Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/vxzGKehH5C15xe9Wvm199tumfEs.roa
File: vxzGKehH5C15xe9Wvm199tumfEs.roa (raw, json)
Hash identifier: wErw4hZTXj9KEPi5z8e8LWjFP7DiO0eAEQ618MjuxvM=
Subject key identifier: BF:1C:C6:29:E8:47:E4:2D:79:C5:EF:56:BE:6D:7D:F6:DB:A6:7C:4B
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018708FDB6F9C5D221C4FB10BF5853A92228
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/vxzGKehH5C15xe9Wvm199tumfEs.roa
Signing time: Wed 22 Mar 2023 11:04:17 +0000
ROA not before: Wed 22 Mar 2023 11:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395800
IP address blocks: 193.39.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:fd:b6:f9:c5:d2:21:c4:fb:10:bf:58:53:a9:22:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Mar 22 11:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf1cc629e847e42d79c5ef56be6d7df6dba67c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:95:d3:74:b5:77:31:97:04:9b:23:c7:ee:ff:
d1:c9:26:68:6e:5f:72:85:0a:a4:0d:e6:11:e7:b8:
1c:b9:88:3e:b8:97:0d:ac:5d:eb:d4:3a:ff:b3:68:
19:b2:dd:62:79:95:4b:94:f9:08:31:76:80:73:55:
67:7f:79:39:bb:d1:bd:ad:9f:9f:92:5c:6a:08:5a:
dd:18:88:61:69:c0:2e:a6:b3:f0:de:c9:e4:74:5c:
3c:15:e6:7c:36:3f:ee:5a:e0:5b:16:ab:0f:cf:b1:
c0:f7:69:de:5a:27:c4:12:3b:62:4b:8d:c4:0d:e4:
d7:e4:e0:b3:84:a0:75:2c:72:be:97:87:29:fe:94:
59:67:b3:09:7a:ef:c5:4c:39:bd:8e:0a:18:de:06:
76:c2:fb:c6:16:17:2c:38:91:dd:5e:03:76:a9:9a:
8a:9c:88:27:93:eb:03:d6:28:46:65:f9:15:aa:fd:
99:bc:1a:7a:c8:9d:10:0b:25:77:15:4e:bf:37:a2:
d3:b3:df:50:ed:36:71:50:2f:58:ff:bb:9b:98:99:
ae:03:63:52:e7:d1:46:c5:9a:f0:ff:0b:09:3f:cb:
0e:b7:de:7d:0c:71:0e:0a:81:8d:c8:e2:fc:c0:f0:
74:99:13:58:95:ab:e7:cb:c1:04:21:1a:fc:87:18:
4a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1C:C6:29:E8:47:E4:2D:79:C5:EF:56:BE:6D:7D:F6:DB:A6:7C:4B
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/vxzGKehH5C15xe9Wvm199tumfEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.39.170.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:93:90:1e:0e:b0:f2:5a:9e:f4:87:ce:9e:d9:3e:fe:00:84:
c9:68:d1:14:c6:d7:27:ef:ec:f0:6b:da:ae:75:85:e1:b0:c8:
40:92:c8:c7:17:54:98:ae:78:a6:76:35:49:ae:a0:34:31:ce:
e8:56:da:f9:3c:f8:fc:ce:f0:d3:56:ad:aa:9b:d4:bf:9a:43:
d5:f6:12:0b:99:90:2f:0c:79:36:61:16:cd:6e:39:93:2e:9a:
8b:bb:c7:ca:e5:c1:2d:9a:56:13:a9:2c:21:7d:47:30:bf:49:
f4:07:07:84:73:e9:d8:26:00:83:1d:8e:21:74:d1:97:03:70:
55:f7:1a:99:5b:a2:90:38:93:b5:80:b5:78:f3:e9:6d:e0:c6:
e8:53:67:48:15:b1:d3:4d:f3:20:ed:47:84:40:fd:0d:30:7e:
23:04:38:42:13:85:41:77:bd:30:ee:ba:d9:d8:d4:66:ae:be:
f0:43:d8:ee:a5:c6:76:9a:46:6b:c1:61:6b:83:53:a6:df:80:
35:37:70:fe:60:58:83:74:13:50:26:3e:da:1f:cf:92:38:fe:
dd:42:35:5a:89:bf:db:69:fc:d0:bf:c0:f9:99:35:b8:e1:bf:
47:60:7f:2c:d6:b5:7b:cc:76:82:9b:8d:4d:cc:8e:4f:d9:14:
1a:9c:e8:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcI/bb5xdIhxPsQv1hTqSIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMzIyMTEwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFjYzYyOWU4NDdlNDJkNzljNWVmNTZiZTZkN2RmNmRiYTY3YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZXTdLV3MZcEmyPH7v/RySZobl9y
hQqkDeYR57gcuYg+uJcNrF3r1Dr/s2gZst1ieZVLlPkIMXaAc1Vnf3k5u9G9rZ+f
klxqCFrdGIhhacAuprPw3snkdFw8FeZ8Nj/uWuBbFqsPz7HA92neWifEEjtiS43E
DeTX5OCzhKB1LHK+l4cp/pRZZ7MJeu/FTDm9jgoY3gZ2wvvGFhcsOJHdXgN2qZqK
nIgnk+sD1ihGZfkVqv2ZvBp6yJ0QCyV3FU6/N6LTs99Q7TZxUC9Y/7ubmJmuA2NS
59FGxZrw/wsJP8sOt959DHEOCoGNyOL8wPB0mRNYlavny8EEIRr8hxhKQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8cxinoR+QtecXvVr5tffbbpnxLMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvdnh6R0tlaEg1QzE1eGU5V3ZtMTk5dHVtZkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSeqMA0G
CSqGSIb3DQEBCwUAA4IBAQBdk5AeDrDyWp70h86e2T7+AITJaNEUxtcn7+zwa9qu
dYXhsMhAksjHF1SYrnimdjVJrqA0Mc7oVtr5PPj8zvDTVq2qm9S/mkPV9hILmZAv
DHk2YRbNbjmTLpqLu8fK5cEtmlYTqSwhfUcwv0n0BweEc+nYJgCDHY4hdNGXA3BV
9xqZW6KQOJO1gLV48+lt4MboU2dIFbHTTfMg7UeEQP0NMH4jBDhCE4VBd70w7rrZ
2NRmrr7wQ9jupcZ2mkZrwWFrg1Om34A1N3D+YFiDdBNQJj7aH8+SOP7dQjVaib/b
afzQv8D5mTW44b9HYH8s1rV7zHaCm41NzI5P2RQanOiC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org