Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/dYUi1leB40i01Ij1x3pCFhf8yrg.roa
File: dYUi1leB40i01Ij1x3pCFhf8yrg.roa (raw, json)
Hash identifier: kXYj51wZV+PClVYL/KzxNczXdw+dbcfseZEZ5fnv72g=
Subject key identifier: 75:85:22:D6:57:81:E3:48:B4:D4:88:F5:C7:7A:42:16:17:FC:CA:B8
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018A6B2DBDD157611FC1BCE2B9C340C3269E
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/dYUi1leB40i01Ij1x3pCFhf8yrg.roa
Signing time: Wed 06 Sep 2023 15:47:54 +0000
ROA not before: Wed 06 Sep 2023 15:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.113.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:2d:bd:d1:57:61:1f:c1:bc:e2:b9:c3:40:c3:26:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Sep 6 15:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=758522d65781e348b4d488f5c77a421617fccab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d1:39:bf:5a:14:6e:b5:9b:89:27:f3:bc:89:
16:d8:c7:e7:07:74:bc:df:c6:3f:04:03:91:96:95:
80:ab:5e:22:4e:76:15:74:77:ff:58:ea:db:45:25:
51:99:31:85:bb:07:65:5c:dc:a3:32:58:df:91:3c:
6f:88:48:a3:cb:81:61:4f:b1:f4:61:b5:41:dd:66:
68:f4:3e:09:43:a1:22:9d:2a:80:46:62:d4:1c:ab:
8f:0d:13:17:5a:a0:8c:02:44:04:40:85:8a:63:ef:
85:86:0f:0d:a2:89:70:d9:4f:fa:ae:37:38:a4:44:
df:2e:db:90:7d:38:fc:44:3a:e7:c0:e3:13:a5:ea:
58:fb:63:08:47:aa:36:70:ce:25:e3:78:fb:48:e9:
41:76:bc:6c:0b:49:58:b1:29:2b:86:36:8b:2b:89:
cc:2a:ae:1d:f8:0e:bf:4e:f6:d2:dd:27:f6:e5:16:
87:39:3c:13:f8:e8:86:bf:4e:90:56:5c:7e:d0:e8:
d6:a6:07:d1:80:18:84:22:67:a6:80:34:34:fb:d0:
98:84:aa:07:33:17:70:16:bc:02:6d:7f:79:2d:62:
5a:30:62:9e:6d:1b:aa:72:97:af:81:74:b2:7e:d9:
4a:e0:2d:75:72:d1:12:57:75:f5:50:20:2b:6e:95:
30:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:85:22:D6:57:81:E3:48:B4:D4:88:F5:C7:7A:42:16:17:FC:CA:B8
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/dYUi1leB40i01Ij1x3pCFhf8yrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
36:3e:3a:55:92:e0:39:2b:6c:47:22:f7:d5:2d:f3:6b:5b:72:
c9:81:8f:1d:fc:5b:f4:b3:4d:10:e8:f1:da:e8:91:79:ea:ce:
0f:90:00:29:4a:bb:9e:d7:b0:00:56:84:b1:25:2f:2f:61:8c:
6f:46:1a:94:95:51:aa:ce:c2:39:e8:5e:ee:10:e0:5d:12:17:
10:ce:dc:8a:20:88:6d:7f:35:bd:9b:bc:a6:60:dc:0f:62:a4:
22:00:48:be:31:ae:7d:9f:bd:e8:54:da:c3:70:8c:5e:e5:b2:
68:d7:fe:84:11:a9:6f:e8:8e:df:6f:92:81:79:bd:10:01:67:
2e:93:b4:ea:09:d0:92:64:8e:bb:e8:48:81:ee:c4:fa:ee:7b:
ed:9e:4f:87:2b:2e:e0:9e:60:37:ec:e3:01:a6:81:43:52:8e:
e3:4c:f5:11:25:fa:23:fe:67:d4:2b:96:f4:10:bd:92:59:18:
bc:e3:36:21:96:25:13:49:b8:3c:07:48:f6:b4:b8:95:5e:24:
f9:69:5e:57:bb:02:14:ca:8b:89:57:c6:01:8c:22:65:99:86:
3c:f1:2b:c5:72:30:fc:01:1a:65:2d:5d:05:24:75:e3:35:a9:
91:dc:e1:ca:e4:b5:4a:cf:31:31:fe:a4:5d:ee:f8:c0:12:85:
a8:a6:ad:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYprLb3RV2EfwbziucNAwyaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwOTA2MTU0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTg1MjJkNjU3ODFlMzQ4YjRkNDg4ZjVjNzdhNDIxNjE3ZmNjYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNE5v1oUbrWbiSfzvIkW2MfnB3S8
38Y/BAORlpWAq14iTnYVdHf/WOrbRSVRmTGFuwdlXNyjMljfkTxviEijy4FhT7H0
YbVB3WZo9D4JQ6EinSqARmLUHKuPDRMXWqCMAkQEQIWKY++Fhg8Noolw2U/6rjc4
pETfLtuQfTj8RDrnwOMTpepY+2MIR6o2cM4l43j7SOlBdrxsC0lYsSkrhjaLK4nM
Kq4d+A6/TvbS3Sf25RaHOTwT+OiGv06QVlx+0OjWpgfRgBiEImemgDQ0+9CYhKoH
MxdwFrwCbX95LWJaMGKebRuqcpevgXSyftlK4C11ctESV3X1UCArbpUwpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWFItZXgeNItNSI9cd6QhYX/Mq4MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvZFlVaTFsZUI0MGkwMUlqMXgzcENGaGY4eXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnEiMA0G
CSqGSIb3DQEBCwUAA4IBAQA2PjpVkuA5K2xHIvfVLfNrW3LJgY8d/Fv0s00Q6PHa
6JF56s4PkAApSrue17AAVoSxJS8vYYxvRhqUlVGqzsI56F7uEOBdEhcQztyKIIht
fzW9m7ymYNwPYqQiAEi+Ma59n73oVNrDcIxe5bJo1/6EEalv6I7fb5KBeb0QAWcu
k7TqCdCSZI676EiB7sT67nvtnk+HKy7gnmA37OMBpoFDUo7jTPURJfoj/mfUK5b0
EL2SWRi84zYhliUTSbg8B0j2tLiVXiT5aV5XuwIUyouJV8YBjCJlmYY88SvFcjD8
ARplLV0FJHXjNamR3OHK5LVKzzEx/qRd7vjAEoWopq1B
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org