Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7029b3-2ca8-4ba1-aa92-e6d472d3a825/1/3qcEpPj-gch_0TgYE5s2RElkVy8.roa
File: 3qcEpPj-gch_0TgYE5s2RElkVy8.roa (raw, json)
Hash identifier: fDIUb2zMTyTHLl4DR23JOI6IBvcS8KogfsENKk6YEho=
Subject key identifier: DE:A7:04:A4:F8:FE:81:C8:7F:D1:38:18:13:9B:36:44:49:64:57:2F
Certificate issuer: /CN=d14f747f42d6f2606f808f8829f43c90dd48ca0b
Certificate serial: 018CC6B90DE2F89C91527B975C9F17FD3D58
Authority key identifier: D1:4F:74:7F:42:D6:F2:60:6F:80:8F:88:29:F4:3C:90:DD:48:CA:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0U90f0LW8mBvgI-IKfQ8kN1Iygs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7029b3-2ca8-4ba1-aa92-e6d472d3a825/1/3qcEpPj-gch_0TgYE5s2RElkVy8.roa
Signing time: Mon 01 Jan 2024 20:31:05 +0000
ROA not before: Mon 01 Jan 2024 20:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 185.238.142.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:0d:e2:f8:9c:91:52:7b:97:5c:9f:17:fd:3d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14f747f42d6f2606f808f8829f43c90dd48ca0b
Validity
Not Before: Jan 1 20:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dea704a4f8fe81c87fd13818139b36444964572f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f7:66:87:1c:0d:c0:10:d5:c2:c8:f1:87:a8:
d5:37:af:b6:22:78:7d:57:57:e4:e2:0a:0c:94:f3:
0b:e2:03:02:9f:6c:0e:f2:af:b9:8c:9b:e8:e7:de:
bf:45:57:a7:24:a6:8f:02:40:ea:91:77:50:f3:70:
74:0c:49:f6:24:8d:14:45:6d:07:b2:95:84:09:9e:
9a:ed:d1:37:bd:22:45:be:ec:55:73:a0:c1:45:75:
ec:db:5d:46:f8:a2:67:91:50:65:c5:99:ed:d2:1f:
00:d1:75:c9:ba:46:c6:f2:1c:56:b6:c1:41:f1:01:
b3:af:b3:8b:de:ba:d5:1a:fb:90:dd:ab:39:1e:c0:
17:ef:46:12:a5:ca:22:4e:73:0b:6e:af:88:84:9a:
a6:9d:7e:a9:3d:97:79:58:03:60:61:d4:36:f2:64:
25:0a:9b:72:5f:30:40:79:76:29:9e:7a:35:ec:03:
44:30:48:e8:52:af:c0:f1:ef:c6:a7:4b:b1:98:be:
f1:d9:dd:b7:70:fb:4a:07:8b:f3:51:e7:51:cb:ed:
2d:06:22:f2:d4:5a:68:9b:10:c4:48:15:f7:10:0e:
11:52:4b:f8:3d:c5:13:56:bd:8d:44:28:95:84:4f:
ed:53:cf:31:46:47:74:7d:00:03:e2:af:40:01:73:
aa:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A7:04:A4:F8:FE:81:C8:7F:D1:38:18:13:9B:36:44:49:64:57:2F
X509v3 Authority Key Identifier:
keyid:D1:4F:74:7F:42:D6:F2:60:6F:80:8F:88:29:F4:3C:90:DD:48:CA:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0U90f0LW8mBvgI-IKfQ8kN1Iygs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7029b3-2ca8-4ba1-aa92-e6d472d3a825/1/3qcEpPj-gch_0TgYE5s2RElkVy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7029b3-2ca8-4ba1-aa92-e6d472d3a825/1/0U90f0LW8mBvgI-IKfQ8kN1Iygs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.142.0/24
