Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/46e7a2-639a-4162-9ddf-b6392c50f95a/1/Es014Ap7yYMx9FM2thklXzmfXUQ.roa
File: Es014Ap7yYMx9FM2thklXzmfXUQ.roa (raw, json)
Hash identifier: h/4HrdhUdm2UOC/YxslDWqibXDBAb7vJIqLpf3tp9Mk=
Subject key identifier: 12:CD:35:E0:0A:7B:C9:83:31:F4:53:36:B6:19:25:5F:39:9F:5D:44
Certificate issuer: /CN=839e07e5116a5daf5578e5fd6a18c7ef349ef044
Certificate serial: 03D527FE
Authority key identifier: 83:9E:07:E5:11:6A:5D:AF:55:78:E5:FD:6A:18:C7:EF:34:9E:F0:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g54H5RFqXa9VeOX9ahjH7zSe8EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/46e7a2-639a-4162-9ddf-b6392c50f95a/1/Es014Ap7yYMx9FM2thklXzmfXUQ.roa
Signing time: Sat 01 Jan 2022 04:58:37 +0000
ROA not before: Sat 01 Jan 2022 04:58:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42963
IP address blocks: 193.105.178.0/24 maxlen: 24
193.142.113.0/24 maxlen: 24
2001:67c:21dc::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64301054 (0x3d527fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839e07e5116a5daf5578e5fd6a18c7ef349ef044
Validity
Not Before: Jan 1 04:58:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=12cd35e00a7bc98331f45336b619255f399f5d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ad:5b:ce:23:8c:26:8b:01:dc:0f:80:9e:90:
ae:b8:a3:8a:2d:82:83:c5:87:fd:3c:9b:59:26:b5:
45:8a:e0:d1:f3:d4:9f:17:a6:c5:67:ca:9a:f7:ea:
35:1d:0a:58:53:0a:65:a1:30:42:f9:13:68:c0:4f:
30:3e:f8:88:dc:c5:90:c0:80:37:c0:64:44:2e:cd:
87:f8:c4:35:63:74:0c:7c:50:43:e7:c5:2a:7e:6e:
84:16:95:d7:3a:4e:88:c4:cd:30:65:d4:a2:7d:08:
ce:ad:65:73:5d:86:8b:53:c1:ce:ca:4c:3d:38:56:
be:d1:4d:eb:74:1b:4a:95:75:84:a6:77:ff:c8:39:
af:3c:fd:ae:d8:44:58:e2:84:39:01:49:89:b9:8a:
eb:5b:54:4e:72:92:4d:c3:3f:84:1e:5b:0e:a3:35:
36:b7:30:82:e5:ff:ac:f9:4a:72:a4:f9:6e:8f:ba:
0e:dd:75:b8:87:97:70:d6:9a:cd:94:30:f2:ec:8d:
fc:68:a3:17:a6:ab:80:91:20:81:11:c7:a5:2f:f1:
d1:25:7a:27:ce:3c:d8:74:8e:1e:bb:20:32:f4:5b:
e9:3a:db:1f:45:2e:10:48:48:e8:f0:b5:6a:13:87:
0e:ee:ed:85:e6:80:db:f4:fe:35:28:9e:d1:d3:9e:
01:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CD:35:E0:0A:7B:C9:83:31:F4:53:36:B6:19:25:5F:39:9F:5D:44
X509v3 Authority Key Identifier:
keyid:83:9E:07:E5:11:6A:5D:AF:55:78:E5:FD:6A:18:C7:EF:34:9E:F0:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g54H5RFqXa9VeOX9ahjH7zSe8EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/46e7a2-639a-4162-9ddf-b6392c50f95a/1/Es014Ap7yYMx9FM2thklXzmfXUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/46e7a2-639a-4162-9ddf-b6392c50f95a/1/g54H5RFqXa9VeOX9ahjH7zSe8EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.178.0/24
