Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/KWmgVjVmiHw83_sY4z9qidckCPA.roa
File: KWmgVjVmiHw83_sY4z9qidckCPA.roa (raw, json)
Hash identifier: Ilk8Y+0mXitCEE/cyOqv6J2UWnHZBKNha/1o6HGxjfU=
Subject key identifier: 29:69:A0:56:35:66:88:7C:3C:DF:FB:18:E3:3F:6A:89:D7:24:08:F0
Certificate issuer: /CN=9213f2c2d06c64b895457ab50fc4920283a49cc7
Certificate serial: 079549C5
Authority key identifier: 92:13:F2:C2:D0:6C:64:B8:95:45:7A:B5:0F:C4:92:02:83:A4:9C:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khPywtBsZLiVRXq1D8SSAoOknMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/KWmgVjVmiHw83_sY4z9qidckCPA.roa
Signing time: Wed 23 Mar 2022 07:30:46 +0000
ROA not before: Wed 23 Mar 2022 07:30:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213157
IP address blocks: 194.1.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127224261 (0x79549c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9213f2c2d06c64b895457ab50fc4920283a49cc7
Validity
Not Before: Mar 23 07:30:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2969a0563566887c3cdffb18e33f6a89d72408f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:33:9f:40:14:55:9f:83:4f:09:e8:7c:3b:0a:
ff:41:bd:9b:33:ef:36:06:bd:49:88:42:65:c0:c0:
cb:00:2b:01:8c:55:02:0c:e5:21:f9:bb:00:4f:35:
99:5a:e5:24:6d:31:f9:c0:f8:4b:0b:6a:16:75:2d:
2b:95:02:22:79:3d:aa:94:79:2f:e0:f3:2a:6e:93:
65:71:b6:4c:a0:fa:e5:7c:37:9c:bb:39:bd:6c:b1:
f0:51:64:52:7c:de:05:b1:81:75:73:28:c8:53:30:
21:ad:45:8c:0a:4a:21:69:f4:30:0b:fa:9a:64:d5:
db:a7:cd:57:98:c5:b6:b8:9c:cd:18:67:8e:b9:a7:
c5:11:9f:81:44:60:3b:14:bb:de:68:ba:f6:81:ec:
b9:aa:07:13:d8:9d:b4:ce:b2:56:51:99:58:34:a0:
42:59:d3:72:c3:e8:e5:b7:12:39:b6:46:f8:20:d4:
67:71:18:ba:1e:a1:23:09:9a:5d:89:a1:42:ff:68:
1d:40:c2:4f:4b:7a:3b:39:61:68:a1:57:00:0f:29:
04:a0:2e:30:28:e2:c1:97:57:c5:dc:a5:a7:81:09:
bf:09:bb:4e:2d:63:8e:14:87:5d:d8:f9:61:10:99:
04:d1:94:5b:8f:54:92:94:17:b4:1b:31:18:db:1c:
06:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:69:A0:56:35:66:88:7C:3C:DF:FB:18:E3:3F:6A:89:D7:24:08:F0
X509v3 Authority Key Identifier:
keyid:92:13:F2:C2:D0:6C:64:B8:95:45:7A:B5:0F:C4:92:02:83:A4:9C:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khPywtBsZLiVRXq1D8SSAoOknMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/KWmgVjVmiHw83_sY4z9qidckCPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/khPywtBsZLiVRXq1D8SSAoOknMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.218.0/24
Signature Algorithm: sha256WithRSAEncryption
