Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/PQGPR5yVWSffsy8IlnDOzcdMR6s.roa
File: PQGPR5yVWSffsy8IlnDOzcdMR6s.roa (raw, json)
Hash identifier: LUZz+R+huTLVC+Z+PM0HMjZC+7Dn258GzsmnuoxAsfs=
Subject key identifier: 3D:01:8F:47:9C:95:59:27:DF:B3:2F:08:96:70:CE:CD:C7:4C:47:AB
Certificate issuer: /CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Certificate serial: 018CC870A6DADA847424A20EA5E617B3868A
Authority key identifier: DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/PQGPR5yVWSffsy8IlnDOzcdMR6s.roa
Signing time: Tue 02 Jan 2024 04:31:15 +0000
ROA not before: Tue 02 Jan 2024 04:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205198
IP address blocks: 193.16.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:a6:da:da:84:74:24:a2:0e:a5:e6:17:b3:86:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Validity
Not Before: Jan 2 04:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d018f479c955927dfb32f089670cecdc74c47ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d9:f9:f7:3c:3b:b1:e7:a3:4a:bf:23:de:2a:
19:03:7b:ca:ff:47:70:de:58:60:5c:54:a8:90:35:
29:8c:9a:94:d5:a0:c0:c1:31:cf:7a:b3:6b:f1:ee:
2a:90:bd:84:3d:5c:7a:f5:b4:00:a8:85:e3:69:54:
cb:57:ee:d2:e4:6a:fe:4f:6f:37:ba:b0:da:5f:d9:
1f:f6:2e:10:6b:4d:3e:3d:60:f5:12:1b:31:97:13:
a3:8a:21:1f:ff:17:12:16:59:24:b5:4d:49:c8:45:
6d:c6:5a:c6:dd:81:a0:34:a8:06:12:1d:0e:cd:89:
31:5d:ee:85:4b:2b:fa:00:8c:57:82:98:b6:a3:de:
0a:4a:d9:e4:ce:5e:9a:a2:32:3b:7e:5a:86:db:2f:
7e:c7:75:86:75:fd:5c:07:c7:9d:ff:ac:e5:fb:8e:
d8:bb:85:85:fd:74:db:8d:e2:99:23:39:53:aa:ff:
ea:c6:8e:71:76:75:7e:4d:51:03:a6:50:b4:e8:d9:
a7:e2:8f:98:59:76:6b:05:e0:28:0b:e2:55:67:e3:
db:0b:b7:4d:76:47:52:8e:fe:a0:d3:53:f7:e7:fd:
8c:ac:56:7a:eb:51:7b:ec:f8:15:f6:30:b0:cd:76:
7e:9a:20:4c:ae:3e:42:3e:78:60:1c:bb:ff:1b:98:
7d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:01:8F:47:9C:95:59:27:DF:B3:2F:08:96:70:CE:CD:C7:4C:47:AB
X509v3 Authority Key Identifier:
keyid:DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/PQGPR5yVWSffsy8IlnDOzcdMR6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/28wruvPg1DQqAU-LcPhzzumoysU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.234.0/24
Signature Algorithm: sha256WithRSAEncryption
04:86:7f:f3:18:f1:d8:54:c8:c0:19:a1:89:00:e3:17:e0:4a:
3a:33:bf:89:9c:17:9b:ae:eb:88:c5:d7:da:ad:11:6e:80:dc:
27:a1:81:4d:a2:83:39:43:bb:99:a1:b3:fd:c2:93:32:47:24:
c0:40:62:ec:cf:31:52:f2:69:01:4c:0e:d0:4c:65:1b:dd:11:
a4:fa:1d:b0:f2:6a:e8:6b:3b:0c:eb:53:1c:70:27:3b:bf:5a:
93:48:9a:c8:da:6e:00:a6:22:80:26:ca:61:60:07:38:8a:c2:
cb:d2:dc:11:ff:12:bb:1c:3a:1d:4f:25:7b:d0:8b:dc:d2:56:
b0:99:38:41:0b:38:79:5f:9a:6c:a0:15:d8:78:b4:23:08:8a:
f2:65:a8:00:24:82:87:3c:9f:68:19:f2:50:28:f9:97:75:6c:
bc:d7:79:07:f7:0a:bc:23:20:a1:36:10:8c:4a:69:6a:b5:df:
07:5f:05:e3:30:80:c2:e9:b5:5b:ef:e3:df:c6:0d:0c:2d:35:
34:a5:ac:55:02:ad:04:3f:b6:bb:11:58:2b:b8:f4:6e:b9:64:
5e:13:61:26:a3:13:0a:d2:3c:37:9c:94:b0:a7:91:17:97:93:
c9:2c:b5:95:6c:9c:4f:28:b2:9e:09:d0:d7:0c:fc:e1:c5:a3:
77:34:d2:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcKba2oR0JKIOpeYXs4aKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiY2MyYmJhZjNlMGQ0MzQyYTAxNGY4YjcwZjg3M2NlZTlh
OGNhYzUwHhcNMjQwMTAyMDQzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDAxOGY0NzljOTU1OTI3ZGZiMzJmMDg5NjcwY2VjZGM3NGM0N2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9n59zw7seejSr8j3ioZA3vK/0dw
3lhgXFSokDUpjJqU1aDAwTHPerNr8e4qkL2EPVx69bQAqIXjaVTLV+7S5Gr+T283
urDaX9kf9i4Qa00+PWD1EhsxlxOjiiEf/xcSFlkktU1JyEVtxlrG3YGgNKgGEh0O
zYkxXe6FSyv6AIxXgpi2o94KStnkzl6aojI7flqG2y9+x3WGdf1cB8ed/6zl+47Y
u4WF/XTbjeKZIzlTqv/qxo5xdnV+TVEDplC06Nmn4o+YWXZrBeAoC+JVZ+PbC7dN
dkdSjv6g01P35/2MrFZ661F77PgV9jCwzXZ+miBMrj5CPnhgHLv/G5h92QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0Bj0eclVkn37MvCJZwzs3HTEerMB8GA1UdIwQY
MBaAFNvMK7rz4NQ0KgFPi3D4c87pqMrFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjh3cnV2UGcxRFFxQVUtTGNQaHp6dW1veXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80MTRlZjQtNGMxZi00MjU2LTg4Yzkt
ZjRkNWU4NGFjMWRkLzEvUFFHUFI1eVZXU2Zmc3k4SWxuRE96Y2RNUjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80MTRlZjQtNGMxZi00MjU2LTg4YzktZjRkNWU4NGFjMWRk
LzEvMjh3cnV2UGcxRFFxQVUtTGNQaHp6dW1veXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRDqMA0G
CSqGSIb3DQEBCwUAA4IBAQAEhn/zGPHYVMjAGaGJAOMX4Eo6M7+JnBebruuIxdfa
rRFugNwnoYFNooM5Q7uZobP9wpMyRyTAQGLszzFS8mkBTA7QTGUb3RGk+h2w8mro
azsM61MccCc7v1qTSJrI2m4ApiKAJsphYAc4isLL0twR/xK7HDodTyV70Ivc0law
mThBCzh5X5psoBXYeLQjCIryZagAJIKHPJ9oGfJQKPmXdWy813kH9wq8IyChNhCM
Smlqtd8HXwXjMIDC6bVb7+Pfxg0MLTU0paxVAq0EP7a7EVgruPRuuWReE2EmoxMK
0jw3nJSwp5EXl5PJLLWVbJxPKLKeCdDXDPzhxaN3NNL/
-----END CERTIFICATE-----
Generated at Tue Oct 8 18:03:47 2024 by rpki-client on console-ams.rpki-client.org