Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X7yl0rpgyNMUUufQ0Ua3LtoHZsI.roa
File: X7yl0rpgyNMUUufQ0Ua3LtoHZsI.roa (raw, json)
Hash identifier: irmjjZeuCcXspdJVAy4Kc0v+nm1mpyJOqggbiAJ/3Xo=
Subject key identifier: 5F:BC:A5:D2:BA:60:C8:D3:14:52:E7:D0:D1:46:B7:2E:DA:07:66:C2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189E14F566967D3BDCDEE25833CA476DC67
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X7yl0rpgyNMUUufQ0Ua3LtoHZsI.roa
Signing time: Thu 10 Aug 2023 21:17:00 +0000
ROA not before: Thu 10 Aug 2023 21:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197450
IP address blocks: 194.180.50.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e1:4f:56:69:67:d3:bd:cd:ee:25:83:3c:a4:76:dc:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 10 21:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fbca5d2ba60c8d31452e7d0d146b72eda0766c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c5:c2:87:83:3a:83:4a:32:e7:b4:84:fe:c7:
53:6e:9a:af:47:5c:f1:ad:f3:d1:24:c0:cc:cc:9c:
e5:69:84:f7:dc:85:f4:26:60:f9:02:9f:20:c2:c8:
bf:d7:dd:3f:c4:f0:c2:75:dd:07:33:cc:d1:62:51:
1e:72:53:fa:e4:bc:34:70:ad:cc:de:3b:a7:1e:64:
64:ec:ea:7f:8f:74:c9:51:ff:39:b7:63:2c:fd:5f:
3b:14:12:1e:18:d2:f8:6c:a4:16:0d:2d:6c:1e:1f:
79:15:35:5c:1d:90:86:4c:49:68:66:59:4c:0e:26:
f8:65:ce:73:c4:65:21:73:a0:d0:b0:53:25:2d:97:
58:f2:8b:71:7e:61:d7:16:13:b3:e5:ea:75:f7:2a:
22:98:1b:b7:40:73:2b:eb:22:06:c2:36:1f:85:a9:
d2:d1:ef:d4:52:34:3e:58:35:63:3f:28:86:43:68:
7d:b0:32:65:19:53:7b:7e:59:18:6b:99:a8:32:22:
d1:db:11:ab:60:e1:75:ea:5f:85:87:6b:28:90:8b:
6a:87:8c:d7:f8:5c:25:a0:d3:3c:36:9c:37:26:fa:
a2:64:63:e8:47:aa:b5:44:ab:c5:bd:ce:ea:30:0c:
cc:0e:93:67:3a:3b:96:1d:77:1b:c0:88:88:12:62:
1d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BC:A5:D2:BA:60:C8:D3:14:52:E7:D0:D1:46:B7:2E:DA:07:66:C2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X7yl0rpgyNMUUufQ0Ua3LtoHZsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
72:3d:a4:a3:ab:09:cd:77:62:fd:70:83:0a:14:1b:a8:d6:f4:
ed:fa:1f:8a:0c:24:5a:d7:d4:44:30:91:80:e3:ad:66:e3:11:
ad:5c:95:17:32:67:04:ea:b0:17:ea:6b:02:57:80:f2:63:11:
e3:4d:3d:45:28:b6:87:a3:3b:a0:46:eb:99:4d:90:4a:fc:19:
a4:fc:82:1a:13:c2:43:fb:f9:f1:ea:8a:0d:ac:ce:4c:d4:ed:
18:b6:4a:f1:86:7e:92:18:29:45:78:7f:c6:15:7d:ad:56:80:
10:5b:42:b2:23:32:8f:1c:dc:15:98:88:2a:8d:d6:73:ce:e0:
ba:d1:ba:a7:9d:40:a5:21:8c:ef:15:5f:99:e0:c4:7c:ef:c6:
31:90:b0:a4:8f:c8:d8:6e:98:c9:bc:21:42:01:d9:59:1a:1b:
67:a9:35:22:5a:22:84:ad:b3:e6:a7:6d:fb:51:a0:cf:96:3e:
3d:41:cb:1c:bd:90:f0:22:31:0d:e0:f1:c9:81:4d:c4:c1:29:
90:60:3d:bb:23:13:9e:e7:44:6a:f2:d7:fb:05:5d:f9:3c:2d:
90:c2:6d:22:c7:07:c5:8b:96:ae:40:4c:4b:70:0a:11:14:39:
f9:7d:c5:f8:d0:6e:cd:a7:3a:a4:0d:c4:ef:07:9e:71:c1:99:
51:17:3c:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnhT1ZpZ9O9ze4lgzykdtxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODEwMjExNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmJjYTVkMmJhNjBjOGQzMTQ1MmU3ZDBkMTQ2YjcyZWRhMDc2NmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8XCh4M6g0oy57SE/sdTbpqvR1zx
rfPRJMDMzJzlaYT33IX0JmD5Ap8gwsi/190/xPDCdd0HM8zRYlEeclP65Lw0cK3M
3junHmRk7Op/j3TJUf85t2Ms/V87FBIeGNL4bKQWDS1sHh95FTVcHZCGTEloZllM
Dib4Zc5zxGUhc6DQsFMlLZdY8otxfmHXFhOz5ep19yoimBu3QHMr6yIGwjYfhanS
0e/UUjQ+WDVjPyiGQ2h9sDJlGVN7flkYa5moMiLR2xGrYOF16l+Fh2sokItqh4zX
+FwloNM8Npw3JvqiZGPoR6q1RKvFvc7qMAzMDpNnOjuWHXcbwIiIEmIdZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+8pdK6YMjTFFLn0NFGty7aB2bCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWDd5bDBycGd5Tk1VVXVmUTBVYTNMdG9IWnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrQyMA0G
CSqGSIb3DQEBCwUAA4IBAQByPaSjqwnNd2L9cIMKFBuo1vTt+h+KDCRa19REMJGA
461m4xGtXJUXMmcE6rAX6msCV4DyYxHjTT1FKLaHozugRuuZTZBK/Bmk/IIaE8JD
+/nx6ooNrM5M1O0Ytkrxhn6SGClFeH/GFX2tVoAQW0KyIzKPHNwVmIgqjdZzzuC6
0bqnnUClIYzvFV+Z4MR878YxkLCkj8jYbpjJvCFCAdlZGhtnqTUiWiKErbPmp237
UaDPlj49QcscvZDwIjEN4PHJgU3EwSmQYD27IxOe50Rq8tf7BV35PC2Qwm0ixwfF
i5auQExLcAoRFDn5fcX40G7NpzqkDcTvB55xwZlRFzyi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org