Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/c9qFApozdOfOA4zpiQRcAQ01Bs4.roa
File: c9qFApozdOfOA4zpiQRcAQ01Bs4.roa (raw, json)
Hash identifier: MK+tpSe0l+gTbg7tFfVoFWJv5CyK+AFG06DMrknVLnQ=
Subject key identifier: 73:DA:85:02:9A:33:74:E7:CE:03:8C:E9:89:04:5C:01:0D:35:06:CE
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018BAAF6BA1CAC9D68FB7CE52C17F240A6B5
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/c9qFApozdOfOA4zpiQRcAQ01Bs4.roa
Signing time: Tue 07 Nov 2023 18:06:18 +0000
ROA not before: Tue 07 Nov 2023 18:06:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205663
IP address blocks: 37.153.132.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:f6:ba:1c:ac:9d:68:fb:7c:e5:2c:17:f2:40:a6:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 7 18:06:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73da85029a3374e7ce038ce989045c010d3506ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:e5:a2:cc:a4:17:26:53:f9:27:71:a1:6e:
2e:98:20:11:0f:a1:82:a3:d1:70:36:d7:ac:cf:ca:
99:8e:24:76:5b:8d:68:16:0f:e9:9c:9e:ee:1d:64:
f3:14:08:71:0e:8d:24:a5:5f:77:f1:a1:8f:72:e4:
92:15:50:03:97:3b:a5:16:d9:fb:6c:a8:45:ef:3d:
d5:18:66:7a:1e:98:90:8e:43:2e:27:46:2a:13:76:
99:84:68:8a:5c:83:c0:b2:c9:ce:62:31:55:fd:98:
c6:d1:20:15:b0:c9:e5:48:63:79:fd:a5:1d:f8:b6:
f0:35:2b:ad:38:15:20:1f:a0:bc:e5:8f:13:92:09:
e7:08:f4:8a:1d:15:b4:ba:52:c1:aa:c6:e3:4c:68:
9d:cc:cf:d4:5b:fe:6c:8f:6f:01:5e:ec:8b:f2:ba:
83:50:a1:76:d9:73:03:ef:64:59:32:f4:8c:7a:4c:
99:03:35:81:e3:99:c2:22:06:16:9d:3b:c3:08:fb:
b5:a4:b2:07:2a:de:bd:5c:bb:1f:2a:a2:fe:ec:af:
37:68:c6:fc:f7:df:3f:17:99:11:ee:78:2b:73:e3:
31:74:66:f0:9e:af:93:11:c0:b1:58:a3:dc:31:0b:
b1:49:f5:c9:a5:3e:af:52:9a:be:f3:39:61:59:43:
bb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:DA:85:02:9A:33:74:E7:CE:03:8C:E9:89:04:5C:01:0D:35:06:CE
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/c9qFApozdOfOA4zpiQRcAQ01Bs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
188.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:e9:c7:16:54:4b:bf:69:9a:cb:df:de:cb:45:26:de:5b:46:
13:89:be:cb:da:d9:01:f6:ee:21:2c:77:5a:2c:5f:a7:41:af:
fa:38:c3:8b:7c:ae:ae:c3:e5:3e:0e:b8:5b:26:41:45:95:2d:
c3:54:cf:ff:d0:7b:20:a6:d4:24:48:91:a5:eb:b9:ba:2c:e3:
73:38:c0:dd:cc:dd:f1:8a:f6:9a:1a:a2:44:2e:74:3a:a4:6b:
c4:49:f6:8e:05:67:8f:44:56:d6:35:5e:c4:b3:92:c9:18:9f:
91:27:ff:01:63:b4:dc:31:87:b3:09:eb:8d:dc:ba:d2:5f:45:
e5:f3:42:d2:b6:0c:6c:e5:b4:63:1b:4a:32:51:30:44:bd:cf:
00:27:a0:a5:91:c4:07:78:37:e0:f2:8f:c1:2e:93:3e:ad:e2:
31:b7:f0:3a:40:73:c7:37:58:be:9c:bb:ee:39:aa:b9:78:82:
1b:e9:ca:30:30:d9:0c:94:62:23:b2:a2:41:f2:0b:ed:b1:29:
b9:8e:3d:1f:3e:5c:39:7c:a5:66:81:3f:f1:29:ba:23:09:cc:
62:8a:76:60:aa:e7:f3:91:b4:a1:5a:12:d1:c0:3b:ae:b5:1a:
b5:e4:99:ce:d5:a5:93:18:9c:a8:b6:74:4f:fe:24:c1:35:59:
bc:1e:e3:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuq9rocrJ1o+3zlLBfyQKa1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTA3MTgwNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2RhODUwMjlhMzM3NGU3Y2UwMzhjZTk4OTA0NWMwMTBkMzUwNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBHlosykFyZT+SdxoW4umCARD6GC
o9FwNtesz8qZjiR2W41oFg/pnJ7uHWTzFAhxDo0kpV938aGPcuSSFVADlzulFtn7
bKhF7z3VGGZ6HpiQjkMuJ0YqE3aZhGiKXIPAssnOYjFV/ZjG0SAVsMnlSGN5/aUd
+LbwNSutOBUgH6C85Y8TkgnnCPSKHRW0ulLBqsbjTGidzM/UW/5sj28BXuyL8rqD
UKF22XMD72RZMvSMekyZAzWB45nCIgYWnTvDCPu1pLIHKt69XLsfKqL+7K83aMb8
998/F5kR7ngrc+MxdGbwnq+TEcCxWKPcMQuxSfXJpT6vUpq+8zlhWUO7XwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHPahQKaM3TnzgOM6YkEXAENNQbOMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvYzlxRkFwb3pkT2ZPQTR6cGlRUmNBUTAxQnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJZmEAwQA
vNP5MA0GCSqGSIb3DQEBCwUAA4IBAQBf6ccWVEu/aZrL397LRSbeW0YTib7L2tkB
9u4hLHdaLF+nQa/6OMOLfK6uw+U+DrhbJkFFlS3DVM//0HsgptQkSJGl67m6LONz
OMDdzN3xivaaGqJELnQ6pGvESfaOBWePRFbWNV7Es5LJGJ+RJ/8BY7TcMYezCeuN
3LrSX0Xl80LStgxs5bRjG0oyUTBEvc8AJ6ClkcQHeDfg8o/BLpM+reIxt/A6QHPH
N1i+nLvuOaq5eIIb6cowMNkMlGIjsqJB8gvtsSm5jj0fPlw5fKVmgT/xKbojCcxi
inZgqufzkbShWhLRwDuutRq15JnO1aWTGJyotnRP/iTBNVm8HuPC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org