzBEZATuBy4KZqbQI
yjyxZ0IymNecg1xt/kKJilUpx9bbLYlyXB5h2orl6gjmBRnXoYXrJ6iIPQ77YVMz
hjlrdzqqTFGv7K/wVDkBiLw/9vrv+q65orCEpSZKPIRNUqk+WVz+BkfDdYl77LDJ
tQjpvlSYpysTQ+E3Tz7ZR/1CuXPpF60iKZEwZJRjtnANrVBs45yszNLl2cITbfKf
cCa17y9M2A7L2gUcvK5wDsUvWxdIqG7pvEYgug6XOo0xHUWk85m6UMTnvvnLpjqW
BiYucePG7+9MRDG6/xAqHQb48VupZpkh+1cODwx8paTun9cRfF37i4F2HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlDpVCdcOs5ncYs8s1IRWQGYFc/MB8GA1UdIwQY
MBaAFLuDIcBdUB7bSZGQwMSjCJ0kbFt2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWIt
NWQ0MmUxZmE0NWI5LzEvaVVPbFVKMXc2em1keGl6eXpVaEZaQVpnVno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWItNWQ0MmUxZmE0NWI5
LzEvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSzXMA0G
CSqGSIb3DQEBCwUAA4IBAQCJwIIePaHGvWB8uOU9Bex86IW1rP29tkf3VJLOkCbd
ba7M8Y08JDc6yTXV5hIFCPXjUYZIXZoGBrw8BrqLxzDGUgxnAKy3PomAmsKCd8BO
0YY1523Nh7SlMk5dFSneUMPnk5i2KN8dof43Z19+AVzKrdYY1GjGxLeRPouJhT2h
J/+emL04OmBBhZVXBiXUt6WJNdDr9Y5akEFKpx2KQniZoZD63QlwZZ7UZXHKxSu7
J/Xqy+5my4D3f6jBks7VSFGVmpXaFrctKDBP4qmBklv/iGFbxzF/m9m7LRr3aJbi
uRUlq772SQPOywMiz3UaKlpkqKRF9yLVZltyrg5QdtT9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:18 2024 by rpki-client on console-ams.rpki-client.org