Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kDWB-cWYiNtKEdd8KZyg3vqxaAY.roa
File: kDWB-cWYiNtKEdd8KZyg3vqxaAY.roa (raw, json)
Hash identifier: QOr2pAFOk9bCdRMQ2YbHghPpcW0QQDYXhYZJ4bnaY2M=
Subject key identifier: 90:35:81:F9:C5:98:88:DB:4A:11:D7:7C:29:9C:A0:DE:FA:B1:68:06
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0185B9B905D233B408A0D60FC6745154C4B1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kDWB-cWYiNtKEdd8KZyg3vqxaAY.roa
Signing time: Mon 16 Jan 2023 08:36:28 +0000
ROA not before: Mon 16 Jan 2023 08:36:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206873
IP address blocks: 194.180.51.0/24 maxlen: 24
193.37.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b9:b9:05:d2:33:b4:08:a0:d6:0f:c6:74:51:54:c4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 16 08:36:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=903581f9c59888db4a11d77c299ca0defab16806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9a:f8:48:a7:f6:75:e5:ba:3f:e5:a0:f2:f2:
6d:68:7b:c8:e4:28:d7:06:9b:a4:8e:69:b9:77:c2:
62:c8:58:be:f6:67:09:ef:9c:d8:cd:5b:83:b1:9a:
de:a3:86:79:1d:e7:9a:cb:15:86:28:a0:4f:93:18:
51:4e:eb:5b:51:29:8a:61:d0:b0:5f:32:6f:fe:bf:
c1:8c:84:9d:9b:59:8c:5d:cd:a0:1d:39:a8:eb:e7:
f2:f4:06:43:aa:e2:3b:ed:3f:3c:10:ca:f0:03:96:
e3:5c:96:bd:04:d7:c9:dc:f3:e2:43:11:d1:2d:b5:
91:34:3c:94:16:90:de:f4:f0:eb:f7:21:d7:f1:1a:
b5:41:99:ae:b2:95:a5:c2:20:9a:57:46:c9:f2:e4:
3e:cc:66:cc:d1:c7:c1:a4:3d:cc:2a:73:cd:76:73:
2a:ee:59:61:ff:0e:b2:34:76:56:e6:46:8f:ae:b2:
77:ea:ca:b1:06:8a:e7:e5:73:5a:2b:74:7b:ca:3c:
9e:a8:3a:45:ca:d6:cb:01:9f:8e:ac:bc:6f:1e:61:
b6:58:7e:ac:08:a4:80:9f:2b:1f:a9:89:50:6d:44:
25:cf:9d:0a:b5:55:c3:81:d3:71:1e:5c:43:9a:91:
99:bd:00:8d:e6:15:01:10:c3:64:92:b5:ba:70:86:
9b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:35:81:F9:C5:98:88:DB:4A:11:D7:7C:29:9C:A0:DE:FA:B1:68:06
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kDWB-cWYiNtKEdd8KZyg3vqxaAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.43.0/24
194.180.51.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:40:73:34:08:61:57:44:dd:e0:23:9e:ab:4d:15:81:28:d6:
9f:1c:6f:6c:df:60:1f:0e:3b:0e:6d:89:fb:b2:91:5c:53:4d:
e7:a7:f2:0a:97:17:f7:4d:36:d4:ce:d7:ac:b7:bf:85:ee:2f:
43:a5:c3:a1:ef:25:3d:b9:ac:b8:7b:a6:f8:70:db:5b:88:35:
87:7e:06:90:2c:f4:37:e7:cb:b9:a2:02:6c:1c:52:ec:30:f3:
c9:f2:35:11:f0:34:d2:4f:b4:b7:81:79:5e:0c:30:84:42:3b:
23:d7:0e:53:f3:b0:4f:11:60:e0:d8:6f:ed:86:cc:77:45:16:
5a:88:6c:54:6f:7c:b5:6f:b9:7a:1c:45:9f:fa:ff:63:d5:75:
b5:bd:4b:ce:2d:2d:33:4b:71:11:14:93:0f:60:ba:5e:32:46:
b3:57:b3:d2:49:1a:4c:b6:36:e8:70:cb:70:75:e8:0a:da:dd:
5e:97:12:76:b5:1c:a4:37:2f:43:c0:5c:63:74:04:50:d6:8e:
6c:b2:2a:95:0b:ee:43:4d:37:93:b5:f3:6d:8c:cd:aa:36:40:
54:68:63:a1:a2:36:25:47:93:f7:0a:96:c0:44:8f:ef:7c:98:
d8:8c:e4:bf:a6:2b:ba:7f:40:6a:5e:e4:a7:de:2d:65:de:d2:
14:28:1c:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYW5uQXSM7QIoNYPxnRRVMSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTE2MDgzNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM1ODFmOWM1OTg4OGRiNGExMWQ3N2MyOTljYTBkZWZhYjE2ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5r4SKf2deW6P+Wg8vJtaHvI5CjX
Bpukjmm5d8JiyFi+9mcJ75zYzVuDsZreo4Z5HeeayxWGKKBPkxhRTutbUSmKYdCw
XzJv/r/BjISdm1mMXc2gHTmo6+fy9AZDquI77T88EMrwA5bjXJa9BNfJ3PPiQxHR
LbWRNDyUFpDe9PDr9yHX8Rq1QZmuspWlwiCaV0bJ8uQ+zGbM0cfBpD3MKnPNdnMq
7llh/w6yNHZW5kaPrrJ36sqxBorn5XNaK3R7yjyeqDpFytbLAZ+OrLxvHmG2WH6s
CKSAnysfqYlQbUQlz50KtVXDgdNxHlxDmpGZvQCN5hUBEMNkkrW6cIabGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJA1gfnFmIjbShHXfCmcoN76sWgGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva0RXQi1jV1lpTnRLRWRkOEtaeWczdnF4YUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSUrAwQA
wrQzMA0GCSqGSIb3DQEBCwUAA4IBAQA+QHM0CGFXRN3gI56rTRWBKNafHG9s32Af
DjsObYn7spFcU03np/IKlxf3TTbUztest7+F7i9DpcOh7yU9uay4e6b4cNtbiDWH
fgaQLPQ358u5ogJsHFLsMPPJ8jUR8DTST7S3gXleDDCEQjsj1w5T87BPEWDg2G/t
hsx3RRZaiGxUb3y1b7l6HEWf+v9j1XW1vUvOLS0zS3ERFJMPYLpeMkazV7PSSRpM
tjbocMtwdegK2t1elxJ2tRykNy9DwFxjdARQ1o5ssiqVC+5DTTeTtfNtjM2qNkBU
aGOhojYlR5P3CpbARI/vfJjYjOS/piu6f0BqXuSn3i1l3tIUKBxF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:41 2023 by rpki-client on console-ams.rpki-client.org