193.142.113.0/24
IPv6:
2001:67c:21dc::/48
Signature Algorithm: sha256WithRSAEncryption
44:21:43:23:f3:f5:b6:0a:d4:90:c5:ab:32:70:b7:96:d6:cb:
33:c6:bf:45:e7:03:a8:b3:d4:b8:d4:72:0e:fa:87:95:73:f2:
25:f5:97:2b:23:f6:94:c0:d9:a4:a2:1e:1b:94:64:cb:d4:04:
f5:c7:84:25:b7:5a:65:fe:b3:84:fc:83:4c:39:f4:ea:c2:70:
46:44:34:51:f7:0b:36:08:3a:d2:3b:0a:4d:2b:a5:e5:dd:65:
3d:0b:b8:a4:54:a5:d3:1b:15:6e:ab:b6:51:cc:de:3e:c3:69:
82:0e:59:29:d3:97:06:a2:4a:c3:7f:43:b5:b1:60:27:e7:c9:
69:d0:8e:98:4f:75:8e:19:e6:32:9e:55:87:5c:39:3f:4c:53:
ef:44:30:11:23:3c:af:ae:07:b1:04:90:8b:ef:45:ac:ff:b4:
38:4f:5d:b6:f4:ae:73:4d:83:d7:bc:72:99:5f:48:54:d5:9d:
0a:de:36:af:98:f6:23:5a:1b:8e:01:07:2c:3c:07:32:48:06:
bb:74:47:42:57:04:9f:82:8f:d6:c7:2f:5c:1f:71:78:40:1f:
05:a8:c4:7f:dd:8a:93:65:11:67:2d:4e:b5:da:3e:74:82:80:
48:ba:f1:f6:d9:f8:e9:ee:98:2e:95:b3:76:54:d8:d2:a7:b3:
d3:92:fd:43
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEA9Un/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzllMDdlNTExNmE1ZGFmNTU3OGU1ZmQ2YTE4YzdlZjM0OWVmMDQ0MB4XDTIyMDEw
MTA0NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJjZDM1ZTAwYTdi
Yzk4MzMxZjQ1MzM2YjYxOTI1NWYzOTlmNWQ0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMytW84jjCaLAdwPgJ6Qrrijii2Cg8WH/TybWSa1RYrg0fPU
nxemxWfKmvfqNR0KWFMKZaEwQvkTaMBPMD74iNzFkMCAN8BkRC7Nh/jENWN0DHxQ
Q+fFKn5uhBaV1zpOiMTNMGXUon0Izq1lc12Gi1PBzspMPThWvtFN63QbSpV1hKZ3
/8g5rzz9rthEWOKEOQFJibmK61tUTnKSTcM/hB5bDqM1NrcwguX/rPlKcqT5bo+6
Dt11uIeXcNaazZQw8uyN/GijF6argJEggRHHpS/x0SV6J8482HSOHrsgMvRb6Trb
H0UuEEhI6PC1ahOHDu7theaA2/T+NSie0dOeAf0CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQSzTXgCnvJgzH0Uza2GSVfOZ9dRDAfBgNVHSMEGDAWgBSDngflEWpdr1V4
5f1qGMfvNJ7wRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2c1NEg1UkZxWGE5VmVPWDlhaGpIN3pTZThFUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvNDZlN2EyLTYzOWEtNDE2Mi05ZGRmLWI2MzkyYzUwZjk1YS8x
L0VzMDE0QXA3eVlNeDlGTTJ0aGtsWHptZlhVUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
NDZlN2EyLTYzOWEtNDE2Mi05ZGRmLWI2MzkyYzUwZjk1YS8xL2c1NEg1UkZxWGE5
VmVPWDlhaGpIN3pTZThFUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAMFpsgMEAMGOcTAPBAIAAjAJAwcA
IAEGfCHcMA0GCSqGSIb3DQEBCwUAA4IBAQBEIUMj8/W2CtSQxasycLeW1sszxr9F
5wOos9S41HIO+oeVc/Il9ZcrI/aUwNmkoh4blGTL1AT1x4Qlt1pl/rOE/INMOfTq
wnBGRDRR9ws2CDrSOwpNK6Xl3WU9C7ikVKXTGxVuq7ZRzN4+w2mCDlkp05cGokrD
f0O1sWAn58lp0I6YT3WOGeYynlWHXDk/TFPvRDARIzyvrgexBJCL70Ws/7Q4T122
9K5zTYPXvHKZX0hU1Z0K3javmPYjWhuOAQcsPAcySAa7dEdCVwSfgo/Wxy9cH3F4
QB8FqMR/3YqTZRFnLU612j50goBIuvH22fjp7pgulbN2VNjSp7PTkv1D
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:38 2024 by rpki-client on console-ams.rpki-client.org