Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/yeS-AERQiJRSUCaKAygNlep52vQ.roa
File: yeS-AERQiJRSUCaKAygNlep52vQ.roa (raw, json)
Hash identifier: ebY+E6T+Q852vRAoVxw1krGdQSZsHizKskAWNL9xkdw=
Subject key identifier: C9:E4:BE:00:44:50:88:94:52:50:26:8A:03:28:0D:95:EA:79:DA:F4
Certificate issuer: /CN=70d654f2e16fe8826e04ae96df5e5cb0a260380a
Certificate serial: 07BB6C91
Authority key identifier: 70:D6:54:F2:E1:6F:E8:82:6E:04:AE:96:DF:5E:5C:B0:A2:60:38:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNZU8uFv6IJuBK6W315csKJgOAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/yeS-AERQiJRSUCaKAygNlep52vQ.roa
Signing time: Sat 01 Jan 2022 11:58:54 +0000
ROA not before: Sat 01 Jan 2022 11:58:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198505
IP address blocks: 193.8.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129723537 (0x7bb6c91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70d654f2e16fe8826e04ae96df5e5cb0a260380a
Validity
Not Before: Jan 1 11:58:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9e4be00445088945250268a03280d95ea79daf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:79:8f:2e:be:4c:42:1c:95:57:ff:2e:8c:9e:
6d:7e:98:fc:f8:76:a8:c7:6d:69:0c:31:07:9d:eb:
b8:98:84:7a:c6:fb:7c:7b:6d:f6:4a:bd:aa:1f:fe:
6d:34:d1:9a:72:82:a9:fa:b5:84:c5:b3:89:8d:ae:
ed:df:71:5c:0a:d6:73:ae:a2:a8:9a:64:14:f1:bc:
44:b7:aa:00:06:4a:57:1e:e3:24:8e:37:d3:4f:7b:
53:7c:41:02:f1:8f:da:5f:d3:f2:a0:77:5e:76:29:
36:7c:95:c6:88:6c:23:1e:8f:8a:5e:9e:a9:8d:d1:
e9:24:eb:51:80:09:eb:54:bd:69:3b:aa:73:2e:c9:
02:f3:dc:d2:46:4d:cf:0a:6c:8e:b5:83:2e:4c:c3:
1d:c0:1a:7c:64:17:e5:0a:ae:c3:33:1f:ae:48:d5:
5c:6e:98:78:ef:df:a6:34:43:8c:93:0f:ab:f0:48:
01:e6:bd:75:bc:38:6f:7a:59:9d:39:ed:e0:36:1e:
a2:c4:86:59:b0:bc:d0:0a:fb:1e:2c:24:a2:c4:d1:
25:8a:57:d8:a7:28:f3:1b:40:83:95:21:38:9f:11:
f9:17:c7:cb:96:dd:1e:a0:9e:6f:33:55:b8:d2:a1:
3b:89:80:31:d8:e7:3a:3e:02:1d:5f:be:cc:6a:27:
04:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E4:BE:00:44:50:88:94:52:50:26:8A:03:28:0D:95:EA:79:DA:F4
X509v3 Authority Key Identifier:
keyid:70:D6:54:F2:E1:6F:E8:82:6E:04:AE:96:DF:5E:5C:B0:A2:60:38:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNZU8uFv6IJuBK6W315csKJgOAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/yeS-AERQiJRSUCaKAygNlep52vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/74bbbc-9d72-44ec-859b-c767cb74bddb/1/cNZU8uFv6IJuBK6W315csKJgOAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.201.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:44:7e:8b:77:d2:d3:d5:2a:07:3c:15:96:fe:14:a7:5e:74:
