Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/df4dd6-b423-4292-9634-accf261e5c19/1/RuIVmexVc_fMnIbMZz0FLegC0dY.roa
File: RuIVmexVc_fMnIbMZz0FLegC0dY.roa (raw, json)
Hash identifier: EB7JDBuc2h3KmqQmvnnOvWanHeK6qDaT7gUpeW5vN8w=
Subject key identifier: 46:E2:15:99:EC:55:73:F7:CC:9C:86:CC:67:3D:05:2D:E8:02:D1:D6
Certificate issuer: /CN=6e1a5543a72b515787f29e84f8f1ab4fd2f1bbf2
Certificate serial: 069F1A18
Authority key identifier: 6E:1A:55:43:A7:2B:51:57:87:F2:9E:84:F8:F1:AB:4F:D2:F1:BB:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bhpVQ6crUVeH8p6E-PGrT9Lxu_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/df4dd6-b423-4292-9634-accf261e5c19/1/RuIVmexVc_fMnIbMZz0FLegC0dY.roa
Signing time: Sat 01 Jan 2022 06:05:10 +0000
ROA not before: Sat 01 Jan 2022 06:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 188.95.14.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111090200 (0x69f1a18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e1a5543a72b515787f29e84f8f1ab4fd2f1bbf2
Validity
Not Before: Jan 1 06:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46e21599ec5573f7cc9c86cc673d052de802d1d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:74:b2:62:e8:b0:36:f9:f6:c9:69:ad:fb:21:
99:25:63:a9:9e:5d:9d:e5:da:86:13:da:70:32:cf:
b0:fe:63:39:ad:30:1d:92:b6:e7:88:ed:e9:af:a7:
ef:50:45:d5:9c:62:44:61:50:ca:84:9e:15:72:92:
bf:60:6d:5c:13:4a:d4:6f:5a:25:9d:af:bd:49:ed:
cc:80:e5:5a:2c:82:3f:fa:63:14:f8:c5:0c:78:19:
c3:38:68:b8:67:88:fb:2b:73:37:47:8b:ce:89:19:
dc:a3:ff:3a:d1:cb:13:6c:c8:ea:4e:69:58:80:aa:
ce:9e:34:60:da:7b:18:b7:d6:a0:7b:04:25:d2:9c:
4d:f9:f1:be:2f:26:83:de:e9:2a:d0:6a:c7:5e:ac:
1b:3c:e9:77:6b:d3:dc:30:1a:4e:fe:cf:7e:56:ce:
2a:12:0e:9b:1e:75:c1:c0:e8:b7:99:5e:40:a7:01:
27:de:f7:00:26:3a:47:b9:63:32:e2:21:f6:ef:4d:
74:d3:7a:81:b4:c6:02:62:1d:c3:35:ce:25:d2:21:
10:ce:91:e4:c7:f3:98:ab:1a:53:82:27:f7:56:10:
f4:70:53:c1:60:29:b5:bd:c6:f2:5c:7b:74:bd:c8:
3b:96:1d:c6:eb:6a:ad:e5:b7:f9:8d:55:ef:a2:66:
63:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E2:15:99:EC:55:73:F7:CC:9C:86:CC:67:3D:05:2D:E8:02:D1:D6
X509v3 Authority Key Identifier:
keyid:6E:1A:55:43:A7:2B:51:57:87:F2:9E:84:F8:F1:AB:4F:D2:F1:BB:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhpVQ6crUVeH8p6E-PGrT9Lxu_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/df4dd6-b423-4292-9634-accf261e5c19/1/RuIVmexVc_fMnIbMZz0FLegC0dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/df4dd6-b423-4292-9634-accf261e5c19/1/bhpVQ6crUVeH8p6E-PGrT9Lxu_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.14.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3c:15:0e:6f:9e:cb:47:c9:eb:7e:33:88:8b:f7:ff:28:67:
