Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/vFVrQqjwwg7ziUfLFbzoD8y4TZU.roa
File: vFVrQqjwwg7ziUfLFbzoD8y4TZU.roa (raw, json)
Hash identifier: ADYkQ4zgWXi8jSrBxFqCa+LJRwN3FS8i6LyKWABM1Xs=
Subject key identifier: BC:55:6B:42:A8:F0:C2:0E:F3:89:47:CB:15:BC:E8:0F:CC:B8:4D:95
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 018FF2F8E3FD5BD92C7EFA09562311A12AAA
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/vFVrQqjwwg7ziUfLFbzoD8y4TZU.roa
Signing time: Fri 07 Jun 2024 13:52:28 +0000
ROA not before: Fri 07 Jun 2024 13:52:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 272825
IP address blocks: 88.135.69.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:f8:e3:fd:5b:d9:2c:7e:fa:09:56:23:11:a1:2a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Jun 7 13:52:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc556b42a8f0c20ef38947cb15bce80fccb84d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:45:e2:a7:8c:42:33:60:16:49:59:c7:f8:74:
60:22:0a:d3:88:17:30:fa:f0:44:a0:d3:12:d6:2f:
29:c6:c2:ad:65:96:8d:75:49:51:c8:0d:ec:34:86:
b8:e8:f8:64:27:b4:57:db:17:87:9d:6f:67:9b:85:
a4:24:60:80:4d:0d:88:a4:84:81:77:1b:87:b8:12:
68:c6:14:67:ce:62:14:77:e7:c8:1b:e2:09:9d:21:
af:2b:c6:c9:55:2f:d7:02:18:86:c2:ab:5e:8c:b7:
b5:30:ab:ef:55:1e:44:14:a7:85:8b:c8:c1:f7:1d:
5c:c0:c5:2f:fc:6e:3c:f9:30:a0:cd:74:cb:08:27:
55:43:5c:24:4e:74:68:f9:ab:29:b5:bc:b9:1c:d0:
f4:01:b8:7d:b3:4d:5b:1a:62:51:e3:bf:f2:ca:7f:
56:1d:46:fb:41:18:1c:32:b6:38:c9:0a:4f:a8:63:
5d:ae:c1:8a:06:ff:a4:16:b1:dd:91:67:df:db:33:
3e:bb:a6:b6:98:91:7a:cc:b1:f5:2d:3f:08:05:fa:
0e:1a:07:a9:49:11:20:0b:a8:9e:d9:f0:62:19:b5:
d0:01:34:f4:8c:cb:c9:b6:18:73:4f:95:f2:77:f5:
e2:61:f2:f2:d6:e1:fa:bb:78:31:af:af:77:11:7e:
00:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:55:6B:42:A8:F0:C2:0E:F3:89:47:CB:15:BC:E8:0F:CC:B8:4D:95
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/vFVrQqjwwg7ziUfLFbzoD8y4TZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.69.0/24
Signature Algorithm: sha256WithRSAEncryption
53:08:fa:25:2c:b7:fb:5f:76:7b:43:62:c6:ed:89:a1:e4:b5:
3e:64:7d:52:b0:0a:eb:84:7f:30:38:6f:87:00:46:f7:ad:78:
87:40:12:34:4c:a7:c9:49:3d:ff:d4:8f:b8:20:33:0f:14:99:
24:14:c4:e9:0d:cf:89:a0:39:26:d0:a4:a8:b3:ef:e0:2e:69:
3f:ad:53:0f:f1:43:01:70:69:19:2f:20:bc:2f:14:36:74:7a:
3b:0c:3c:11:20:a5:af:ad:17:6b:50:c6:4e:6c:1f:c8:2a:82:
b5:b9:17:c9:90:74:b9:84:b3:43:88:56:d0:ba:c2:64:23:30:
da:56:d4:0a:21:0a:35:30:04:68:3c:0f:83:0c:c1:58:f8:01:
5b:19:b9:66:f4:ea:b9:5b:3b:c7:49:ff:db:2f:83:bd:7a:ef:
26:91:5a:98:69:fd:28:f8:6d:65:0e:8a:33:51:0b:ba:c9:c9:
d6:2f:fb:f7:3a:2e:af:ee:a4:3e:ed:ed:b8:c6:53:05:9b:ca:
32:9d:2c:e8:a8:df:0d:81:bb:d9:0f:4c:82:78:42:c9:50:93:
18:12:f9:8d:c9:40:48:16:4f:c3:57:99:d9:22:da:dc:6b:f4:
f3:76:39:ba:4b:8f:76:cf:de:2f:f7:69:c3:a8:97:d8:d9:1f:
f5:3f:1c:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/y+OP9W9ksfvoJViMRoSqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjQwNjA3MTM1MjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzU1NmI0MmE4ZjBjMjBlZjM4OTQ3Y2IxNWJjZTgwZmNjYjg0ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUXip4xCM2AWSVnH+HRgIgrTiBcw
+vBEoNMS1i8pxsKtZZaNdUlRyA3sNIa46PhkJ7RX2xeHnW9nm4WkJGCATQ2IpISB
dxuHuBJoxhRnzmIUd+fIG+IJnSGvK8bJVS/XAhiGwqtejLe1MKvvVR5EFKeFi8jB
9x1cwMUv/G48+TCgzXTLCCdVQ1wkTnRo+asptby5HND0Abh9s01bGmJR47/yyn9W
HUb7QRgcMrY4yQpPqGNdrsGKBv+kFrHdkWff2zM+u6a2mJF6zLH1LT8IBfoOGgep
SREgC6ie2fBiGbXQATT0jMvJthhzT5Xyd/XiYfLy1uH6u3gxr693EX4AvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxVa0Ko8MIO84lHyxW86A/MuE2VMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvdkZWclFxand3Zzd6aVVmTEZiem9EOHk0VFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWIdFMA0G
CSqGSIb3DQEBCwUAA4IBAQBTCPolLLf7X3Z7Q2LG7Ymh5LU+ZH1SsArrhH8wOG+H
AEb3rXiHQBI0TKfJST3/1I+4IDMPFJkkFMTpDc+JoDkm0KSos+/gLmk/rVMP8UMB
cGkZLyC8LxQ2dHo7DDwRIKWvrRdrUMZObB/IKoK1uRfJkHS5hLNDiFbQusJkIzDa
VtQKIQo1MARoPA+DDMFY+AFbGblm9Oq5WzvHSf/bL4O9eu8mkVqYaf0o+G1lDooz
UQu6ycnWL/v3Oi6v7qQ+7e24xlMFm8oynSzoqN8NgbvZD0yCeELJUJMYEvmNyUBI
Fk/DV5nZItrca/Tzdjm6S492z94v92nDqJfY2R/1Pxzp
-----END CERTIFICATE-----
Generated at Thu Aug 1 16:11:53 2024 by rpki-client on console-fra.rpki-client.org