50:7d:52:cc:1b:c3:d5:4b:82:7c:13:4a:1d:a6:72:ad:36:43:
30:7d:18:02:a5:8c:69:c9:59:27:d3:c5:ec:62:e8:37:4f:c0:
da:c3:f7:8b:76:92:14:e8:46:22:96:ee:df:34:77:b1:f3:08:
09:86:67:74:2d:8f:22:c8:08:60:ed:ed:83:6e:2d:c4:a4:25:
d8:e9:c2:aa:74:be:8d:fe:b7:b1:68:c7:27:68:36:e3:1b:2d:
ec:0a:1c:49:10:97:d4:8d:7a:5e:c2:d9:49:0c:ab:d1:fa:5a:
74:ba:ea:64:51:d3:d5:90:0a:82:66:b8:15:13:7b:de:b4:7e:
12:11:65:7f:3c:73:fe:d4:44:bd:cd:3d:8a:15:94:1f:6a:86:
53:f6:b9:06:b0:6d:ae:15:df:c0:9d:ec:d1:2d:d4:02:9a:86:
de:a5:8d:31:50:05:ed:b4:d4:7c:8d:89:d6:f8:2e:81:bc:e0:
93:cf:ce:99:32:72:16:cc:31:f2:d0:54:35:5c:7d:9a:a1:69:
e9:82:80:88:5d:64:8d:02:51:46:96:e1:38:19:de:01:8e:72:
d5:e0:59:49:af:e5:49:0e:5d:27:00:0a:b1:a2:c9:97:ef:2e:
11:a6:b5:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7tskTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MGQ2NTRmMmUxNmZlODgyNmUwNGFlOTZkZjVlNWNiMGEyNjAzODBhMB4XDTIyMDEw
MTExNTg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzllNGJlMDA0NDUw
ODg5NDUyNTAyNjhhMDMyODBkOTVlYTc5ZGFmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPV5jy6+TEIclVf/LoyebX6Y/Ph2qMdtaQwxB53ruJiEesb7
fHtt9kq9qh/+bTTRmnKCqfq1hMWziY2u7d9xXArWc66iqJpkFPG8RLeqAAZKVx7j
JI430097U3xBAvGP2l/T8qB3XnYpNnyVxohsIx6Pil6eqY3R6STrUYAJ61S9aTuq
cy7JAvPc0kZNzwpsjrWDLkzDHcAafGQX5QquwzMfrkjVXG6YeO/fpjRDjJMPq/BI
Aea9dbw4b3pZnTnt4DYeosSGWbC80Ar7HiwkosTRJYpX2Kco8xtAg5UhOJ8R+RfH
y5bdHqCebzNVuNKhO4mAMdjnOj4CHV++zGonBAcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTJ5L4ARFCIlFJQJooDKA2V6nna9DAfBgNVHSMEGDAWgBRw1lTy4W/ogm4E
rpbfXlywomA4CjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NOWlU4dUZ2NklKdUJLNlczMTVjc0tKZ09Bby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvNzRiYmJjLTlkNzItNDRlYy04NTliLWM3NjdjYjc0YmRkYi8x
L3llUy1BRVJRaUpSU1VDYUtBeWdObGVwNTJ2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
NzRiYmJjLTlkNzItNDRlYy04NTliLWM3NjdjYjc0YmRkYi8xL2NOWlU4dUZ2NklK
dUJLNlczMTVjc0tKZ09Bby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEIyTANBgkqhkiG9w0BAQsFAAOC
AQEAPkR+i3fS09UqBzwVlv4Up150UH1SzBvD1UuCfBNKHaZyrTZDMH0YAqWMaclZ
J9PF7GLoN0/A2sP3i3aSFOhGIpbu3zR3sfMICYZndC2PIsgIYO3tg24txKQl2OnC
qnS+jf63sWjHJ2g24xst7AocSRCX1I16XsLZSQyr0fpadLrqZFHT1ZAKgma4FRN7
3rR+EhFlfzxz/tREvc09ihWUH2qGU/a5BrBtrhXfwJ3s0S3UApqG3qWNMVAF7bTU
fI2J1vgugbzgk8/OmTJyFswx8tBUNVx9mqFp6YKAiF1kjQJRRpbhOBneAY5y1eBZ
Sa/lSQ5dJwAKsaLJl+8uEaa1zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:56 2024 by rpki-client on console-fra.rpki-client.org