Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/F7oRlMYR6UCDHJEIiI_8UCba1Uw.roa
File: F7oRlMYR6UCDHJEIiI_8UCba1Uw.roa (raw, json)
Hash identifier: rjr+fp5tTO6+oO4HBYB4Z3AMwZyqgSPGv4s5P7Dj5b4=
Subject key identifier: 17:BA:11:94:C6:11:E9:40:83:1C:91:08:88:8F:FC:50:26:DA:D5:4C
Certificate issuer: /CN=70d654f2e16fe8826e04ae96df5e5cb0a260380a
Certificate serial: 01856DDD6A1886AB2FA6625BECFAA1FB5569
Authority key identifier: 70:D6:54:F2:E1:6F:E8:82:6E:04:AE:96:DF:5E:5C:B0:A2:60:38:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNZU8uFv6IJuBK6W315csKJgOAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/F7oRlMYR6UCDHJEIiI_8UCba1Uw.roa
Signing time: Sun 01 Jan 2023 15:05:05 +0000
ROA not before: Sun 01 Jan 2023 15:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198505
IP address blocks: 193.8.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:6a:18:86:ab:2f:a6:62:5b:ec:fa:a1:fb:55:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70d654f2e16fe8826e04ae96df5e5cb0a260380a
Validity
Not Before: Jan 1 15:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17ba1194c611e940831c9108888ffc5026dad54c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:19:ec:08:74:22:7f:c2:62:a0:0e:24:97:4e:
fd:04:d6:8a:f8:a8:4b:44:80:66:f6:39:1e:b4:3d:
8d:31:b9:8c:4e:2b:63:f0:86:73:bb:8e:67:45:83:
8c:29:55:db:5e:6c:4c:6c:02:d1:86:ed:f1:e4:6d:
20:f9:21:8a:1f:b5:5e:8a:a3:36:a1:bb:7c:f2:38:
b2:bb:aa:af:9a:5c:6e:92:f7:25:02:40:aa:88:c8:
41:26:42:fd:91:94:30:50:5b:5a:1a:e6:8e:0f:e9:
f8:9c:73:48:23:26:5e:4f:4f:cf:f8:35:62:78:9b:
e3:7a:ea:d3:94:8a:09:19:cd:41:90:6f:7d:99:d1:
70:ec:0f:e1:75:97:a5:29:da:0d:c1:32:a2:c4:59:
d3:58:89:6f:ca:7b:b5:bd:13:fa:70:e5:00:a2:e4:
c2:64:3c:d9:e6:26:29:18:f1:e2:f7:46:90:44:7e:
63:36:24:b8:d9:92:e9:30:bb:a4:7e:f1:6b:a5:49:
78:79:0e:32:7d:dd:be:12:a7:f6:6b:41:66:fc:79:
1d:7a:6d:4a:57:27:c1:71:fc:43:f8:f7:79:de:2e:
59:3f:96:f6:7e:2c:11:b5:ab:9b:d1:46:2b:a9:12:
84:c1:19:ea:9c:6c:04:61:1e:5e:47:03:d6:b7:67:
a9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BA:11:94:C6:11:E9:40:83:1C:91:08:88:8F:FC:50:26:DA:D5:4C
X509v3 Authority Key Identifier:
keyid:70:D6:54:F2:E1:6F:E8:82:6E:04:AE:96:DF:5E:5C:B0:A2:60:38:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNZU8uFv6IJuBK6W315csKJgOAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/F7oRlMYR6UCDHJEIiI_8UCba1Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/cNZU8uFv6IJuBK6W315csKJgOAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.201.0/24
Signature Algorithm: sha256WithRSAEncryption
