Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2YTwtDXzu8VP-25rGBJupd972to.roa
File: 2YTwtDXzu8VP-25rGBJupd972to.roa (raw, json)
Hash identifier: g1YgtLo1T59ONEj3ehk0mXKpY7GbFA1jRGrUg2dPhjM=
Subject key identifier: D9:84:F0:B4:35:F3:BB:C5:4F:FB:6E:6B:18:12:6E:A5:DF:7B:DA:DA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01851019A4343ABFDBFCB90C80636B2CEB01
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2YTwtDXzu8VP-25rGBJupd972to.roa
Signing time: Wed 14 Dec 2022 10:06:33 +0000
ROA not before: Wed 14 Dec 2022 10:06:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206873
IP address blocks: 193.37.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:19:a4:34:3a:bf:db:fc:b9:0c:80:63:6b:2c:eb:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 14 10:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d984f0b435f3bbc54ffb6e6b18126ea5df7bdada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:00:9e:ce:8d:58:01:b1:d4:73:c1:dd:b9:a6:
44:10:34:35:51:ba:e9:6c:1c:c6:f5:67:eb:46:16:
fb:1e:19:5c:07:6b:5b:4a:eb:22:46:f3:d4:3a:92:
f6:35:2d:25:e2:2e:74:f5:3f:69:c3:bb:19:a4:60:
e8:60:cc:a1:7c:8a:c5:02:82:2e:ca:b3:fd:2d:78:
08:ce:6f:1f:80:29:11:ac:ba:47:2a:2b:95:88:b3:
6d:5a:e3:4f:59:36:af:1f:77:9d:44:d2:b8:ff:11:
91:d5:62:f4:44:dc:de:d1:48:38:83:8a:64:c9:19:
aa:9f:fe:07:92:6a:28:d3:9f:4f:7a:6b:f6:4a:89:
4b:ce:da:a3:37:2f:13:c8:4e:28:da:a7:34:d4:98:
f3:bb:9f:93:99:8d:04:ee:b5:d8:6d:89:1d:97:c4:
81:7d:14:0d:c7:ca:5f:00:38:7b:ff:fd:db:9d:70:
80:05:20:57:74:03:b6:11:0c:08:e0:04:26:ce:2a:
58:e9:20:34:6f:c6:51:c4:7d:60:b5:04:52:1b:81:
a8:0b:ef:2d:54:e7:62:ab:0c:81:72:93:eb:74:af:
78:6c:4b:da:47:ce:7f:bd:a7:f0:ab:03:3e:97:37:
43:69:18:71:3d:d1:70:ad:25:f1:f7:bb:04:3b:e5:
7c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:84:F0:B4:35:F3:BB:C5:4F:FB:6E:6B:18:12:6E:A5:DF:7B:DA:DA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2YTwtDXzu8VP-25rGBJupd972to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.43.0/24
Signature Algorithm: sha256WithRSAEncryption
27:74:f5:61:9f:c7:b2:7c:ca:a6:d2:73:82:76:5d:99:32:b1:
59:da:40:b3:50:1c:b0:c4:29:82:72:6f:51:aa:dd:fd:ee:cf:
0f:3b:d9:22:2f:7c:cd:da:93:8c:49:fa:5b:e8:bd:32:20:1b:
de:1f:b9:83:ad:eb:e0:9d:93:d6:94:61:04:78:9f:44:f2:f4:
ae:98:37:30:af:39:67:d6:06:08:97:fb:b1:0e:2e:66:d0:b8:
5a:f9:7b:05:45:50:a5:9f:2f:3d:29:72:7b:30:f0:dc:c5:63:
dd:d5:c7:5c:da:22:32:4d:cc:95:b0:f5:d3:00:ef:dd:49:ad:
4b:c0:e2:a7:3a:2c:6c:68:ae:bd:7a:b7:96:c0:76:a3:00:7c:
fc:79:a8:bc:31:2b:2f:99:49:bd:3f:b6:fa:88:ae:ad:2a:73:
16:95:5e:ec:d9:d8:a5:f5:6b:99:42:71:d4:ab:43:45:32:04:
98:41:1d:12:b7:8a:30:23:47:9a:86:4a:83:ca:21:90:ef:cb:
78:88:54:05:4c:1d:2c:38:b8:af:46:3c:88:a6:cc:a7:56:dd:
9a:fe:6f:76:20:50:77:a8:4a:c3:a3:4a:7d:50:5a:bc:4d:a1:
d3:6d:11:ae:49:24:ce:bc:12:59:8f:70:e3:f2:1a:3d:3a:03:
d5:ce:06:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUQGaQ0Or/b/LkMgGNrLOsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjE0MTAwNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTg0ZjBiNDM1ZjNiYmM1NGZmYjZlNmIxODEyNmVhNWRmN2JkYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowCezo1YAbHUc8HduaZEEDQ1Ubrp
bBzG9WfrRhb7HhlcB2tbSusiRvPUOpL2NS0l4i509T9pw7sZpGDoYMyhfIrFAoIu
yrP9LXgIzm8fgCkRrLpHKiuViLNtWuNPWTavH3edRNK4/xGR1WL0RNze0Ug4g4pk
yRmqn/4Hkmoo059Pemv2SolLztqjNy8TyE4o2qc01Jjzu5+TmY0E7rXYbYkdl8SB
fRQNx8pfADh7//3bnXCABSBXdAO2EQwI4AQmzipY6SA0b8ZRxH1gtQRSG4GoC+8t
VOdiqwyBcpPrdK94bEvaR85/vafwqwM+lzdDaRhxPdFwrSXx97sEO+V85QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmE8LQ187vFT/tuaxgSbqXfe9raMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMllUd3REWHp1OFZQLTI1ckdCSnVwZDk3MnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSUrMA0G
CSqGSIb3DQEBCwUAA4IBAQAndPVhn8eyfMqm0nOCdl2ZMrFZ2kCzUBywxCmCcm9R
qt397s8PO9kiL3zN2pOMSfpb6L0yIBveH7mDrevgnZPWlGEEeJ9E8vSumDcwrzln
1gYIl/uxDi5m0Lha+XsFRVClny89KXJ7MPDcxWPd1cdc2iIyTcyVsPXTAO/dSa1L
wOKnOixsaK69ereWwHajAHz8eai8MSsvmUm9P7b6iK6tKnMWlV7s2dil9WuZQnHU
q0NFMgSYQR0St4owI0eahkqDyiGQ78t4iFQFTB0sOLivRjyIpsynVt2a/m92IFB3
qErDo0p9UFq8TaHTbRGuSSTOvBJZj3Dj8ho9OgPVzgby
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-ams.rpki-client.org