Signature Algorithm: sha256WithRSAEncryption
17:13:4c:39:f4:74:11:31:79:47:50:4b:82:d2:c4:af:83:e6:
7f:a5:3a:15:9e:ee:fc:c0:ee:cf:d8:74:d2:d0:e8:66:af:d6:
92:8d:66:8a:4a:d3:d5:1e:da:4c:94:d6:28:58:bd:78:69:63:
af:b2:d7:6c:4a:68:89:d8:d0:d4:b1:0d:74:c1:ef:eb:92:0f:
f0:8a:56:1d:04:47:db:c3:db:96:b2:be:a3:b3:df:dc:d2:18:
f8:a5:4e:50:fd:4f:12:a0:e1:85:a3:39:5c:98:5c:6c:ef:69:
34:e3:72:e2:ad:e6:70:ef:f0:05:5a:ae:42:33:6e:3b:cc:80:
e2:b3:e0:b4:8e:84:8b:3f:c8:79:60:e6:57:c2:fe:34:a2:03:
d9:17:41:d3:eb:0a:1e:0d:69:93:fa:81:5b:5c:f4:ad:c2:48:
76:79:0f:46:be:ba:29:7c:9b:32:d7:4e:b2:cd:e8:dd:b9:ba:
7f:97:62:d3:03:1d:9d:1d:0c:f2:5c:8a:b7:a7:f4:07:50:a0:
21:06:0d:b2:f0:2d:f9:08:57:27:15:91:80:7c:31:f0:b1:2b:
97:9c:d6:8f:bf:1c:d1:c9:f0:63:07:fc:57:fe:fd:4a:5f:03:
72:77:99:2c:fc:0d:7c:ba:a3:fe:9e:97:87:b5:00:49:58:51:
a3:be:5e:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuQ3i+JyRUnuXXJ8X/T1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNGY3NDdmNDJkNmYyNjA2ZjgwOGY4ODI5ZjQzYzkwZGQ0
OGNhMGIwHhcNMjQwMTAxMjAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE3MDRhNGY4ZmU4MWM4N2ZkMTM4MTgxMzliMzY0NDQ5NjQ1NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfdmhxwNwBDVwsjxh6jVN6+2Inh9
V1fk4goMlPML4gMCn2wO8q+5jJvo596/RVenJKaPAkDqkXdQ83B0DEn2JI0URW0H
spWECZ6a7dE3vSJFvuxVc6DBRXXs211G+KJnkVBlxZnt0h8A0XXJukbG8hxWtsFB
8QGzr7OL3rrVGvuQ3as5HsAX70YSpcoiTnMLbq+IhJqmnX6pPZd5WANgYdQ28mQl
CptyXzBAeXYpnno17ANEMEjoUq/A8e/Gp0uxmL7x2d23cPtKB4vzUedRy+0tBiLy
1FpomxDESBX3EA4RUkv4PcUTVr2NRCiVhE/tU88xRkd0fQAD4q9AAXOq3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6nBKT4/oHIf9E4GBObNkRJZFcvMB8GA1UdIwQY
MBaAFNFPdH9C1vJgb4CPiCn0PJDdSMoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFU5MGYwTFc4bUJ2Z0ktSUtmUThrTjFJeWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83MDI5YjMtMmNhOC00YmExLWFhOTIt
ZTZkNDcyZDNhODI1LzEvM3FjRXBQai1nY2hfMFRnWUU1czJSRWxrVnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83MDI5YjMtMmNhOC00YmExLWFhOTItZTZkNDcyZDNhODI1
LzEvMFU5MGYwTFc4bUJ2Z0ktSUtmUThrTjFJeWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue6OMA0G
CSqGSIb3DQEBCwUAA4IBAQAXE0w59HQRMXlHUEuC0sSvg+Z/pToVnu78wO7P2HTS
0Ohmr9aSjWaKStPVHtpMlNYoWL14aWOvstdsSmiJ2NDUsQ10we/rkg/wilYdBEfb
w9uWsr6js9/c0hj4pU5Q/U8SoOGFozlcmFxs72k043LireZw7/AFWq5CM247zIDi
s+C0joSLP8h5YOZXwv40ogPZF0HT6woeDWmT+oFbXPStwkh2eQ9GvropfJsy106y
zejdubp/l2LTAx2dHQzyXIq3p/QHUKAhBg2y8C35CFcnFZGAfDHwsSuXnNaPvxzR
yfBjB/xX/v1KXwNyd5ks/A18uqP+npeHtQBJWFGjvl4K
-----END CERTIFICATE-----
Generated at Thu Sep 26 10:42:24 2024 by rpki-client on console-ams.rpki-client.org