Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/03lSDiwsN2otAZe5b8OLdTupLyg.roa
File: 03lSDiwsN2otAZe5b8OLdTupLyg.roa (raw, json)
Hash identifier: Gw7Q4OmQIDY/vEtA55WfQj++nzpXjuKxxMQRZYa2KYM=
Subject key identifier: D3:79:52:0E:2C:2C:37:6A:2D:01:97:B9:6F:C3:8B:75:3B:A9:2F:28
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD526AC8AE8CAD7F03F6531A5559B6C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/03lSDiwsN2otAZe5b8OLdTupLyg.roa
Signing time: Mon 02 Jan 2023 00:15:18 +0000
ROA not before: Mon 02 Jan 2023 00:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48881
IP address blocks: 93.118.36.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:26:ac:8a:e8:ca:d7:f0:3f:65:31:a5:55:9b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d379520e2c2c376a2d0197b96fc38b753ba92f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b7:c8:c4:1f:3f:b4:ec:18:9f:dc:5a:e9:81:
9c:de:6e:e5:04:a8:94:a0:a5:08:21:f6:4a:13:0a:
d2:2c:27:07:13:6b:3c:33:0e:e6:87:46:0a:f4:3d:
79:77:a5:60:56:e9:a5:b8:b8:51:b9:3b:f3:cf:e3:
d6:d8:df:d4:91:66:5f:1d:1e:74:5d:13:57:d0:9b:
2b:ba:5e:66:85:4a:c1:99:d2:d0:35:44:2f:bf:56:
37:f2:fe:6f:7d:cf:ec:6b:b5:83:8f:a7:4d:b5:44:
ff:8b:22:ce:64:19:fe:2e:0d:54:a9:04:3e:a3:b5:
87:d4:ab:18:4f:f2:94:2d:e8:bd:95:7e:46:a8:1c:
89:9a:d3:04:b8:e3:aa:78:23:92:df:56:8f:12:12:
7a:db:4a:28:04:96:d9:ab:6e:f2:43:34:ee:9e:46:
97:ec:87:c7:3c:d4:4a:6c:ac:99:65:f4:9a:17:ec:
9e:1c:05:00:88:e6:d5:d0:d6:f7:f7:a3:45:0e:d3:
b4:0c:5e:1a:dc:c6:9f:a9:c2:87:7d:07:d8:6b:f3:
1b:80:32:91:0a:bd:4f:ef:5a:9a:7b:88:e1:38:a8:
57:cb:d8:40:51:65:bc:94:48:56:53:16:5d:d9:56:
6d:81:84:06:d2:51:5e:2d:20:0e:37:31:50:1b:71:
e3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:79:52:0E:2C:2C:37:6A:2D:01:97:B9:6F:C3:8B:75:3B:A9:2F:28
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/03lSDiwsN2otAZe5b8OLdTupLyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.118.36.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:17:a2:60:9e:b5:83:88:ac:89:e9:bc:30:64:bb:7b:70:3c:
67:e8:f4:80:2d:bd:00:47:cb:6f:3b:0b:cc:af:32:88:7e:e7:
35:2c:1f:a0:b0:7d:d6:af:19:31:8d:b4:ad:ed:11:45:d5:7f:
ca:1b:4f:58:62:91:49:04:5c:98:33:d6:76:b9:84:f3:58:06:
33:99:54:7a:4e:60:70:39:e9:c7:91:db:35:bb:37:83:6d:63:
ee:40:e3:8f:ad:50:2b:6a:48:97:ed:f5:02:7d:02:b7:43:4e:
db:56:d7:9a:bd:3d:b8:6a:bc:71:94:97:47:62:04:53:03:17:
ab:34:32:c5:3f:cd:ea:fc:42:f7:10:e1:c3:db:b9:be:04:d7:
d5:73:23:59:13:e2:a1:b4:34:ca:a5:18:12:d5:f4:ff:09:2d:
ad:96:a9:a5:c9:4d:13:34:14:67:f8:da:01:f3:00:50:27:48:
ee:30:27:23:66:b6:d1:f9:db:2d:98:92:a6:b5:d4:3a:2e:95:
e9:46:64:27:2c:59:78:85:d7:9f:9d:2b:92:ad:b3:0b:e2:71:
ec:7d:c8:8c:f2:8b:54:19:1b:81:7c:81:42:28:b6:56:f9:25:
d3:34:b0:f0:8d:f6:15:b5:3e:2e:60:56:df:ab:e3:81:f9:ec:
b8:11:ed:24
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1SasiujK1/A/ZTGlVZtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzc5NTIwZTJjMmMzNzZhMmQwMTk3Yjk2ZmMzOGI3NTNiYTkyZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrfIxB8/tOwYn9xa6YGc3m7lBKiU
oKUIIfZKEwrSLCcHE2s8Mw7mh0YK9D15d6VgVumluLhRuTvzz+PW2N/UkWZfHR50
XRNX0Jsrul5mhUrBmdLQNUQvv1Y38v5vfc/sa7WDj6dNtUT/iyLOZBn+Lg1UqQQ+
o7WH1KsYT/KULei9lX5GqByJmtMEuOOqeCOS31aPEhJ620ooBJbZq27yQzTunkaX
7IfHPNRKbKyZZfSaF+yeHAUAiObV0Nb396NFDtO0DF4a3MafqcKHfQfYa/MbgDKR
Cr1P71qae4jhOKhXy9hAUWW8lEhWUxZd2VZtgYQG0lFeLSAONzFQG3HjuwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNN5Ug4sLDdqLQGXuW/Di3U7qS8oMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzAzbFNEaXdzTjJvdEFaZTViOE9MZFR1cEx5Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABddiQw
DQYJKoZIhvcNAQELBQADggEBAA4XomCetYOIrInpvDBku3twPGfo9IAtvQBHy287
C8yvMoh+5zUsH6CwfdavGTGNtK3tEUXVf8obT1hikUkEXJgz1na5hPNYBjOZVHpO
YHA56ceR2zW7N4NtY+5A44+tUCtqSJft9QJ9ArdDTttW15q9PbhqvHGUl0diBFMD
F6s0MsU/zer8QvcQ4cPbub4E19VzI1kT4qG0NMqlGBLV9P8JLa2WqaXJTRM0FGf4
2gHzAFAnSO4wJyNmttH52y2Ykqa11DoulelGZCcsWXiF15+dK5Ktswvicex9yIzy
i1QZG4F8gUIotlb5JdM0sPCN9hW1Pi5gVt+r44H57LgR7SQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org