Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jlFitYtEOtxAtcuJvGE5HNDWz2Y.roa
File: jlFitYtEOtxAtcuJvGE5HNDWz2Y.roa (raw, json)
Hash identifier: Ixd5rnu0jNoktGSRnmkFXC6+aXEr07ZfquBVJhvqG6c=
Subject key identifier: 8E:51:62:B5:8B:44:3A:DC:40:B5:CB:89:BC:61:39:1C:D0:D6:CF:66
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018751A990CBAF2A19A16108862744E4E45A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jlFitYtEOtxAtcuJvGE5HNDWz2Y.roa
Signing time: Wed 05 Apr 2023 13:44:39 +0000
ROA not before: Wed 05 Apr 2023 13:44:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211167
IP address blocks: 193.37.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:a9:90:cb:af:2a:19:a1:61:08:86:27:44:e4:e4:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 5 13:44:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e5162b58b443adc40b5cb89bc61391cd0d6cf66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7e:22:05:da:26:0c:7e:ff:a4:8c:3d:73:55:
2f:85:d9:cb:f2:d9:21:f7:9e:5b:c5:29:00:18:b7:
ed:14:da:76:9c:4d:a9:70:7a:81:f2:a9:7d:81:8e:
ef:e1:6a:54:d7:84:8c:fb:a5:c5:a4:a1:60:3b:28:
fc:4d:15:9e:d2:d3:d2:50:9d:67:2b:99:2b:14:6b:
2c:5b:fa:81:83:be:e5:19:6b:44:1e:b5:c6:74:b7:
f7:2a:0f:22:58:35:7e:23:e8:86:0c:0a:ec:13:33:
f1:ef:26:9b:cf:b0:d0:b9:62:db:4f:fe:99:6e:ea:
a2:47:12:be:f1:59:63:7b:41:43:d6:46:fa:98:da:
71:99:3c:00:fa:fe:e0:50:02:4e:2c:68:ed:55:56:
4f:54:8a:f5:30:e1:fd:5f:c7:ac:7b:0e:1a:ae:3a:
b2:25:70:8d:86:6b:0f:df:f9:64:a2:b0:9e:8a:b1:
90:47:31:c1:73:d0:a9:47:0a:2a:48:a0:fd:13:d9:
f9:35:94:a7:30:e7:71:d1:48:38:a1:9c:ab:b7:bc:
e7:ee:38:a0:33:f8:38:73:54:c6:72:74:7f:8a:3c:
a5:15:6f:d1:f4:33:85:12:85:bd:97:2d:6d:90:a7:
56:c8:fb:32:11:50:ec:66:a0:8d:11:76:af:0d:c9:
c2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:51:62:B5:8B:44:3A:DC:40:B5:CB:89:BC:61:39:1C:D0:D6:CF:66
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jlFitYtEOtxAtcuJvGE5HNDWz2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.43.0/24
Signature Algorithm: sha256WithRSAEncryption
34:d6:16:ab:bf:83:a2:f1:23:ca:d6:89:b0:fd:08:fd:49:c3:
38:9c:2b:b7:03:69:16:8b:92:a9:03:ee:49:e2:7e:7d:4a:12:
b8:64:db:99:71:8c:e3:1f:b9:7a:78:b7:54:84:cf:b1:4a:61:
eb:ee:de:f3:f6:a2:6a:c6:64:ca:eb:0a:18:b3:3b:c7:51:8b:
e2:4b:7a:ea:c5:f2:13:2d:94:02:44:35:11:19:cd:14:ba:c2:
f0:45:bc:c2:70:4b:43:b1:7c:51:1e:d4:45:2c:b2:2d:d5:c4:
e1:d2:0e:14:90:50:9a:43:29:04:05:76:bc:b1:31:ea:bd:0f:
4c:a5:da:d3:01:35:10:1b:b8:fa:fc:fe:4f:ec:da:92:87:2f:
36:a6:cf:8b:a5:7c:83:8b:03:66:12:f4:ca:bf:b6:0d:de:ee:
75:ef:2f:e6:b6:4a:8b:6d:60:74:a1:12:df:be:3e:b3:a5:a7:
03:f7:15:05:4e:e4:da:c2:c3:06:9c:33:55:47:bb:f7:9d:ad:
bf:0e:c1:e2:ab:14:76:88:2b:59:34:50:d4:fa:ba:d3:8d:2b:
e3:73:2e:d8:77:37:31:1b:6d:ff:bd:be:3d:2a:c0:93:23:ce:
3e:a3:f3:e2:76:3b:4f:ff:e5:66:93:95:7d:34:61:ab:96:c6:
d6:30:37:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdRqZDLryoZoWEIhidE5ORaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDA1MTM0NDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUxNjJiNThiNDQzYWRjNDBiNWNiODliYzYxMzkxY2QwZDZjZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX4iBdomDH7/pIw9c1UvhdnL8tkh
955bxSkAGLftFNp2nE2pcHqB8ql9gY7v4WpU14SM+6XFpKFgOyj8TRWe0tPSUJ1n
K5krFGssW/qBg77lGWtEHrXGdLf3Kg8iWDV+I+iGDArsEzPx7yabz7DQuWLbT/6Z
buqiRxK+8Vlje0FD1kb6mNpxmTwA+v7gUAJOLGjtVVZPVIr1MOH9X8esew4arjqy
JXCNhmsP3/lkorCeirGQRzHBc9CpRwoqSKD9E9n5NZSnMOdx0Ug4oZyrt7zn7jig
M/g4c1TGcnR/ijylFW/R9DOFEoW9ly1tkKdWyPsyEVDsZqCNEXavDcnCwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5RYrWLRDrcQLXLibxhORzQ1s9mMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvamxGaXRZdEVPdHhBdGN1SnZHRTVITkRXejJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSUrMA0G
CSqGSIb3DQEBCwUAA4IBAQA01harv4Oi8SPK1omw/Qj9ScM4nCu3A2kWi5KpA+5J
4n59ShK4ZNuZcYzjH7l6eLdUhM+xSmHr7t7z9qJqxmTK6woYszvHUYviS3rqxfIT
LZQCRDURGc0UusLwRbzCcEtDsXxRHtRFLLIt1cTh0g4UkFCaQykEBXa8sTHqvQ9M
pdrTATUQG7j6/P5P7NqShy82ps+LpXyDiwNmEvTKv7YN3u517y/mtkqLbWB0oRLf
vj6zpacD9xUFTuTawsMGnDNVR7v3na2/DsHiqxR2iCtZNFDU+rrTjSvjcy7Ydzcx
G23/vb49KsCTI84+o/PidjtP/+Vmk5V9NGGrlsbWMDfX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:41 2023 by rpki-client on console-ams.rpki-client.org