Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/KYwbU9uFar0ekSuQ8NFKt88BnI4.roa
File: KYwbU9uFar0ekSuQ8NFKt88BnI4.roa (raw, json)
Hash identifier: HY6saLO7IVGoPNJHtuwK5tIYYOMMW9xYJdQPrpaSFvw=
Subject key identifier: 29:8C:1B:53:DB:85:6A:BD:1E:91:2B:90:F0:D1:4A:B7:CF:01:9C:8E
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018DE9C17E55DD2CC634234E3EF7D2CCC6F1
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/KYwbU9uFar0ekSuQ8NFKt88BnI4.roa
Signing time: Tue 27 Feb 2024 08:49:48 +0000
ROA not before: Tue 27 Feb 2024 08:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 194.113.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:c1:7e:55:dd:2c:c6:34:23:4e:3e:f7:d2:cc:c6:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Feb 27 08:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=298c1b53db856abd1e912b90f0d14ab7cf019c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:58:9c:dc:e1:db:d3:06:83:7e:f5:1b:e3:20:
78:85:81:8c:56:7d:6b:8f:bb:48:a2:2c:a6:ba:9d:
4d:0a:8a:d7:08:e2:3e:f8:40:88:8f:8c:3d:76:e7:
9c:e4:2d:5e:8b:db:35:33:50:c3:0b:9c:a8:36:dc:
8d:b3:f7:c3:d0:36:e6:fb:be:f8:74:47:3a:5f:59:
41:2d:0e:a4:7f:b1:f9:f7:33:da:be:81:20:b8:18:
33:c4:5b:c2:fb:a7:d3:57:a0:99:22:78:3a:05:45:
5a:c9:ca:c5:ee:63:35:bc:ef:f1:98:78:a1:e7:86:
b2:bf:e3:fe:51:4d:ad:6f:65:8b:2d:ba:4b:9f:c9:
91:60:b7:f7:56:c9:a9:75:e5:a2:68:63:1a:fb:5a:
ee:95:9d:72:5d:e0:da:ee:1a:95:09:60:ea:44:03:
93:f2:7d:6e:b9:3f:11:4d:90:f2:e8:32:45:1f:a8:
ee:55:86:fb:3b:e8:0e:af:2b:b3:32:e1:45:51:6d:
06:84:dc:a8:72:d7:b0:ce:c4:e1:18:82:b9:98:c2:
a8:bd:56:12:ac:52:4f:b4:54:90:59:34:13:84:93:
bf:1b:c7:39:f9:ac:dd:e2:ec:0c:af:16:4b:f4:cf:
27:0c:cf:ee:28:eb:21:f7:ea:46:1b:91:c2:ea:d0:
d6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8C:1B:53:DB:85:6A:BD:1E:91:2B:90:F0:D1:4A:B7:CF:01:9C:8E
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/KYwbU9uFar0ekSuQ8NFKt88BnI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:ab:ff:e1:7d:4f:0b:fb:e2:c5:c9:cd:ba:5f:17:90:7f:63:
66:5e:3c:d7:1a:c7:b5:07:b1:22:12:e0:eb:94:63:2c:88:2e:
1f:12:fd:e2:5b:c8:65:25:f7:28:58:8b:a7:8b:d9:24:cd:a6:
84:07:09:12:4d:9f:51:3c:db:51:bf:a9:01:58:4b:f7:45:bf:
99:31:a1:38:7b:7f:51:f2:29:44:cf:11:ce:44:eb:80:f1:f4:
8f:26:08:e0:95:0f:b2:1c:dd:bd:7e:56:08:8a:40:44:fc:d0:
d0:c5:a6:36:4a:2f:6c:3f:29:4d:2b:c7:a8:e2:31:14:37:b7:
c6:ba:33:0a:a0:86:67:3e:69:77:8d:35:fc:a1:ba:cf:08:82:
7d:ae:76:98:f9:01:ec:ba:ca:c9:16:2d:dc:c8:44:6d:bc:99:
72:3b:83:d1:2c:32:af:f9:b7:7a:2d:ce:2d:44:9e:2c:6b:d0:
0d:30:d9:41:6f:b0:1d:3f:d1:36:f8:3b:4f:0d:39:1b:e9:b7:
13:b4:83:e2:d7:25:e0:44:24:04:50:58:e2:a0:7e:81:1c:3a:
4e:9d:ad:d3:9f:17:e3:ac:19:5d:e7:86:77:62:19:12:18:0d:
06:8f:bd:13:e1:fb:f4:ad:07:b6:0b:36:b7:9c:35:f1:00:49:
7d:d3:e2:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3pwX5V3SzGNCNOPvfSzMbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwMjI3MDg0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOThjMWI1M2RiODU2YWJkMWU5MTJiOTBmMGQxNGFiN2NmMDE5YzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVic3OHb0waDfvUb4yB4hYGMVn1r
j7tIoiymup1NCorXCOI++ECIj4w9duec5C1ei9s1M1DDC5yoNtyNs/fD0Dbm+774
dEc6X1lBLQ6kf7H59zPavoEguBgzxFvC+6fTV6CZIng6BUVaycrF7mM1vO/xmHih
54ayv+P+UU2tb2WLLbpLn8mRYLf3VsmpdeWiaGMa+1rulZ1yXeDa7hqVCWDqRAOT
8n1uuT8RTZDy6DJFH6juVYb7O+gOryuzMuFFUW0GhNyoctewzsThGIK5mMKovVYS
rFJPtFSQWTQThJO/G8c5+azd4uwMrxZL9M8nDM/uKOsh9+pGG5HC6tDWhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmMG1PbhWq9HpErkPDRSrfPAZyOMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvS1l3YlU5dUZhcjBla1N1UThORkt0ODhCbkk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnEiMA0G
CSqGSIb3DQEBCwUAA4IBAQB7q//hfU8L++LFyc26XxeQf2NmXjzXGse1B7EiEuDr
lGMsiC4fEv3iW8hlJfcoWIuni9kkzaaEBwkSTZ9RPNtRv6kBWEv3Rb+ZMaE4e39R
8ilEzxHOROuA8fSPJgjglQ+yHN29flYIikBE/NDQxaY2Si9sPylNK8eo4jEUN7fG
ujMKoIZnPml3jTX8obrPCIJ9rnaY+QHsusrJFi3cyERtvJlyO4PRLDKv+bd6Lc4t
RJ4sa9ANMNlBb7AdP9E2+DtPDTkb6bcTtIPi1yXgRCQEUFjioH6BHDpOna3Tnxfj
rBld54Z3YhkSGA0Gj70T4fv0rQe2Cza3nDXxAEl90+IF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org