Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/ByijBfcx7u8X7khYTR8qWs_WQ9w.roa
File: ByijBfcx7u8X7khYTR8qWs_WQ9w.roa (raw, json)
Hash identifier: 5rpdKOT9wmYDQshFeIDkLz1hVho4zJRGsJ2+ATQciNk=
Subject key identifier: 07:28:A3:05:F7:31:EE:EF:17:EE:48:58:4D:1F:2A:5A:CF:D6:43:DC
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CDECFC8C635FAB92DFC21DCB8DC92CE45
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/ByijBfcx7u8X7khYTR8qWs_WQ9w.roa
Signing time: Sat 06 Jan 2024 12:46:48 +0000
ROA not before: Sat 06 Jan 2024 12:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52044
IP address blocks: 93.113.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:de:cf:c8:c6:35:fa:b9:2d:fc:21:dc:b8:dc:92:ce:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 6 12:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0728a305f731eeef17ee48584d1f2a5acfd643dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b8:c7:2a:5f:5b:ac:02:60:14:9b:f7:c6:f1:
79:94:48:0e:f3:54:bc:de:e3:e5:df:2e:70:a0:d9:
eb:c5:85:b7:20:54:b9:b0:d2:eb:3c:6e:74:70:f8:
f9:04:97:16:95:1d:f8:46:eb:52:7d:39:46:b9:72:
86:42:24:22:c2:0c:41:0d:a9:68:b0:bf:40:c4:5c:
c8:20:00:fe:4f:f4:00:36:d0:ad:0e:53:f3:5f:78:
c0:d8:1d:55:33:50:49:7b:d4:31:47:f4:e7:b7:59:
db:9e:60:82:68:f5:54:74:2a:38:c8:77:f2:38:e0:
b9:d5:76:9b:6f:6e:37:a6:36:c3:78:96:8b:ce:c4:
db:91:25:4f:8a:ad:f3:e5:54:93:61:c8:92:74:57:
3b:19:f3:0d:11:42:5a:ac:60:5e:ac:44:f3:30:3e:
e9:99:48:92:4d:32:02:25:f1:38:5c:42:5f:52:e9:
8e:f6:88:f7:87:94:70:cb:e8:2b:62:ab:f3:99:a4:
33:3b:bc:75:86:8b:fb:c3:7c:dd:36:62:74:7a:cf:
67:e0:9b:6a:87:70:12:84:09:24:df:b9:6d:4c:c8:
f1:ee:53:d6:6c:5d:e0:0b:34:5f:75:47:9f:ba:5e:
e8:53:3c:6c:92:b1:cb:f4:5e:a1:8a:f4:63:58:d7:
d4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:28:A3:05:F7:31:EE:EF:17:EE:48:58:4D:1F:2A:5A:CF:D6:43:DC
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/ByijBfcx7u8X7khYTR8qWs_WQ9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.255.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:64:dd:10:a5:b0:b1:04:0f:4f:26:96:39:0b:75:25:24:56:
9f:08:26:a5:3f:e0:a4:3e:90:13:64:c1:59:72:d3:88:0c:d5:
4c:54:dd:10:0c:57:db:31:d0:42:57:16:85:33:79:76:1c:21:
9f:2b:4b:dc:01:d6:b8:60:7f:eb:40:f8:01:be:ac:b3:7f:96:
22:8d:42:fa:2f:62:98:d9:6b:3d:33:bd:f3:a5:83:31:6b:c2:
6b:62:e2:f3:42:ef:4a:74:5d:51:df:5e:69:20:fa:39:a8:a6:
ef:7c:74:f1:7e:77:cd:a4:81:29:c2:fb:2b:fd:dc:10:29:68:
c9:da:5d:17:d8:98:1c:4e:2a:94:dc:d6:5d:87:84:2e:50:5d:
0d:49:84:73:4f:09:d8:c5:5b:1b:0c:8c:42:6c:f5:ba:c0:5d:
2f:98:1b:39:88:84:74:d8:15:fa:98:4d:1f:0c:43:13:66:d3:
fe:0a:7c:74:1e:de:95:43:6f:e1:d8:f1:ee:09:ac:3b:c2:71:
55:ed:99:81:44:cb:f1:27:3d:0c:d9:d0:23:22:a5:3e:ae:7d:
a9:41:39:29:17:e1:3c:ee:f5:66:3e:70:32:a7:1e:bd:e7:02:
59:14:5f:c6:d7:2c:68:98:f9:9b:c3:d8:ef:d8:1c:ad:4d:35:
bb:0d:c5:43
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzez8jGNfq5Lfwh3Ljcks5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTA2MTI0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzI4YTMwNWY3MzFlZWVmMTdlZTQ4NTg0ZDFmMmE1YWNmZDY0M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLjHKl9brAJgFJv3xvF5lEgO81S8
3uPl3y5woNnrxYW3IFS5sNLrPG50cPj5BJcWlR34RutSfTlGuXKGQiQiwgxBDalo
sL9AxFzIIAD+T/QANtCtDlPzX3jA2B1VM1BJe9QxR/Tnt1nbnmCCaPVUdCo4yHfy
OOC51Xabb243pjbDeJaLzsTbkSVPiq3z5VSTYciSdFc7GfMNEUJarGBerETzMD7p
mUiSTTICJfE4XEJfUumO9oj3h5Rwy+grYqvzmaQzO7x1hov7w3zdNmJ0es9n4Jtq
h3AShAkk37ltTMjx7lPWbF3gCzRfdUeful7oUzxskrHL9F6hivRjWNfUVQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAcoowX3Me7vF+5IWE0fKlrP1kPcMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0J5aWpCZmN4N3U4WDdraFlUUjhxV3NfV1E5dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABdcf8w
DQYJKoZIhvcNAQELBQADggEBAJtk3RClsLEED08mljkLdSUkVp8IJqU/4KQ+kBNk
wVly04gM1UxU3RAMV9sx0EJXFoUzeXYcIZ8rS9wB1rhgf+tA+AG+rLN/liKNQvov
YpjZaz0zvfOlgzFrwmti4vNC70p0XVHfXmkg+jmopu98dPF+d82kgSnC+yv93BAp
aMnaXRfYmBxOKpTc1l2HhC5QXQ1JhHNPCdjFWxsMjEJs9brAXS+YGzmIhHTYFfqY
TR8MQxNm0/4KfHQe3pVDb+HY8e4JrDvCcVXtmYFEy/EnPQzZ0CMipT6ufalBOSkX
4Tzu9WY+cDKnHr3nAlkUX8bXLGiY+ZvD2O/YHK1NNbsNxUM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:52 2024 by rpki-client on console-ams.rpki-client.org