Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/C7qPtvrMi8g37Vbjohi7zwsBc3w.roa
File: C7qPtvrMi8g37Vbjohi7zwsBc3w.roa (raw, json)
Hash identifier: gRW3JnQDPsHXrH3HfwOHgwwz0P80qpSrDrIzngkG31g=
Subject key identifier: 0B:BA:8F:B6:FA:CC:8B:C8:37:ED:56:E3:A2:18:BB:CF:0B:01:73:7C
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0181E7CBD217D805912A7E7CBBFBE3DF9556
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/C7qPtvrMi8g37Vbjohi7zwsBc3w.roa
Signing time: Sun 10 Jul 2022 11:08:23 +0000
ROA not before: Sun 10 Jul 2022 11:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60912
IP address blocks: 192.144.12.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e7:cb:d2:17:d8:05:91:2a:7e:7c:bb:fb:e3:df:95:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jul 10 11:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bba8fb6facc8bc837ed56e3a218bbcf0b01737c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:92:54:ab:15:19:75:18:59:f4:f8:2c:15:c9:
78:cc:87:5f:dd:54:43:f4:50:e3:25:1a:99:96:2a:
0d:7e:6d:8c:34:18:9b:a9:0c:e3:2e:9a:de:39:97:
ed:57:9f:04:d4:2a:ad:6d:c6:f0:f6:97:4e:75:02:
77:ee:43:73:23:26:45:a7:da:5b:67:8e:62:10:fd:
20:dd:d4:39:1e:24:52:6a:d1:df:1e:ff:a9:8f:e1:
32:b7:ca:8e:96:c6:b4:d0:3f:6b:02:52:2f:88:24:
e0:a8:a2:36:99:f0:6b:95:23:62:af:4b:60:70:4b:
d4:1d:29:0c:c6:2d:f6:0a:44:60:b9:77:fd:ad:71:
71:35:9c:f4:58:8f:c8:9d:e5:09:c5:d6:f5:dd:4e:
a2:53:d5:51:59:2c:4c:14:a8:0d:f8:3f:f4:64:fa:
ed:a1:64:5b:73:cd:91:41:4b:fb:1e:75:4d:62:f7:
7c:40:1a:9a:68:91:c4:26:b6:da:06:15:95:9a:9c:
11:4c:53:b6:1d:61:76:a8:33:9c:f2:38:33:b4:e6:
19:97:68:4e:c6:3a:e5:eb:e4:97:21:c2:58:75:06:
b6:cb:cf:24:aa:ce:e4:2a:fb:0f:21:aa:7b:6b:f8:
01:0c:6d:73:3f:54:77:29:5c:20:06:7e:a0:ac:56:
f6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BA:8F:B6:FA:CC:8B:C8:37:ED:56:E3:A2:18:BB:CF:0B:01:73:7C
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/C7qPtvrMi8g37Vbjohi7zwsBc3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.12.0/22
Signature Algorithm: sha256WithRSAEncryption
18:1a:49:8b:0c:12:f2:b7:ac:aa:32:be:28:fe:c3:f4:e2:a5:
9a:4e:d1:1f:09:7f:20:4e:ff:c7:e0:da:ca:60:45:b2:ef:84:
9d:a1:6c:8a:ac:ba:42:2e:08:47:9f:ad:f8:82:83:90:df:78:
eb:b5:b3:b7:cd:3d:bd:de:84:10:77:83:88:77:d4:5f:b4:3f:
96:d7:b2:b8:13:96:d4:ed:94:fe:00:3b:a8:e3:62:8a:66:c8:
4f:88:31:8d:54:10:6b:27:70:40:cd:31:3a:a4:d5:ba:f2:07:
0c:82:fe:2e:81:0b:7e:84:91:08:cf:87:05:cc:8f:c7:55:fc:
d1:83:35:69:73:a9:c4:18:d3:27:d2:6f:b3:59:02:fd:5c:1a:
c4:d6:d2:f6:7d:5e:8a:8d:b2:bc:80:e1:72:44:31:c2:7f:64:
ef:87:32:7b:6e:9f:77:1a:76:71:71:f1:5e:50:24:3b:b4:40:
f9:47:5b:ce:9d:3a:04:ca:a2:f2:dc:10:80:a0:f9:44:54:d2:
ce:d4:8a:32:90:1b:55:bb:21:0c:b2:d2:49:c5:4b:6e:8b:bb:
bf:5a:ff:67:c8:6b:78:ba:ad:64:5e:49:65:13:06:3a:7f:6a:
50:97:2e:06:4f:6c:41:d2:56:bb:8b:f6:57:cf:99:35:9b:80:
62:07:7d:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHny9IX2AWRKn58u/vj35VWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjIwNzEwMTEwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmJhOGZiNmZhY2M4YmM4MzdlZDU2ZTNhMjE4YmJjZjBiMDE3MzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZJUqxUZdRhZ9PgsFcl4zIdf3VRD
9FDjJRqZlioNfm2MNBibqQzjLpreOZftV58E1Cqtbcbw9pdOdQJ37kNzIyZFp9pb
Z45iEP0g3dQ5HiRSatHfHv+pj+Eyt8qOlsa00D9rAlIviCTgqKI2mfBrlSNir0tg
cEvUHSkMxi32CkRguXf9rXFxNZz0WI/IneUJxdb13U6iU9VRWSxMFKgN+D/0ZPrt
oWRbc82RQUv7HnVNYvd8QBqaaJHEJrbaBhWVmpwRTFO2HWF2qDOc8jgztOYZl2hO
xjrl6+SXIcJYdQa2y88kqs7kKvsPIap7a/gBDG1zP1R3KVwgBn6grFb20wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAu6j7b6zIvIN+1W46IYu88LAXN8MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvQzdxUHR2ck1pOGczN1Ziam9oaTd6d3NCYzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJAMMA0G
CSqGSIb3DQEBCwUAA4IBAQAYGkmLDBLyt6yqMr4o/sP04qWaTtEfCX8gTv/H4NrK
YEWy74SdoWyKrLpCLghHn634goOQ33jrtbO3zT293oQQd4OId9RftD+W17K4E5bU
7ZT+ADuo42KKZshPiDGNVBBrJ3BAzTE6pNW68gcMgv4ugQt+hJEIz4cFzI/HVfzR
gzVpc6nEGNMn0m+zWQL9XBrE1tL2fV6KjbK8gOFyRDHCf2TvhzJ7bp93GnZxcfFe
UCQ7tED5R1vOnToEyqLy3BCAoPlEVNLO1IoykBtVuyEMstJJxUtui7u/Wv9nyGt4
uq1kXkllEwY6f2pQly4GT2xB0la7i/ZXz5k1m4BiB30U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org