Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XytrYEj4o8Xo3Ydec7PxsVOuWW0.roa
File: XytrYEj4o8Xo3Ydec7PxsVOuWW0.roa (raw, json)
Hash identifier: rVLUeH8BWJ8tfulZYNP8J+z7r90DkK4FtVFCGS3iplw=
Subject key identifier: 5F:2B:6B:60:48:F8:A3:C5:E8:DD:87:5E:73:B3:F1:B1:53:AE:59:6D
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DC0C70A1BE37FB5F509A6847D65E3
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XytrYEj4o8Xo3Ydec7PxsVOuWW0.roa
Signing time: Sun 01 Jan 2023 20:54:58 +0000
ROA not before: Sun 01 Jan 2023 20:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50792
IP address blocks: 194.76.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c0:c7:0a:1b:e3:7f:b5:f5:09:a6:84:7d:65:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f2b6b6048f8a3c5e8dd875e73b3f1b153ae596d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:db:81:53:b6:42:5e:96:83:87:98:f2:e4:0c:
c7:96:53:3a:c7:9c:85:e3:e6:08:d5:42:61:cf:63:
c1:b1:3d:57:38:50:6c:3d:c2:f2:11:7c:9a:46:e4:
df:3f:ba:87:49:8e:ae:d1:93:84:f4:79:f9:4e:4f:
df:16:19:c3:cc:d5:00:d6:4f:ec:9e:7a:0f:a4:5b:
95:2b:80:08:e1:37:82:f4:5e:1e:d0:99:b1:4e:e0:
93:1a:3c:44:1b:2a:59:90:e0:da:18:42:6a:e2:cd:
72:47:85:9f:7a:80:d4:dd:18:c2:bf:ce:e9:e1:41:
b4:ef:9d:b1:be:04:57:a2:13:4e:9a:69:29:42:fb:
9e:22:f9:42:d4:40:11:38:b7:2d:bf:f7:85:5e:00:
ef:b5:7e:5c:d5:49:4a:ed:86:3f:f5:5f:78:41:be:
28:c1:71:5d:d1:f9:c9:a3:5a:7a:1b:5b:55:42:0e:
58:26:5e:e4:21:de:61:38:c9:dc:41:de:a7:00:62:
a9:31:7d:8b:47:7a:01:c8:65:bf:71:e7:90:fb:b6:
b7:a2:95:54:22:44:dc:12:02:4d:0a:c9:d2:9b:77:
cc:3f:9a:75:11:3b:33:93:c5:f8:ff:2a:94:fc:75:
34:fc:f3:4e:04:a1:bb:5b:2b:14:d0:17:1a:db:6d:
14:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2B:6B:60:48:F8:A3:C5:E8:DD:87:5E:73:B3:F1:B1:53:AE:59:6D
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XytrYEj4o8Xo3Ydec7PxsVOuWW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.15.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a1:2a:d9:97:6c:f7:96:af:42:f7:4b:03:4b:dc:19:b0:68:
4b:a9:1e:d7:90:cc:9f:ed:e1:de:b1:b8:9d:96:7e:b7:82:98:
c3:cd:a9:a2:bf:db:dc:f0:ab:4d:7f:91:ad:14:12:7b:44:bb:
23:18:75:af:e1:06:1a:59:89:d4:d8:17:4b:e2:90:84:7d:8e:
39:c5:d0:e1:2e:45:b5:ca:05:0a:79:ad:f8:47:23:21:88:46:
ae:5f:53:9f:63:50:b8:03:cd:2f:a6:43:3e:0c:27:98:24:8d:
50:ee:b8:64:2a:14:4b:68:6d:bf:c6:d4:f8:71:b0:3d:21:49:
3a:17:2d:55:26:bd:26:3e:0c:51:98:1b:ee:73:96:9f:38:06:
ba:51:51:16:3e:3d:6a:9e:1a:a1:c4:30:55:79:8d:69:ab:3e:
b4:1a:e4:9b:a2:b6:24:ba:30:76:3e:2c:07:6f:21:1a:af:60:
df:f6:56:53:71:3e:89:c5:8d:1f:16:64:e2:d4:a5:54:ce:3e:
14:06:81:4c:20:72:1b:9e:15:54:f8:8c:45:6f:d9:ef:43:77:
90:2a:25:4c:ad:ee:f1:c2:d8:64:96:9b:32:01:0d:3c:02:d8:
c8:bc:8a:ea:fb:04:d8:ca:f6:22:0d:75:21:02:e7:a3:b2:a0:
a1:53:fe:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHcDHChvjf7X1CaaEfWXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJiNmI2MDQ4ZjhhM2M1ZThkZDg3NWU3M2IzZjFiMTUzYWU1OTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9uBU7ZCXpaDh5jy5AzHllM6x5yF
4+YI1UJhz2PBsT1XOFBsPcLyEXyaRuTfP7qHSY6u0ZOE9Hn5Tk/fFhnDzNUA1k/s
nnoPpFuVK4AI4TeC9F4e0JmxTuCTGjxEGypZkODaGEJq4s1yR4WfeoDU3RjCv87p
4UG0752xvgRXohNOmmkpQvueIvlC1EAROLctv/eFXgDvtX5c1UlK7YY/9V94Qb4o
wXFd0fnJo1p6G1tVQg5YJl7kId5hOMncQd6nAGKpMX2LR3oByGW/ceeQ+7a3opVU
IkTcEgJNCsnSm3fMP5p1ETszk8X4/yqU/HU0/PNOBKG7WysU0Bca220ULQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8ra2BI+KPF6N2HXnOz8bFTrlltMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvWHl0cllFajRvOFhvM1lkZWM3UHhzVk91V1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwPMA0G
CSqGSIb3DQEBCwUAA4IBAQAaoSrZl2z3lq9C90sDS9wZsGhLqR7XkMyf7eHesbid
ln63gpjDzamiv9vc8KtNf5GtFBJ7RLsjGHWv4QYaWYnU2BdL4pCEfY45xdDhLkW1
ygUKea34RyMhiEauX1OfY1C4A80vpkM+DCeYJI1Q7rhkKhRLaG2/xtT4cbA9IUk6
Fy1VJr0mPgxRmBvuc5afOAa6UVEWPj1qnhqhxDBVeY1pqz60GuSborYkujB2PiwH
byEar2Df9lZTcT6JxY0fFmTi1KVUzj4UBoFMIHIbnhVU+IxFb9nvQ3eQKiVMre7x
wthklpsyAQ08AtjIvIrq+wTYyvYiDXUhAuejsqChU/5Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org