Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/8YOkaPkXm6yQtgrtkMFp4hiUBsc.roa
File: 8YOkaPkXm6yQtgrtkMFp4hiUBsc.roa (raw, json)
Hash identifier: GRLP+DwbxR8ISCzznlzqzwYcbo32LNi+Rmdsm+VRaMM=
Subject key identifier: F1:83:A4:68:F9:17:9B:AC:90:B6:0A:ED:90:C1:69:E2:18:94:06:C7
Certificate issuer: /CN=7a8bae923305a71c526a6fcf57c29d6c16a4269e
Certificate serial: 018D5F7C8610EAD92A2D0B5C7E92AFB5BB2C
Authority key identifier: 7A:8B:AE:92:33:05:A7:1C:52:6A:6F:CF:57:C2:9D:6C:16:A4:26:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/8YOkaPkXm6yQtgrtkMFp4hiUBsc.roa
Signing time: Wed 31 Jan 2024 12:26:52 +0000
ROA not before: Wed 31 Jan 2024 12:26:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199995
IP address blocks: 193.37.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:7c:86:10:ea:d9:2a:2d:0b:5c:7e:92:af:b5:bb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8bae923305a71c526a6fcf57c29d6c16a4269e
Validity
Not Before: Jan 31 12:26:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f183a468f9179bac90b60aed90c169e2189406c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a9:39:3d:34:13:b7:11:d4:69:26:5c:8d:a3:
81:26:88:d5:70:c3:fc:f3:f4:b1:30:d5:31:1d:76:
88:6d:31:01:fb:86:6c:ee:8d:28:cd:50:c6:20:1c:
b2:ea:09:cf:96:f2:34:be:0a:03:e9:10:a9:6c:8f:
21:de:03:c5:44:ab:a0:b6:7b:e1:2c:80:10:35:6f:
3a:c8:53:3d:b4:e4:83:38:9a:bd:f3:b4:17:8f:1d:
43:52:f7:85:19:6e:81:af:1e:11:0a:51:13:d0:f0:
4f:a1:e4:08:eb:f4:dc:30:40:0f:b7:15:35:d7:68:
90:49:a0:e6:b9:65:1b:45:66:2b:0e:a8:19:1e:ed:
f1:d0:37:7c:07:a8:05:62:0e:92:45:21:28:15:d1:
00:1c:0a:53:6e:a4:f6:f7:de:c1:e2:45:2e:e7:50:
fa:c3:cf:0c:47:6a:fe:76:ca:c4:51:41:e0:a0:eb:
a0:b7:8c:32:63:02:8d:18:b5:97:c5:3b:42:3f:15:
19:8c:d9:47:05:be:13:45:33:33:ca:a8:08:cb:6d:
5b:74:71:f8:2f:a4:45:cc:b4:7c:b7:15:af:f9:c6:
81:8b:ad:94:62:72:82:74:ce:57:db:95:76:d3:25:
d6:7a:fa:1f:f6:c0:2b:db:e9:ca:b7:ab:6f:80:a6:
89:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:83:A4:68:F9:17:9B:AC:90:B6:0A:ED:90:C1:69:E2:18:94:06:C7
X509v3 Authority Key Identifier:
keyid:7A:8B:AE:92:33:05:A7:1C:52:6A:6F:CF:57:C2:9D:6C:16:A4:26:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/8YOkaPkXm6yQtgrtkMFp4hiUBsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/eouukjMFpxxSam_PV8KdbBakJp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.251.0/24
Signature Algorithm: sha256WithRSAEncryption
17:03:21:0f:29:49:05:3a:a4:8f:85:f2:88:23:ee:3a:fc:a7:
