Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/3Vw30YMAIfT5nk4zYFK93xPVE0Q.roa
File: 3Vw30YMAIfT5nk4zYFK93xPVE0Q.roa (raw, json)
Hash identifier: 9SKne1dNf0E0koOI/SsrxURveE/i7Kd90W6Ryrzvn6Q=
Subject key identifier: DD:5C:37:D1:83:00:21:F4:F9:9E:4E:33:60:52:BD:DF:13:D5:13:44
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0183CB7422FB5EEEDE71F9FD63D733EA39B7
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/3Vw30YMAIfT5nk4zYFK93xPVE0Q.roa
Signing time: Wed 12 Oct 2022 09:08:49 +0000
ROA not before: Wed 12 Oct 2022 09:08:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 192.144.12.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cb:74:22:fb:5e:ee:de:71:f9:fd:63:d7:33:ea:39:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Oct 12 09:08:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd5c37d1830021f4f99e4e336052bddf13d51344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f4:5d:70:d8:3d:bf:8c:20:17:87:ed:fc:83:
aa:5e:77:ce:c0:c3:91:f7:cd:f7:e6:46:2b:b9:8b:
7b:73:de:94:8e:9e:01:91:37:52:78:73:de:8d:43:
03:ed:b6:5f:49:64:4b:9e:a0:da:a2:8a:46:64:dd:
bb:13:e5:79:30:73:43:d0:bc:35:8c:fb:88:f6:20:
09:7b:12:61:dd:95:92:11:bf:12:2b:2b:d9:51:f8:
2a:81:6a:8c:f6:bd:26:76:aa:23:08:21:dd:63:c6:
0b:0e:43:4f:0b:62:66:c1:88:d8:25:2e:38:c7:4c:
fe:0c:cc:bc:33:42:32:ae:54:55:be:5a:39:e8:16:
7a:5a:db:97:ba:82:29:aa:75:6e:71:4a:f7:6b:8f:
74:81:e0:38:b4:a3:d5:51:77:88:54:bf:fb:7f:90:
df:c6:de:3a:16:56:e4:99:42:49:44:1a:02:0d:77:
6d:df:38:21:1b:18:6a:9d:f0:0d:65:99:cf:32:9d:
f5:69:ee:a0:a6:cb:40:a1:7d:76:ea:b1:27:9f:06:
9e:c3:bd:bb:17:82:19:0d:68:d8:97:14:ac:57:50:
c7:f7:52:0f:96:9e:37:7e:ef:c3:6f:97:65:0f:ec:
8b:b0:d9:52:59:f4:cd:0c:cd:91:b8:5b:80:93:b6:
1c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:5C:37:D1:83:00:21:F4:F9:9E:4E:33:60:52:BD:DF:13:D5:13:44
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/3Vw30YMAIfT5nk4zYFK93xPVE0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.12.0/22
Signature Algorithm: sha256WithRSAEncryption
27:94:45:85:b8:83:c5:50:86:d1:88:45:11:ee:c4:cf:a9:94:
db:80:ac:54:99:c2:49:b9:af:9a:e5:55:82:86:b7:f1:cf:94:
df:c2:eb:ca:29:2b:6c:ab:7e:fd:a3:ce:ae:a8:a4:bb:df:45:
b6:0d:fa:26:e2:cf:99:38:05:52:7c:b1:e5:8f:bf:81:f9:91:
40:8f:08:d9:94:ab:75:26:7b:2c:45:cb:ce:41:d7:e4:93:b5:
33:3b:b9:5b:dc:73:38:20:99:c2:f8:05:41:69:f5:68:3a:37:
8b:ec:c4:74:5f:ad:aa:56:ad:2a:ab:24:39:b6:76:7a:ea:ce:
16:20:14:e3:50:8b:89:b0:53:8f:27:7e:04:24:af:99:fe:fe:
16:33:47:f5:8a:e2:93:47:c4:fa:2c:e6:e4:30:62:a5:b0:ef:
c7:82:88:2c:dc:dc:98:0c:e4:3f:c7:36:6b:9d:54:1b:14:2f:
3a:70:2d:ba:d7:7c:6a:a9:26:20:69:d8:93:d9:1b:ea:94:e3:
2c:72:53:59:76:f6:74:39:88:fa:b6:60:42:7e:88:ab:42:56:
b0:58:78:54:87:0b:ef:e7:5d:37:01:7d:2b:f0:3b:a9:71:64:
e9:9e:9d:8c:98:e2:72:65:29:96:d6:37:2b:22:65:4b:96:a6:
5e:46:36:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPLdCL7Xu7ecfn9Y9cz6jm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjIxMDEyMDkwODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDVjMzdkMTgzMDAyMWY0Zjk5ZTRlMzM2MDUyYmRkZjEzZDUxMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/RdcNg9v4wgF4ft/IOqXnfOwMOR
98335kYruYt7c96Ujp4BkTdSeHPejUMD7bZfSWRLnqDaoopGZN27E+V5MHND0Lw1
jPuI9iAJexJh3ZWSEb8SKyvZUfgqgWqM9r0mdqojCCHdY8YLDkNPC2JmwYjYJS44
x0z+DMy8M0IyrlRVvlo56BZ6WtuXuoIpqnVucUr3a490geA4tKPVUXeIVL/7f5Df
xt46FlbkmUJJRBoCDXdt3zghGxhqnfANZZnPMp31ae6gpstAoX126rEnnwaew727
F4IZDWjYlxSsV1DH91IPlp43fu/Db5dlD+yLsNlSWfTNDM2RuFuAk7YcBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1cN9GDACH0+Z5OM2BSvd8T1RNEMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvM1Z3MzBZTUFJZlQ1bms0ellGSzkzeFBWRTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJAMMA0G
CSqGSIb3DQEBCwUAA4IBAQAnlEWFuIPFUIbRiEUR7sTPqZTbgKxUmcJJua+a5VWC
hrfxz5TfwuvKKStsq379o86uqKS730W2Dfom4s+ZOAVSfLHlj7+B+ZFAjwjZlKt1
JnssRcvOQdfkk7UzO7lb3HM4IJnC+AVBafVoOjeL7MR0X62qVq0qqyQ5tnZ66s4W
IBTjUIuJsFOPJ34EJK+Z/v4WM0f1iuKTR8T6LObkMGKlsO/Hgogs3NyYDOQ/xzZr
nVQbFC86cC2613xqqSYgadiT2RvqlOMsclNZdvZ0OYj6tmBCfoirQlawWHhUhwvv
5103AX0r8DupcWTpnp2MmOJyZSmW1jcrImVLlqZeRjYL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org