Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/46e7a2-639a-4162-9ddf-b6392c50f95a/1/xEr5Fqu2gmcAJK3AQjDpguDWhTk.roa
File: xEr5Fqu2gmcAJK3AQjDpguDWhTk.roa (raw, json)
Hash identifier: uQ0MVnHIjA0k+3KkCYI5OPLpP8U1IAJ5t87h5FTeEh8=
Subject key identifier: C4:4A:F9:16:AB:B6:82:67:00:24:AD:C0:42:30:E9:82:E0:D6:85:39
Certificate issuer: /CN=839e07e5116a5daf5578e5fd6a18c7ef349ef044
Certificate serial: 018CC49255C5338EB94A05ED7F7505EE7D40
Authority key identifier: 83:9E:07:E5:11:6A:5D:AF:55:78:E5:FD:6A:18:C7:EF:34:9E:F0:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g54H5RFqXa9VeOX9ahjH7zSe8EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/46e7a2-639a-4162-9ddf-b6392c50f95a/1/xEr5Fqu2gmcAJK3AQjDpguDWhTk.roa
Signing time: Mon 01 Jan 2024 10:29:33 +0000
ROA not before: Mon 01 Jan 2024 10:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42963
IP address blocks: 193.105.178.0/24 maxlen: 24
193.142.113.0/24 maxlen: 24
2001:67c:21dc::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:55:c5:33:8e:b9:4a:05:ed:7f:75:05:ee:7d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839e07e5116a5daf5578e5fd6a18c7ef349ef044
Validity
Not Before: Jan 1 10:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c44af916abb682670024adc04230e982e0d68539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c6:76:3a:86:06:ce:09:d9:4b:ac:e7:c8:6f:
1c:b6:fb:f1:4a:c9:8e:36:e9:ba:1f:40:de:f8:52:
bd:15:59:93:33:17:e6:09:f2:4a:b1:3f:19:f6:f3:
74:7d:57:2b:b4:9b:20:46:6a:ea:ba:fb:a4:70:95:
19:89:f1:47:11:60:33:ff:54:62:1f:ff:6d:b6:71:
fc:15:bc:78:51:a6:25:af:87:75:61:58:7b:64:69:
77:31:b2:da:8f:f1:12:f3:d5:79:0c:9f:85:20:92:
c7:f9:2b:48:7c:d6:a9:27:e3:7b:10:a9:aa:40:9b:
86:66:37:45:a0:f8:e9:4a:cc:55:f4:cb:77:10:3d:
12:88:06:58:43:4d:72:6c:83:f3:7d:4a:c0:ad:44:
e1:cc:6c:30:5c:0c:f9:a9:f5:40:d0:0c:9a:d6:86:
14:de:56:d8:a1:a1:6f:fa:e7:a3:4f:f4:94:1c:86:
99:cf:bf:4b:96:71:cf:14:47:58:66:6b:f2:b1:5b:
d2:b7:d5:e1:b6:7f:da:96:55:61:5f:d8:29:20:b0:
a2:93:0c:ce:33:03:10:63:2b:2b:58:4b:77:a4:62:
cb:98:2b:e2:bf:db:02:fc:53:0b:9b:de:dc:e1:7e:
73:75:25:0b:43:c4:e1:66:75:00:a7:c8:04:dd:04:
88:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4A:F9:16:AB:B6:82:67:00:24:AD:C0:42:30:E9:82:E0:D6:85:39
X509v3 Authority Key Identifier:
keyid:83:9E:07:E5:11:6A:5D:AF:55:78:E5:FD:6A:18:C7:EF:34:9E:F0:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g54H5RFqXa9VeOX9ahjH7zSe8EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/46e7a2-639a-4162-9ddf-b6392c50f95a/1/xEr5Fqu2gmcAJK3AQjDpguDWhTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/46e7a2-639a-4162-9ddf-b6392c50f95a/1/g54H5RFqXa9VeOX9ahjH7zSe8EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.178.0/24
