Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-BoGqntKiziXOxmmuCwH9Agyk9I.roa
File: 1-BoGqntKiziXOxmmuCwH9Agyk9I.roa (raw, json)
Hash identifier: yp3lwBGpnaVpiw3jgu24QoLdc1ODM2pSiYb5dJ5vfJM=
Subject key identifier: F8:1A:06:AA:7B:4A:8B:38:97:3B:19:A6:B8:2C:07:F4:08:32:93:D2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0185062A580213895F1FAB5C3FB4826DD7FE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-BoGqntKiziXOxmmuCwH9Agyk9I.roa
Signing time: Mon 12 Dec 2022 11:48:36 +0000
ROA not before: Mon 12 Dec 2022 11:48:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9050
IP address blocks: 193.37.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:2a:58:02:13:89:5f:1f:ab:5c:3f:b4:82:6d:d7:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 12 11:48:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f81a06aa7b4a8b38973b19a6b82c07f4083293d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:93:80:8d:41:62:89:3e:64:7f:5c:1a:64:06:
0b:45:f7:7f:d5:29:8b:86:17:5e:42:1d:44:9d:f8:
0e:85:fe:3f:cf:63:08:cc:3b:5e:50:a4:95:cd:bb:
1b:1c:d5:67:eb:b2:be:a4:1a:96:7a:3a:6d:28:b9:
af:5d:df:73:fa:e4:a9:fa:68:c7:f0:62:2b:3e:d6:
eb:a0:e8:cc:20:1f:59:55:4a:85:d6:80:f4:59:c3:
92:9d:7d:f3:b2:18:ab:05:0e:10:8e:4f:1f:78:b1:
9b:dd:7a:e1:78:03:64:15:40:2c:35:72:c1:12:a3:
45:38:92:eb:1e:0f:0a:30:18:7c:41:ec:47:87:8a:
0f:93:69:e8:42:96:c5:ce:f6:d6:bf:7a:9c:e3:5a:
44:25:83:15:b8:8a:94:c3:5e:e3:ad:1b:74:8a:e6:
13:25:0e:e3:37:8d:b7:01:52:3e:8c:57:07:c4:c6:
8f:07:eb:89:38:2e:7b:bb:f4:00:eb:dc:11:c7:d1:
e3:6a:da:ec:66:b1:1d:da:81:0d:a1:9e:6b:05:4a:
cc:9e:01:e3:2a:1c:3d:1c:fd:bd:99:6c:25:b9:75:
0f:41:ed:0b:33:16:ac:38:d9:82:6b:da:02:f8:c6:
1d:01:10:88:96:e8:52:6e:59:ec:d6:d4:d5:d0:9e:
0c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1A:06:AA:7B:4A:8B:38:97:3B:19:A6:B8:2C:07:F4:08:32:93:D2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-BoGqntKiziXOxmmuCwH9Agyk9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:42:0e:77:c4:c4:50:b5:2c:fd:40:ca:00:da:4c:71:d3:8c:
93:eb:e4:d2:e7:98:4c:21:bf:2f:07:72:bf:c0:63:82:61:3b:
b7:f2:3c:40:1e:71:29:b6:9c:1c:5e:4c:12:81:2d:94:41:0a:
ca:5d:03:67:a8:6b:ea:69:d9:f3:b7:11:3f:63:21:0c:f5:d5:
3e:5e:6a:d2:f1:f1:b0:31:39:a3:a2:a5:92:7f:92:58:75:ea:
f7:28:05:85:d7:8f:75:00:09:b9:77:02:6f:8f:00:5c:73:38:
06:28:90:7f:7f:77:b4:83:86:d9:e6:19:90:0b:ea:cd:07:bb:
a9:a7:9e:7c:da:ac:d4:e3:77:70:ed:2f:03:36:c2:0a:1c:6c:
6a:38:cb:18:fb:d5:1c:65:c1:95:fb:d2:16:39:a5:5d:8d:a2:
7b:0d:ec:e3:4f:25:a6:52:3d:30:51:13:2e:e7:5c:cf:9a:bf:
b4:3e:94:02:82:f6:be:c0:92:a8:59:60:74:d0:72:76:e2:ce:
cb:8a:87:8c:68:c1:ba:58:05:2b:a6:b8:1c:4d:ba:f9:39:c9:
fe:c2:7a:ac:72:0c:bc:f7:ce:29:c1:d2:0c:30:4c:51:fb:85:
7a:36:30:9c:9c:e7:df:14:04:90:e2:71:66:52:c9:53:74:54:
b8:bb:56:b8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYUGKlgCE4lfH6tcP7SCbdf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjEyMTE0ODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODFhMDZhYTdiNGE4YjM4OTczYjE5YTZiODJjMDdmNDA4MzI5M2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpOAjUFiiT5kf1waZAYLRfd/1SmL
hhdeQh1EnfgOhf4/z2MIzDteUKSVzbsbHNVn67K+pBqWejptKLmvXd9z+uSp+mjH
8GIrPtbroOjMIB9ZVUqF1oD0WcOSnX3zshirBQ4Qjk8feLGb3XrheANkFUAsNXLB
EqNFOJLrHg8KMBh8QexHh4oPk2noQpbFzvbWv3qc41pEJYMVuIqUw17jrRt0iuYT
JQ7jN423AVI+jFcHxMaPB+uJOC57u/QA69wRx9HjatrsZrEd2oENoZ5rBUrMngHj
Khw9HP29mWwluXUPQe0LMxasONmCa9oC+MYdARCIluhSblns1tTV0J4MfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgaBqp7Sos4lzsZprgsB/QIMpPSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1Cb0dxbnRLaXppWE94bW11Q3dIOUFneWs5SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMElKzAN
BgkqhkiG9w0BAQsFAAOCAQEAW0IOd8TEULUs/UDKANpMcdOMk+vk0ueYTCG/Lwdy
v8BjgmE7t/I8QB5xKbacHF5MEoEtlEEKyl0DZ6hr6mnZ87cRP2MhDPXVPl5q0vHx
sDE5o6Klkn+SWHXq9ygFhdePdQAJuXcCb48AXHM4BiiQf393tIOG2eYZkAvqzQe7
qaeefNqs1ON3cO0vAzbCChxsajjLGPvVHGXBlfvSFjmlXY2iew3s408lplI9MFET
Ludcz5q/tD6UAoL2vsCSqFlgdNByduLOy4qHjGjBulgFK6a4HE26+TnJ/sJ6rHIM
vPfOKcHSDDBMUfuFejYwnJzn3xQEkOJxZlLJU3RUuLtWuA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:30 2023 by rpki-client on console-ams.rpki-client.org