Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/82hnZM5pz59bOkr1lk1S-LSywpA.roa
File: 82hnZM5pz59bOkr1lk1S-LSywpA.roa (raw, json)
Hash identifier: 31Y5sD6YfR++KAb/VvRrJPmpM8OHvnnsE+YfnJbG6C8=
Subject key identifier: F3:68:67:64:CE:69:CF:9F:5B:3A:4A:F5:96:4D:52:F8:B4:B2:C2:90
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018CC2DAE787448787C910A143FD1AC99BAA
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/82hnZM5pz59bOkr1lk1S-LSywpA.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205516
IP address blocks: 193.106.99.0/24 maxlen: 24
91.198.101.0/24 maxlen: 24
193.43.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e7:87:44:87:87:c9:10:a1:43:fd:1a:c9:9b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3686764ce69cf9f5b3a4af5964d52f8b4b2c290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0b:16:35:86:b5:27:07:cc:2f:56:81:75:89:
2a:1d:9b:bf:4d:61:2a:b2:33:31:77:38:5b:2b:81:
fd:7a:5e:79:4b:04:0c:83:d9:7c:eb:6e:fc:24:61:
57:73:9e:15:cc:fa:27:e5:54:cd:9f:b1:e5:31:ae:
39:03:57:de:3b:e8:0d:ba:93:55:11:6d:1b:93:14:
a0:84:29:bb:7c:53:c6:63:5b:5b:63:fe:cd:04:b6:
61:37:d7:56:4d:35:c5:c3:e4:29:7f:f0:ad:51:30:
2b:bb:56:15:be:16:78:ab:9b:98:fd:8d:76:d9:6f:
a5:8d:2a:2d:ae:1a:21:ac:e1:28:b6:90:f0:6b:68:
7e:53:36:c2:e1:81:09:bb:98:fb:61:60:6b:af:8c:
d5:ec:16:ef:13:e0:f4:32:a9:62:5e:74:d3:7f:5d:
d6:6f:f1:f9:bf:b4:26:0c:24:35:9c:a0:ee:78:69:
7f:93:c0:fe:2c:24:ce:92:6d:65:54:97:b6:e4:ed:
ac:30:7e:fc:87:d1:1d:ab:55:76:c9:b6:4f:a4:32:
eb:62:fc:f8:7c:75:cc:08:97:c1:8a:d9:f2:b0:f9:
0a:86:d4:ce:a7:be:59:e4:17:c7:32:0c:14:09:b1:
50:ed:66:08:63:30:6f:a8:bf:45:c3:0e:96:6c:3d:
71:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:68:67:64:CE:69:CF:9F:5B:3A:4A:F5:96:4D:52:F8:B4:B2:C2:90
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/82hnZM5pz59bOkr1lk1S-LSywpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.101.0/24
193.43.250.0/24
193.106.99.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:5b:cf:c8:18:8a:f9:07:48:cb:68:d7:50:c5:04:d9:37:1c:
3e:a6:8e:f7:60:fa:32:8c:dd:53:72:2d:68:02:80:40:14:41:
66:3f:c5:e2:b9:ae:e1:f2:b4:73:ac:8d:d2:14:65:e7:7e:7e:
38:30:38:f7:2e:87:cc:75:f8:5f:ce:d7:69:09:01:f0:bf:31:
43:bf:63:9f:ba:5f:ba:a4:bb:1b:de:26:2a:78:37:86:6b:2c:
bb:3e:f9:59:36:3b:d5:74:65:7d:dd:4a:22:f3:d3:23:69:c9:
ad:11:9c:e5:32:14:96:d4:b8:e3:8c:08:21:f9:29:61:8c:dd:
c4:0f:25:8f:57:14:f0:5e:ef:dc:ec:42:7e:a4:9f:6e:0e:08:
08:91:bf:2e:19:04:35:61:d0:72:4a:9c:63:b0:79:fa:32:f8:
bf:a4:f8:f0:22:1d:ef:89:ba:19:75:da:62:1f:94:23:14:d5:
4f:03:45:1e:a9:97:83:60:66:80:d4:fe:bd:8e:1d:db:11:0f:
05:a7:41:4a:54:af:1b:ef:26:e2:6b:7d:f4:28:8e:0a:48:fa:
8d:5c:92:23:58:be:ef:8b:6a:f0:f4:3f:24:df:12:b3:90:e7:
b4:ba:c9:44:88:05:1c:05:53:cb:99:a9:ad:1f:12:0f:f8:0f:
a8:bb:ac:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2ueHRIeHyRChQ/0ayZuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzY4Njc2NGNlNjljZjlmNWIzYTRhZjU5NjRkNTJmOGI0YjJjMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAsWNYa1JwfML1aBdYkqHZu/TWEq
sjMxdzhbK4H9el55SwQMg9l86278JGFXc54VzPon5VTNn7HlMa45A1feO+gNupNV
EW0bkxSghCm7fFPGY1tbY/7NBLZhN9dWTTXFw+Qpf/CtUTAru1YVvhZ4q5uY/Y12
2W+ljSotrhohrOEotpDwa2h+UzbC4YEJu5j7YWBrr4zV7BbvE+D0MqliXnTTf13W
b/H5v7QmDCQ1nKDueGl/k8D+LCTOkm1lVJe25O2sMH78h9Edq1V2ybZPpDLrYvz4
fHXMCJfBitnysPkKhtTOp75Z5BfHMgwUCbFQ7WYIYzBvqL9Fww6WbD1x1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNoZ2TOac+fWzpK9ZZNUvi0ssKQMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvODJoblpNNXB6NTliT2tyMWxrMVMtTFN5d3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8ZlAwQA
wSv6AwQAwWpjMA0GCSqGSIb3DQEBCwUAA4IBAQBLW8/IGIr5B0jLaNdQxQTZNxw+
po73YPoyjN1Tci1oAoBAFEFmP8Xiua7h8rRzrI3SFGXnfn44MDj3LofMdfhfztdp
CQHwvzFDv2Oful+6pLsb3iYqeDeGayy7PvlZNjvVdGV93Uoi89MjacmtEZzlMhSW
1LjjjAgh+SlhjN3EDyWPVxTwXu/c7EJ+pJ9uDggIkb8uGQQ1YdBySpxjsHn6Mvi/
pPjwIh3viboZddpiH5QjFNVPA0UeqZeDYGaA1P69jh3bEQ8Fp0FKVK8b7ybia330
KI4KSPqNXJIjWL7vi2rw9D8k3xKzkOe0uslEiAUcBVPLmamtHxIP+A+ou6w3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org