15:22:d4:dd:36:f8:6c:1c:55:fb:bc:85:49:27:23:01:bd:fc:
f3:11:ff:f9:5c:d9:e1:94:40:2f:e5:b2:3b:0c:f5:cf:b0:da:
8b:e8:64:3d:65:f6:6c:1b:fb:97:8b:37:c4:dc:da:b0:5c:5b:
23:f5:2f:16:28:17:57:6d:aa:4b:c8:dc:93:c0:60:6b:a4:81:
93:bd:68:1c:c8:4e:c2:de:7a:ac:fd:cd:73:b8:87:c3:5b:e6:
3e:82:8d:47:cf:7d:0d:55:82:5a:f1:13:04:d9:01:44:df:4b:
32:cc:80:9b:81:01:29:9e:6c:f9:70:cb:c8:35:da:01:31:dc:
25:fe:5b:29:19:f0:ed:64:dd:2e:d3:7a:40:58:1c:01:e8:ff:
41:4b:28:4b:25:e1:47:31:44:bb:5b:85:fd:49:72:f2:f7:4a:
10:8f:8d:a5:ec:9a:ae:af:6f:80:8f:2e:c7:f8:96:2e:7c:55:
2f:df:9d:b3:fa:1c:bf:72:33:ac:16:1a:8f:bf:41:e6:8a:ad:
c7:77:f9:83:2a:8d:10:53:e5:79:15:a2:c6:65:15:cd:fa:e1:
dd:d1:97:53:69:3e:b1:2c:86:51:92:41:ce:f8:0b:c8:1b:8d:
ac:ae:02:84
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBp8aGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTFhNTU0M2E3MmI1MTU3ODdmMjllODRmOGYxYWI0ZmQyZjFiYmYyMB4XDTIyMDEw
MTA2MDUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDZlMjE1OTllYzU1
NzNmN2NjOWM4NmNjNjczZDA1MmRlODAyZDFkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKl0smLosDb59slprfshmSVjqZ5dneXahhPacDLPsP5jOa0w
HZK254jt6a+n71BF1ZxiRGFQyoSeFXKSv2BtXBNK1G9aJZ2vvUntzIDlWiyCP/pj
FPjFDHgZwzhouGeI+ytzN0eLzokZ3KP/OtHLE2zI6k5pWICqzp40YNp7GLfWoHsE
JdKcTfnxvi8mg97pKtBqx16sGzzpd2vT3DAaTv7PflbOKhIOmx51wcDot5leQKcB
J973ACY6R7ljMuIh9u9NdNN6gbTGAmIdwzXOJdIhEM6R5MfzmKsaU4In91YQ9HBT
wWAptb3G8lx7dL3IO5YdxutqreW3+Y1V76JmY/8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRG4hWZ7FVz98ychsxnPQUt6ALR1jAfBgNVHSMEGDAWgBRuGlVDpytRV4fy
noT48atP0vG78jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JocFZRNmNyVVZlSDhwNkUtUEdyVDlMeHVfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvZGY0ZGQ2LWI0MjMtNDI5Mi05NjM0LWFjY2YyNjFlNWMxOS8x
L1J1SVZtZXhWY19mTW5JYk1aejBGTGVnQzBkWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
ZGY0ZGQ2LWI0MjMtNDI5Mi05NjM0LWFjY2YyNjFlNWMxOS8xL2JocFZRNmNyVVZl
SDhwNkUtUEdyVDlMeHVfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxfDjANBgkqhkiG9w0BAQsFAAOC
AQEADTwVDm+ey0fJ634ziIv3/yhnFSLU3Tb4bBxV+7yFSScjAb388xH/+VzZ4ZRA
L+WyOwz1z7Dai+hkPWX2bBv7l4s3xNzasFxbI/UvFigXV22qS8jck8Bga6SBk71o
HMhOwt56rP3Nc7iHw1vmPoKNR899DVWCWvETBNkBRN9LMsyAm4EBKZ5s+XDLyDXa
ATHcJf5bKRnw7WTdLtN6QFgcAej/QUsoSyXhRzFEu1uF/Uly8vdKEI+Npeyarq9v
gI8ux/iWLnxVL9+ds/ocv3IzrBYaj79B5oqtx3f5gyqNEFPleRWixmUVzfrh3dGX
U2k+sSyGUZJBzvgLyBuNrK4ChA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:31 2024 by rpki-client on console-ams.rpki-client.org