bb:27:6f:ba:57:b4:28:94:95:71:56:11:b4:94:18:67:22:0b:
e5:0d:27:27:9e:e4:82:c8:f5:ef:6a:f3:d8:c1:90:c3:d8:33:
f8:6a:34:ef:4d:c4:00:8d:12:63:45:21:a1:fa:27:34:91:e7:
47:64:ef:74:34:41:c7:d6:f6:99:f2:eb:07:73:24:61:dd:98:
56:17:9e:49:a7:d9:dc:18:5c:57:ae:e3:88:e5:a7:3f:7e:f0:
49:58:89:ff:b8:e7:ab:30:18:fe:25:55:d5:82:70:f8:07:83:
2b:a5:40:74:fb:b8:5d:d1:09:bb:61:bb:5b:22:b9:f8:1f:d9:
ef:ef:79:08:23:52:c5:11:cf:3c:7c:67:03:80:14:7c:a3:ca:
0c:21:5e:67:17:9c:ac:59:dc:71:ef:6d:e3:0b:2f:fd:90:58:
ba:1e:54:d4:3a:bf:e3:fd:4a:45:4b:64:0b:3b:33:e0:1c:82:
9d:a3:fb:6e:c7:3f:4f:55:b9:0c:d6:6f:ad:42:fa:30:86:5c:
51:e1:ee:0b:81:fe:fe:57:70:c9:33:78:db:8d:a6:35:2c:d7:
82:30:71:fa:55:bb:7a:ef:7e:2f:42:db:92:37:f2:d4:a0:82:
b7:ec:15:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ffIYQ6tkqLQtcfpKvtbssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOGJhZTkyMzMwNWE3MWM1MjZhNmZjZjU3YzI5ZDZjMTZh
NDI2OWUwHhcNMjQwMTMxMTIyNjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTgzYTQ2OGY5MTc5YmFjOTBiNjBhZWQ5MGMxNjllMjE4OTQwNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6k5PTQTtxHUaSZcjaOBJojVcMP8
8/SxMNUxHXaIbTEB+4Zs7o0ozVDGIByy6gnPlvI0vgoD6RCpbI8h3gPFRKugtnvh
LIAQNW86yFM9tOSDOJq987QXjx1DUveFGW6Brx4RClET0PBPoeQI6/TcMEAPtxU1
12iQSaDmuWUbRWYrDqgZHu3x0Dd8B6gFYg6SRSEoFdEAHApTbqT2997B4kUu51D6
w88MR2r+dsrEUUHgoOugt4wyYwKNGLWXxTtCPxUZjNlHBb4TRTMzyqgIy21bdHH4
L6RFzLR8txWv+caBi62UYnKCdM5X25V20yXWevof9sAr2+nKt6tvgKaJFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGDpGj5F5uskLYK7ZDBaeIYlAbHMB8GA1UdIwQY
MBaAFHqLrpIzBaccUmpvz1fCnWwWpCaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW91dWtqTUZweHhTYW1fUFY4S2RiQmFrSnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yYTFlNWMtMTAxMC00MDk4LTk0Yzkt
ZGUwYzU3MGJhODUwLzEvOFlPa2FQa1htNnlRdGdydGtNRnA0aGlVQnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yYTFlNWMtMTAxMC00MDk4LTk0YzktZGUwYzU3MGJhODUw
LzEvZW91dWtqTUZweHhTYW1fUFY4S2RiQmFrSnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSX7MA0G
CSqGSIb3DQEBCwUAA4IBAQAXAyEPKUkFOqSPhfKII+46/Ke7J2+6V7QolJVxVhG0
lBhnIgvlDScnnuSCyPXvavPYwZDD2DP4ajTvTcQAjRJjRSGh+ic0kedHZO90NEHH
1vaZ8usHcyRh3ZhWF55Jp9ncGFxXruOI5ac/fvBJWIn/uOerMBj+JVXVgnD4B4Mr
pUB0+7hd0Qm7YbtbIrn4H9nv73kII1LFEc88fGcDgBR8o8oMIV5nF5ysWdxx723j
Cy/9kFi6HlTUOr/j/UpFS2QLOzPgHIKdo/tuxz9PVbkM1m+tQvowhlxR4e4Lgf7+
V3DJM3jbjaY1LNeCMHH6Vbt6734vQtuSN/LUoIK37BW+
-----END CERTIFICATE-----
Generated at Wed Mar 20 15:53:33 2024 by rpki-client on console.sobornost.net