Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oVIEARkgWBFwtn4Z7eCYTzWL-g.roa
File: 1-oVIEARkgWBFwtn4Z7eCYTzWL-g.roa (raw, json)
Hash identifier: 95cDDe/L5wniasJ6xdTxb/3lRKJemXvVBASjYDpdGUo=
Subject key identifier: FA:85:48:10:04:64:81:60:45:C2:D9:F8:67:B7:82:61:3C:D6:2F:E8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D820DADB2196FE565E740E9BFA66555
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oVIEARkgWBFwtn4Z7eCYTzWL-g.roa
Signing time: Sun 01 Jan 2023 13:25:17 +0000
ROA not before: Sun 01 Jan 2023 13:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 194.180.50.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:82:0d:ad:b2:19:6f:e5:65:e7:40:e9:bf:a6:65:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa8548100464816045c2d9f867b782613cd62fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:58:08:ca:a4:d8:80:84:97:a7:74:4a:81:c0:
a2:5e:4d:20:80:16:66:fa:9e:6e:5b:78:09:02:dd:
e9:df:47:4e:30:c5:35:9d:14:f9:f6:8a:f5:62:1a:
bc:98:49:50:85:19:33:7b:ce:25:55:5e:cb:fc:d7:
db:1f:68:d5:96:30:4d:d2:97:20:eb:f0:72:4d:0a:
52:c1:aa:24:57:65:ec:18:da:c3:0f:39:56:6b:f9:
5d:38:50:48:94:ca:fe:05:76:79:aa:9f:e0:96:23:
20:a3:e7:ea:52:0e:eb:17:b9:2a:75:bc:e3:75:35:
ef:e3:53:b6:e8:e7:6b:cf:eb:fc:49:5e:c9:c8:94:
7e:83:60:33:89:00:06:16:3a:21:16:59:74:ab:92:
58:ca:79:fd:b9:89:5a:36:6c:20:d6:15:17:c3:8b:
79:f1:9c:49:c9:e4:85:3c:09:1d:c6:f5:2e:bb:a5:
28:42:bc:71:33:d2:e9:6a:d8:56:d2:80:30:7a:5d:
77:3f:a1:30:99:2e:e1:bc:cd:8d:f5:08:1b:69:56:
61:e3:5a:19:2d:d0:83:a9:2b:6e:86:fa:4d:92:b9:
d5:a3:e0:4f:19:82:47:0c:7d:b3:5b:88:b2:4c:fd:
33:e3:d1:f8:7e:2f:c5:a6:a7:cd:a3:15:b1:10:4a:
b5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:85:48:10:04:64:81:60:45:C2:D9:F8:67:B7:82:61:3C:D6:2F:E8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oVIEARkgWBFwtn4Z7eCYTzWL-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
00:03:59:0b:02:13:b5:cc:20:bd:7e:27:46:9f:e0:b9:2d:3e:
a4:09:4e:3f:fb:ce:0b:1d:db:54:fc:dc:f5:a8:ad:bf:49:2f:
b0:95:bc:ff:3e:c1:a7:57:75:00:76:ca:9a:b0:33:2e:53:98:
d9:55:a8:07:9e:ce:9f:67:aa:c4:f6:c2:8b:16:83:29:54:d8:
b0:49:e3:ed:ea:45:29:b7:b4:b4:37:31:95:ee:16:e9:17:75:
a1:3b:3b:b5:2e:a0:8c:1d:97:a0:47:bb:fc:8b:58:59:c6:64:
ba:f3:80:e6:52:8a:9f:a3:22:1d:24:b5:0b:7a:ec:0d:4d:5c:
68:a6:a8:56:db:49:4e:90:6d:de:d1:04:12:3c:34:16:e5:ed:
b0:42:85:d8:4a:18:38:71:dd:1a:17:c9:26:d4:81:0f:de:81:
41:4c:26:6d:0d:0f:b9:21:ee:19:18:5b:8a:37:a7:76:3f:e0:
5b:e8:e6:28:35:74:e5:ad:f2:d0:d8:61:7e:e7:84:3b:73:7f:
a9:11:7c:d3:6e:fa:d2:d1:01:7a:3c:c0:9d:b2:3c:2f:59:1d:
02:c4:d5:63:3b:d3:ce:57:5d:c7:1e:91:ac:57:e5:d5:be:c4:
c0:88:a2:1f:2c:18:c1:25:c0:67:cf:f6:bb:0c:45:e3:e8:6c:
35:f2:cf:ae
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtgg2tshlv5WXnQOm/pmVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg1NDgxMDA0NjQ4MTYwNDVjMmQ5Zjg2N2I3ODI2MTNjZDYyZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1gIyqTYgISXp3RKgcCiXk0ggBZm
+p5uW3gJAt3p30dOMMU1nRT59or1Yhq8mElQhRkze84lVV7L/NfbH2jVljBN0pcg
6/ByTQpSwaokV2XsGNrDDzlWa/ldOFBIlMr+BXZ5qp/gliMgo+fqUg7rF7kqdbzj
dTXv41O26Odrz+v8SV7JyJR+g2AziQAGFjohFll0q5JYynn9uYlaNmwg1hUXw4t5
8ZxJyeSFPAkdxvUuu6UoQrxxM9LpathW0oAwel13P6EwmS7hvM2N9QgbaVZh41oZ
LdCDqStuhvpNkrnVo+BPGYJHDH2zW4iyTP0z49H4fi/FpqfNoxWxEEq11wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqFSBAEZIFgRcLZ+Ge3gmE81i/oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1vVklFQVJrZ1dCRnd0bjRaN2VDWVR6V0wtZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMK0MjAN
BgkqhkiG9w0BAQsFAAOCAQEAAANZCwITtcwgvX4nRp/guS0+pAlOP/vOCx3bVPzc
9aitv0kvsJW8/z7Bp1d1AHbKmrAzLlOY2VWoB57On2eqxPbCixaDKVTYsEnj7epF
Kbe0tDcxle4W6Rd1oTs7tS6gjB2XoEe7/ItYWcZkuvOA5lKKn6MiHSS1C3rsDU1c
aKaoVttJTpBt3tEEEjw0FuXtsEKF2EoYOHHdGhfJJtSBD96BQUwmbQ0PuSHuGRhb
ijendj/gW+jmKDV05a3y0NhhfueEO3N/qRF802760tEBejzAnbI8L1kdAsTVYzvT
zlddxx6RrFfl1b7EwIiiHywYwSXAZ8/2uwxF4+hsNfLPrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:56 2024 by rpki-client on console-fra.rpki-client.org