51:35:e6:07:17:57:08:f0:58:26:d9:84:bd:0d:3a:18:50:a9:
ee:de:9c:81:ca:a0:0c:02:e1:08:fa:72:5f:4a:bb:5f:90:a3:
ec:02:f8:a2:18:d4:9c:66:66:c2:cd:71:84:3d:cc:a4:94:c1:
41:ac:fe:e4:14:0f:5a:7d:3f:8d:33:b9:08:fb:0c:0f:80:be:
ed:c6:65:ad:74:48:12:8a:43:eb:14:d3:ad:33:63:41:12:f1:
c4:2d:82:3d:cf:0a:9e:bd:ff:76:2a:a7:40:51:38:c8:37:c2:
71:53:6a:85:20:40:54:f5:59:39:a6:be:8a:34:03:02:ee:0a:
57:b9:5a:89:01:c4:15:61:68:2f:9b:3e:d6:de:26:18:fb:7f:
5c:e5:ac:f6:11:ae:8a:6b:db:3f:f2:ac:cf:6e:39:03:a7:6e:
b7:1d:f0:7a:e8:f8:66:74:ab:22:d1:7b:81:fb:8d:ac:ab:34:
f7:52:09:9b:ad:57:0b:17:a4:8b:14:30:61:06:d7:b2:70:cf:
de:24:7b:e4:59:cf:a0:fa:48:d6:5e:9f:80:04:45:da:ab:c4:
d5:2f:6f:45:2c:fc:c2:09:a0:3f:ac:51:7e:17:7d:19:b2:fa:
55:cd:6e:c1:5b:78:3c:81:ac:04:fa:df:cf:e7:47:c1:b3:57:
6b:06:d8:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3WoYhqsvpmJb7Pqh+1VpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZDY1NGYyZTE2ZmU4ODI2ZTA0YWU5NmRmNWU1Y2IwYTI2
MDM4MGEwHhcNMjMwMTAxMTUwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2JhMTE5NGM2MTFlOTQwODMxYzkxMDg4ODhmZmM1MDI2ZGFkNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBnsCHQif8JioA4kl079BNaK+KhL
RIBm9jketD2NMbmMTitj8IZzu45nRYOMKVXbXmxMbALRhu3x5G0g+SGKH7VeiqM2
obt88jiyu6qvmlxukvclAkCqiMhBJkL9kZQwUFtaGuaOD+n4nHNIIyZeT0/P+DVi
eJvjeurTlIoJGc1BkG99mdFw7A/hdZelKdoNwTKixFnTWIlvynu1vRP6cOUAouTC
ZDzZ5iYpGPHi90aQRH5jNiS42ZLpMLukfvFrpUl4eQ4yfd2+Eqf2a0Fm/Hkdem1K
VyfBcfxD+Pd53i5ZP5b2fiwRtaub0UYrqRKEwRnqnGwEYR5eRwPWt2epgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBe6EZTGEelAgxyRCIiP/FAm2tVMMB8GA1UdIwQY
MBaAFHDWVPLhb+iCbgSult9eXLCiYDgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY05aVTh1RnY2SUp1Qks2VzMxNWNzS0pnT0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83NGJiYmMtOWQ3Mi00NGVjLTg1OWIt
Yzc2N2NiNzRiZGRiLzEvRjdvUmxNWVI2VUNESEpFSWlJXzhVQ2JhMVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83NGJiYmMtOWQ3Mi00NGVjLTg1OWItYzc2N2NiNzRiZGRi
LzEvY05aVTh1RnY2SUp1Qks2VzMxNWNzS0pnT0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQjJMA0G
CSqGSIb3DQEBCwUAA4IBAQBRNeYHF1cI8Fgm2YS9DToYUKnu3pyByqAMAuEI+nJf
SrtfkKPsAviiGNScZmbCzXGEPcyklMFBrP7kFA9afT+NM7kI+wwPgL7txmWtdEgS
ikPrFNOtM2NBEvHELYI9zwqevf92KqdAUTjIN8JxU2qFIEBU9Vk5pr6KNAMC7gpX
uVqJAcQVYWgvmz7W3iYY+39c5az2Ea6Ka9s/8qzPbjkDp263HfB66PhmdKsi0XuB
+42sqzT3UgmbrVcLF6SLFDBhBteycM/eJHvkWc+g+kjWXp+ABEXaq8TVL29FLPzC
CaA/rFF+F30ZsvpVzW7BW3g8gawE+t/P50fBs1drBtiK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:56 2024 by rpki-client on console-fra.rpki-client.org