193.142.113.0/24
IPv6:
2001:67c:21dc::/48
Signature Algorithm: sha256WithRSAEncryption
6c:33:26:7c:b8:7a:35:b3:96:f7:61:b6:f7:af:8e:50:84:06:
95:19:c7:37:6c:b4:45:03:f8:99:58:39:d0:e2:65:cc:23:e0:
e7:3d:77:a7:30:a1:cd:44:10:ce:58:ab:e3:c5:bc:95:b4:ec:
9c:23:c5:ee:67:97:a2:d0:68:c8:fd:4b:f2:17:6f:c1:53:b8:
02:a3:14:90:8e:66:6b:2a:67:b7:ed:2f:2f:ed:5e:a3:bf:ff:
1d:09:6b:7c:2a:ff:d0:4d:0c:80:e8:a8:e9:02:1d:ef:8f:07:
e6:c3:f1:1e:1e:f3:10:0f:65:8e:5f:ad:5b:c8:4f:55:90:4e:
6f:1a:91:95:c1:12:6a:d1:42:2f:b2:05:f6:b0:cb:63:62:cb:
10:61:38:17:1d:9f:55:21:e6:f0:fc:04:a5:25:63:62:a3:68:
ab:f0:bd:37:53:70:06:49:28:cb:63:c6:99:87:cd:27:15:27:
1a:1b:60:49:0c:9a:35:c4:37:bf:63:c5:e7:31:17:c3:d5:53:
e1:7d:06:9a:c5:cd:5e:a5:5b:7c:35:2d:b9:86:86:cc:9c:8c:
cf:86:7d:ab:19:44:ab:3f:d7:94:82:ea:3d:27:60:7d:5b:22:
d2:7c:64:38:fc:7e:b3:94:d3:8e:ac:59:db:8c:53:16:21:6e:
dc:b7:bc:2a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEklXFM465SgXtf3UF7n1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOWUwN2U1MTE2YTVkYWY1NTc4ZTVmZDZhMThjN2VmMzQ5
ZWYwNDQwHhcNMjQwMTAxMTAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRhZjkxNmFiYjY4MjY3MDAyNGFkYzA0MjMwZTk4MmUwZDY4NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscZ2OoYGzgnZS6znyG8ctvvxSsmO
Num6H0De+FK9FVmTMxfmCfJKsT8Z9vN0fVcrtJsgRmrquvukcJUZifFHEWAz/1Ri
H/9ttnH8Fbx4UaYlr4d1YVh7ZGl3MbLaj/ES89V5DJ+FIJLH+StIfNapJ+N7EKmq
QJuGZjdFoPjpSsxV9Mt3ED0SiAZYQ01ybIPzfUrArUThzGwwXAz5qfVA0Aya1oYU
3lbYoaFv+uejT/SUHIaZz79LlnHPFEdYZmvysVvSt9Xhtn/allVhX9gpILCikwzO
MwMQYysrWEt3pGLLmCviv9sC/FMLm97c4X5zdSULQ8ThZnUAp8gE3QSIGQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMRK+RartoJnACStwEIw6YLg1oU5MB8GA1UdIwQY
MBaAFIOeB+URal2vVXjl/WoYx+80nvBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzU0SDVSRnFYYTlWZU9YOWFoakg3elNlOEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80NmU3YTItNjM5YS00MTYyLTlkZGYt
YjYzOTJjNTBmOTVhLzEveEVyNUZxdTJnbWNBSkszQVFqRHBndURXaFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80NmU3YTItNjM5YS00MTYyLTlkZGYtYjYzOTJjNTBmOTVh
LzEvZzU0SDVSRnFYYTlWZU9YOWFoakg3elNlOEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWmyAwQA
wY5xMA8EAgACMAkDBwAgAQZ8IdwwDQYJKoZIhvcNAQELBQADggEBAGwzJny4ejWz
lvdhtvevjlCEBpUZxzdstEUD+JlYOdDiZcwj4Oc9d6cwoc1EEM5Yq+PFvJW07Jwj
xe5nl6LQaMj9S/IXb8FTuAKjFJCOZmsqZ7ftLy/tXqO//x0Ja3wq/9BNDIDoqOkC
He+PB+bD8R4e8xAPZY5frVvIT1WQTm8akZXBEmrRQi+yBfawy2NiyxBhOBcdn1Uh
5vD8BKUlY2KjaKvwvTdTcAZJKMtjxpmHzScVJxobYEkMmjXEN79jxecxF8PVU+F9
BprFzV6lW3w1LbmGhsycjM+GfasZRKs/15SC6j0nYH1bItJ8ZDj8frOU046sWduM
UxYhbty3vCo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:36 2024 by rpki-client on console-fra.rpki-client.org