Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a8c553-3b9e-4edd-a7bb-5237c03b8813/1/tjp4f8EK-HVL8KfGq6WnvKltT4Y.roa
File: tjp4f8EK-HVL8KfGq6WnvKltT4Y.roa (raw, json)
Hash identifier: mdVTuhyeT2n9Npn3r2Afr5nJrfMINq3PO9Qy22LH9aw=
Subject key identifier: B6:3A:78:7F:C1:0A:F8:75:4B:F0:A7:C6:AB:A5:A7:BC:A9:6D:4F:86
Certificate issuer: /CN=9c7ef2852d4cb2eabc978ec1c5a1a4d09e04afb5
Certificate serial: 018C6C9B9B12FFD5FFD47E271B81BE17BE9F
Authority key identifier: 9C:7E:F2:85:2D:4C:B2:EA:BC:97:8E:C1:C5:A1:A4:D0:9E:04:AF:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nH7yhS1Msuq8l47BxaGk0J4Er7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a8c553-3b9e-4edd-a7bb-5237c03b8813/1/tjp4f8EK-HVL8KfGq6WnvKltT4Y.roa
Signing time: Fri 15 Dec 2023 08:33:06 +0000
ROA not before: Fri 15 Dec 2023 08:33:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213373
IP address blocks: 146.19.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:9b:9b:12:ff:d5:ff:d4:7e:27:1b:81:be:17:be:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c7ef2852d4cb2eabc978ec1c5a1a4d09e04afb5
Validity
Not Before: Dec 15 08:33:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b63a787fc10af8754bf0a7c6aba5a7bca96d4f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f4:60:36:58:9b:8d:56:94:1a:fe:41:a3:68:
9e:16:8e:a5:23:4c:fd:83:62:e9:68:59:c6:a2:a0:
04:41:ee:9b:19:04:41:26:cf:a6:a0:39:84:b0:b0:
a7:66:b5:58:4c:bc:b1:ea:31:09:1d:1c:62:c5:35:
6b:05:bc:01:ce:49:d8:dd:13:ff:65:94:ad:4c:20:
3a:13:a2:df:f1:d5:00:c2:d5:57:0d:62:d6:3f:b9:
84:79:d4:7e:3b:04:92:ec:aa:5f:dd:5f:f5:88:c4:
7c:19:e3:cb:a6:43:4f:a4:f1:1b:b6:2a:96:b8:a2:
d5:fa:26:e1:18:df:33:b5:22:04:b4:a9:ee:d7:43:
d5:5d:92:00:e4:62:2a:0c:47:51:52:96:86:76:ae:
01:10:80:90:3f:8a:dd:ed:b3:12:87:b8:ea:4b:5d:
ea:45:05:c8:7b:dc:cf:53:6b:68:f6:35:4c:d8:89:
19:46:a4:2a:71:bf:b1:c5:5b:c0:b1:46:82:5d:6a:
fd:ce:8f:2e:68:af:34:67:19:73:d2:9b:1a:66:8e:
f9:5c:42:02:d2:66:50:25:37:41:89:89:8f:c9:88:
40:f4:3e:45:61:27:49:a8:b7:f9:53:a7:8b:2c:81:
e2:c7:40:bf:e0:f5:0f:1c:f8:17:53:f0:76:f8:5c:
f4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3A:78:7F:C1:0A:F8:75:4B:F0:A7:C6:AB:A5:A7:BC:A9:6D:4F:86
X509v3 Authority Key Identifier:
keyid:9C:7E:F2:85:2D:4C:B2:EA:BC:97:8E:C1:C5:A1:A4:D0:9E:04:AF:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nH7yhS1Msuq8l47BxaGk0J4Er7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8c553-3b9e-4edd-a7bb-5237c03b8813/1/tjp4f8EK-HVL8KfGq6WnvKltT4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8c553-3b9e-4edd-a7bb-5237c03b8813/1/nH7yhS1Msuq8l47BxaGk0J4Er7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.253.0/24