53:72:4b:9e:cf:f4:dc:20:59:09:6c:8f:d9:04:0d:95:a7:cb:
b4:58:81:87:18:15:63:b4:ba:0d:03:b3:f8:6c:07:7e:3d:02:
fb:8e:dc:6e:03:91:bc:8b:57:97:55:c8:1d:cf:e6:ac:a0:07:
43:ba:8c:c3:cb:d6:f4:4a:47:b6:12:8f:8c:8e:fa:5a:38:9f:
ce:a4:6e:5e:1e:3f:45:3a:89:a1:cb:1b:50:f5:bd:ba:cf:a3:
43:97:48:ac:c4:0e:09:c9:40:00:c8:d9:60:72:9a:36:d4:27:
53:1c:fd:25:10:a8:08:94:7b:b2:de:4f:42:ec:9b:f2:5e:6b:
f9:92:89:0b:7a:41:48:73:9e:bd:00:58:b4:a8:63:72:17:e9:
5b:8e:bc:cd:88:28:31:6b:63:fe:9f:8d:39:c9:81:06:6f:84:
51:e9:28:6a:55:22:1e:3c:52:93:57:43:76:88:a7:51:ce:01:
6d:8a:e5:a3:59:32:39:79:5d:70:1a:77:40:da:73:a7:25:9e:
40:2e:3b:1b:35:38:1a:b0:ac:fc:d8:2b:a1:d6:c2:77:6e:e4:
69:eb:82:05:18:11:e9:98:ec:e0:f9:78:22:fd:96:30:23:ba:
c7:af:bc:bc:5f:51:c1:04:a6:48:a1:37:ae:99:08:3c:5e:94:
a3:4e:7d:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB5VJxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjEzZjJjMmQwNmM2NGI4OTU0NTdhYjUwZmM0OTIwMjgzYTQ5Y2M3MB4XDTIyMDMy
MzA3MzA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk2OWEwNTYzNTY2
ODg3YzNjZGZmYjE4ZTMzZjZhODlkNzI0MDhmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIzn0AUVZ+DTwnofDsK/0G9mzPvNga9SYhCZcDAywArAYxV
AgzlIfm7AE81mVrlJG0x+cD4SwtqFnUtK5UCInk9qpR5L+DzKm6TZXG2TKD65Xw3
nLs5vWyx8FFkUnzeBbGBdXMoyFMwIa1FjApKIWn0MAv6mmTV26fNV5jFtriczRhn
jrmnxRGfgURgOxS73mi69oHsuaoHE9idtM6yVlGZWDSgQlnTcsPo5bcSObZG+CDU
Z3EYuh6hIwmaXYmhQv9oHUDCT0t6OzlhaKFXAA8pBKAuMCjiwZdXxdylp4EJvwm7
Ti1jjhSHXdj5YRCZBNGUW49UkpQXtBsxGNscBmECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpaaBWNWaIfDzf+xjjP2qJ1yQI8DAfBgNVHSMEGDAWgBSSE/LC0GxkuJVF
erUPxJICg6ScxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2toUHl3dEJzWkxpVlJYcTFEOFNTQW9Pa25NYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvMzFhNmE0LThhOWQtNDdhMi04ZmJiLWI5ZGZmM2U3YTMyZS8x
L0tXbWdWalZtaUh3ODNfc1k0ejlxaWRja0NQQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
MzFhNmE0LThhOWQtNDdhMi04ZmJiLWI5ZGZmM2U3YTMyZS8xL2toUHl3dEJzWkxp
VlJYcTFEOFNTQW9Pa25NYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIB2jANBgkqhkiG9w0BAQsFAAOC
AQEAU3JLns/03CBZCWyP2QQNlafLtFiBhxgVY7S6DQOz+GwHfj0C+47cbgORvItX
l1XIHc/mrKAHQ7qMw8vW9EpHthKPjI76WjifzqRuXh4/RTqJocsbUPW9us+jQ5dI
rMQOCclAAMjZYHKaNtQnUxz9JRCoCJR7st5PQuyb8l5r+ZKJC3pBSHOevQBYtKhj
chfpW468zYgoMWtj/p+NOcmBBm+EUekoalUiHjxSk1dDdoinUc4BbYrlo1kyOXld
cBp3QNpzpyWeQC47GzU4GrCs/NgrodbCd27kaeuCBRgR6Zjs4Pl4Iv2WMCO6x6+8
vF9RwQSmSKE3rpkIPF6Uo059aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:01 2024 by rpki-client on console-ams.rpki-client.org