Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3139332e3139342e31362e302f32322d3234203d3e203630383538.roa
File: 3139332e3139342e31362e302f32322d3234203d3e203630383538.roa (raw, json)
Hash identifier: 1ntJmrYP4Kk2cz/tzlQKVQ16vjOzOZyLxsuUlohQ9Us=
Subject key identifier: 05:15:CE:2D:83:E8:FF:57:0A:FA:45:B6:7E:64:A9:63:C5:B0:84:4C
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 0AD0C81FC752D3EA9B2542049B23CA74B682D211
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3139332e3139342e31362e302f32322d3234203d3e203630383538.roa
Signing time: Tue 21 May 2024 12:52:26 +0000
ROA not before: Tue 21 May 2024 12:47:26 +0000
ROA not after: Tue 20 May 2025 12:52:26 +0000
asID: 60858
IP address blocks: 193.194.16.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:d0:c8:1f:c7:52:d3:ea:9b:25:42:04:9b:23:ca:74:b6:82:d2:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 21 12:47:26 2024 GMT
Not After : May 20 12:52:26 2025 GMT
Subject: CN=0515CE2D83E8FF570AFA45B67E64A963C5B0844C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4e:23:06:20:c8:2b:2e:52:4e:c1:e3:b9:ee:
0d:c9:4c:e7:d8:83:6f:30:92:2f:a8:91:15:69:3d:
3c:e2:d8:b1:98:33:8a:d8:fd:01:ee:5e:3e:25:8c:
e7:89:be:22:d5:67:9b:c5:f8:6a:94:db:6c:56:6f:
d7:99:0d:f3:25:5b:37:f6:69:04:cd:d9:d2:b5:cc:
a5:e5:d8:93:42:30:24:70:c2:b8:5c:73:1a:8e:03:
a0:4e:63:27:af:0d:65:7c:e8:e1:b8:62:83:f6:3f:
04:84:e3:18:3e:3b:ac:2a:df:ac:04:cd:45:0d:95:
62:5b:50:4a:fb:71:bf:e2:09:b0:ea:82:09:3f:16:
93:70:0b:e4:8f:0d:2f:e8:16:6f:3c:80:95:ac:4b:
ee:d6:5c:6d:cf:3b:4f:f3:3f:74:89:01:ec:a7:f2:
2a:47:b0:c1:6f:14:6d:d4:0e:ef:23:8a:d9:e8:59:
f4:f4:4c:81:d1:80:da:40:63:9c:db:30:18:37:07:
b0:b2:ee:96:4d:3d:f9:34:57:5c:e0:88:2c:e1:63:
ff:9d:32:f6:21:10:09:bc:83:50:e1:26:81:04:d0:
43:24:dd:ce:2f:b5:57:da:4e:33:e7:d5:35:94:29:
ce:ad:cc:13:10:90:57:a0:15:dd:72:b2:99:21:9e:
6f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:15:CE:2D:83:E8:FF:57:0A:FA:45:B6:7E:64:A9:63:C5:B0:84:4C
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/3139332e3139342e31362e302f32322d3234203d3e203630383538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.16.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:0d:a5:33:d6:e8:d5:75:9f:6f:c4:0c:a4:2c:7e:3d:41:2e:
54:06:43:34:c5:7f:54:cb:5b:40:8e:4a:e1:2a:fe:b3:4f:93:
4a:3c:04:3a:19:94:ac:56:af:f5:15:54:0f:5a:6d:9e:91:d9:
2f:aa:39:22:4a:7a:e9:97:54:7a:70:fa:81:5a:81:e4:06:29:
11:81:8b:a6:b4:64:73:f7:54:0b:42:d6:12:43:92:9e:43:31:
8c:a1:65:90:7a:03:0a:93:c2:bb:b2:db:f1:77:97:ed:a9:a0:
26:aa:a9:ad:64:be:b4:27:ff:da:e1:e2:db:8e:6f:8f:e5:80:
db:32:9a:d2:16:d4:6c:d7:bd:c4:71:8e:1a:7c:7e:39:48:13:
be:5c:67:51:c4:8d:36:02:56:03:18:9d:77:88:97:cc:33:c3:
46:b9:50:76:79:06:a8:b5:ad:a3:8e:dc:98:07:3f:d0:29:65:
ef:db:2b:49:d3:22:26:32:64:11:9f:ac:ab:26:c2:d1:72:ea:
e3:c7:6b:51:c1:c1:e2:8a:29:47:3a:d9:64:33:cd:51:f3:66:
21:b5:9a:ca:60:82:12:d6:d5:cb:cb:d6:06:10:26:d5:4f:3d:
ae:dc:87:91:94:0e:cf:4f:89:ec:bf:e1:2b:74:09:a1:53:1d:
ff:17:57:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCtDIH8dS0+qbJUIEmyPKdLaC0hEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MjExMjQ3MjZaFw0yNTA1MjAxMjUyMjZaMDMxMTAvBgNV
BAMTKDA1MTVDRTJEODNFOEZGNTcwQUZBNDVCNjdFNjRBOTYzQzVCMDg0NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTTiMGIMgrLlJOweO57g3JTOfY
g28wki+okRVpPTzi2LGYM4rY/QHuXj4ljOeJviLVZ5vF+GqU22xWb9eZDfMlWzf2
aQTN2dK1zKXl2JNCMCRwwrhccxqOA6BOYyevDWV86OG4YoP2PwSE4xg+O6wq36wE
zUUNlWJbUEr7cb/iCbDqggk/FpNwC+SPDS/oFm88gJWsS+7WXG3PO0/zP3SJAeyn
8ipHsMFvFG3UDu8jitnoWfT0TIHRgNpAY5zbMBg3B7Cy7pZNPfk0V1zgiCzhY/+d
MvYhEAm8g1DhJoEE0EMk3c4vtVfaTjPn1TWUKc6tzBMQkFegFd1yspkhnm+VAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBRXOLYPo/1cK+kW2fmSpY8WwhEwwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYt
MWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYxNjdkLzAvMzEzOTMzMmUzMTM5MzQyZTMx
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNjMwMzgzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
wcIQMA0GCSqGSIb3DQEBCwUAA4IBAQCKDaUz1ujVdZ9vxAykLH49QS5UBkM0xX9U
y1tAjkrhKv6zT5NKPAQ6GZSsVq/1FVQPWm2ekdkvqjkiSnrpl1R6cPqBWoHkBikR
gYumtGRz91QLQtYSQ5KeQzGMoWWQegMKk8K7stvxd5ftqaAmqqmtZL60J//a4eLb
jm+P5YDbMprSFtRs173EcY4afH45SBO+XGdRxI02AlYDGJ13iJfMM8NGuVB2eQao
ta2jjtyYBz/QKWXv2ytJ0yImMmQRn6yrJsLRcurjx2tRwcHiiilHOtlkM81R82Yh
tZrKYIIS1tXLy9YGECbVTz2u3IeRlA7PT4nsv+ErdAmhUx3/F1d9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org