Signature Algorithm: sha256WithRSAEncryption
18:9d:df:8d:49:c7:0c:31:9d:98:da:5b:f1:fa:fa:df:eb:3e:
9b:ae:d3:fe:c4:eb:03:f5:da:62:6f:1e:ba:79:57:ce:54:7d:
cf:cd:06:2f:b3:e4:34:fc:e1:03:d1:fe:c1:cc:f8:f8:7f:17:
c9:8e:57:39:66:e6:4e:f7:bb:2f:5b:b3:e7:b6:bb:a0:17:49:
ed:b8:9a:d1:19:24:0c:9f:a8:84:7c:44:04:15:f0:d3:3d:5e:
01:ef:a9:98:09:28:10:8f:e7:57:06:62:f1:13:15:6e:a3:dc:
fe:d9:e6:57:54:7b:7f:cb:c2:93:c1:dc:97:b6:60:f2:5a:1d:
dd:88:7d:1e:e8:b9:d9:8d:e2:bc:af:b2:9d:19:f4:cc:27:ff:
b5:0a:86:36:65:e6:94:79:fd:7e:fb:ab:24:77:69:d2:17:3b:
c0:04:02:b7:8d:50:ce:36:19:9a:74:93:b8:e8:ab:78:2f:17:
23:85:55:85:d9:a5:c1:21:9f:66:fa:67:65:c3:6e:4e:91:5b:
0a:97:77:fc:60:13:72:4b:b4:6e:98:ad:5a:79:d0:eb:59:c2:
bf:68:5c:d6:4d:c4:47:c5:45:ad:2a:d8:ee:47:88:dc:89:22:
15:18:18:a7:4b:05:27:6a:8b:f4:ac:de:d1:30:c0:0e:83:2a:
d7:99:fa:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxsm5sS/9X/1H4nG4G+F76fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljN2VmMjg1MmQ0Y2IyZWFiYzk3OGVjMWM1YTFhNGQwOWUw
NGFmYjUwHhcNMjMxMjE1MDgzMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjNhNzg3ZmMxMGFmODc1NGJmMGE3YzZhYmE1YTdiY2E5NmQ0Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPRgNlibjVaUGv5Bo2ieFo6lI0z9
g2LpaFnGoqAEQe6bGQRBJs+moDmEsLCnZrVYTLyx6jEJHRxixTVrBbwBzknY3RP/
ZZStTCA6E6Lf8dUAwtVXDWLWP7mEedR+OwSS7Kpf3V/1iMR8GePLpkNPpPEbtiqW
uKLV+ibhGN8ztSIEtKnu10PVXZIA5GIqDEdRUpaGdq4BEICQP4rd7bMSh7jqS13q
RQXIe9zPU2to9jVM2IkZRqQqcb+xxVvAsUaCXWr9zo8uaK80Zxlz0psaZo75XEIC
0mZQJTdBiYmPyYhA9D5FYSdJqLf5U6eLLIHix0C/4PUPHPgXU/B2+Fz08QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLY6eH/BCvh1S/Cnxqulp7ypbU+GMB8GA1UdIwQY
MBaAFJx+8oUtTLLqvJeOwcWhpNCeBK+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkg3eWhTMU1zdXE4bDQ3QnhhR2swSjRFcjdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hOGM1NTMtM2I5ZS00ZWRkLWE3YmIt
NTIzN2MwM2I4ODEzLzEvdGpwNGY4RUstSFZMOEtmR3E2V252S2x0VDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hOGM1NTMtM2I5ZS00ZWRkLWE3YmItNTIzN2MwM2I4ODEz
LzEvbkg3eWhTMU1zdXE4bDQ3QnhhR2swSjRFcjdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP9MA0G
CSqGSIb3DQEBCwUAA4IBAQAYnd+NSccMMZ2Y2lvx+vrf6z6brtP+xOsD9dpibx66
eVfOVH3PzQYvs+Q0/OED0f7BzPj4fxfJjlc5ZuZO97svW7PntrugF0ntuJrRGSQM
n6iEfEQEFfDTPV4B76mYCSgQj+dXBmLxExVuo9z+2eZXVHt/y8KTwdyXtmDyWh3d
iH0e6LnZjeK8r7KdGfTMJ/+1CoY2ZeaUef1++6skd2nSFzvABAK3jVDONhmadJO4
6Kt4LxcjhVWF2aXBIZ9m+mdlw25OkVsKl3f8YBNyS7RumK1aedDrWcK/aFzWTcRH
xUWtKtjuR4jciSIVGBinSwUnaov0rN7RMMAOgyrXmfr5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:30 2024 by rpki-client on console-fra.rpki-client.org