Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/c761f4-0903-4ab2-8f7b-99dbf2d7648a/1/K7baqZrk2bZCDAmc9oWsRTjV4uI.roa
File: K7baqZrk2bZCDAmc9oWsRTjV4uI.roa (raw, json)
Hash identifier: Tg0oqV0s6u9snXc1ooO/jMO3xOFXiYgvxZV8hM3mhsQ=
Subject key identifier: 2B:B6:DA:A9:9A:E4:D9:B6:42:0C:09:9C:F6:85:AC:45:38:D5:E2:E2
Certificate issuer: /CN=e28ff327f65ece51cb4e031fde7437a0a173f68c
Certificate serial: 054520A0
Authority key identifier: E2:8F:F3:27:F6:5E:CE:51:CB:4E:03:1F:DE:74:37:A0:A1:73:F6:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4o_zJ_ZezlHLTgMf3nQ3oKFz9ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/c761f4-0903-4ab2-8f7b-99dbf2d7648a/1/K7baqZrk2bZCDAmc9oWsRTjV4uI.roa
Signing time: Sat 01 Jan 2022 05:05:21 +0000
ROA not before: Sat 01 Jan 2022 05:05:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210255
IP address blocks: 193.22.224.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88416416 (0x54520a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e28ff327f65ece51cb4e031fde7437a0a173f68c
Validity
Not Before: Jan 1 05:05:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bb6daa99ae4d9b6420c099cf685ac4538d5e2e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:94:62:31:ef:68:61:88:c5:45:58:65:a2:a3:
0c:35:b2:b6:cb:23:e1:c6:51:e6:36:8e:c8:f2:d8:
2e:d1:70:e9:d6:66:d0:e6:69:d9:7a:75:4d:28:57:
e2:b6:1f:2a:c7:56:4f:41:31:d5:52:b7:3f:ee:0d:
a6:ab:cb:dc:81:86:ca:d2:37:2d:42:22:74:dd:5e:
53:59:ca:98:2b:e6:bc:4d:83:fe:94:ca:f1:80:dd:
be:00:b9:1a:23:9b:e4:86:68:67:c8:10:21:5d:43:
09:84:8f:0f:74:75:6e:f6:17:39:0f:57:81:aa:63:
00:ee:60:6e:49:22:37:61:81:78:7e:9e:d3:8e:68:
26:6d:1c:44:7c:6b:f3:2c:e0:2f:0c:3c:3c:ee:2a:
e9:09:ad:28:fa:3f:59:e9:e7:40:29:e2:55:fc:3e:
65:a8:8f:1d:f4:94:bf:c7:0f:85:f1:df:aa:66:b0:
c6:01:7e:bf:ad:9a:24:cd:d6:e2:17:dc:64:52:08:
7a:f6:e9:a9:5b:9d:63:88:29:ac:a5:ad:07:2c:80:
21:71:70:85:6f:c3:b9:22:f2:a3:59:0a:aa:c5:6a:
7f:3a:bf:4b:08:e2:d3:9d:1b:fe:94:93:8f:45:44:
19:b2:1f:ae:17:c6:3b:d9:25:2f:92:2c:55:fe:36:
bf:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B6:DA:A9:9A:E4:D9:B6:42:0C:09:9C:F6:85:AC:45:38:D5:E2:E2
X509v3 Authority Key Identifier:
keyid:E2:8F:F3:27:F6:5E:CE:51:CB:4E:03:1F:DE:74:37:A0:A1:73:F6:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4o_zJ_ZezlHLTgMf3nQ3oKFz9ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c761f4-0903-4ab2-8f7b-99dbf2d7648a/1/K7baqZrk2bZCDAmc9oWsRTjV4uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c761f4-0903-4ab2-8f7b-99dbf2d7648a/1/4o_zJ_ZezlHLTgMf3nQ3oKFz9ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.224.0/22
Signature Algorithm: sha256WithRSAEncryption
05:bf:e7:04:56:c0:c8:b0:3e:3a:c9:cb:24:6a:67:13:6f:7d:
10:54:8c:c4:a6:69:26:c9:8a:a8:28:61:ed:c6:43:a0:a4:a0:
2c:42:85:0d:09:25:73:b1:a6:01:bf:53:44:69:fe:29:1c:d2:
00:78:e2:2a:1b:86:ce:32:40:38:6c:c5:9e:70:f2:46:65:b5:
60:98:84:7d:59:e5:6a:64:f6:cc:16:9f:35:a7:4c:89:83:15:
90:d9:6f:6d:72:46:39:00:70:49:07:43:61:f8:59:a1:fa:37:
d1:1a:4d:61:7c:6f:47:7e:35:c4:6e:93:e7:a5:5a:c6:19:74:
4c:93:c1:a1:65:15:06:d6:92:d2:a3:4c:26:e2:03:18:b6:10:
92:42:61:41:b7:9b:07:40:b8:48:6d:26:5f:88:5c:6e:c0:23:
ea:f6:d5:c9:56:33:28:f9:de:ac:85:61:4f:97:f2:7d:cf:3e:
a2:99:1d:f0:e2:cf:b2:06:7e:ef:74:37:83:65:23:1d:44:07:
54:29:41:6a:3d:ed:7c:2c:09:f1:8e:cf:08:40:17:d2:91:3e:
43:c4:de:c8:37:d5:d0:2f:0b:bb:55:20:e4:57:5d:91:e1:5e:
af:c7:4c:05:91:42:0c:2f:01:03:27:d7:cb:b2:02:f1:58:c5:
f1:68:f3:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBUUgoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MjhmZjMyN2Y2NWVjZTUxY2I0ZTAzMWZkZTc0MzdhMGExNzNmNjhjMB4XDTIyMDEw
MTA1MDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJiNmRhYTk5YWU0
ZDliNjQyMGMwOTljZjY4NWFjNDUzOGQ1ZTJlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO6UYjHvaGGIxUVYZaKjDDWytssj4cZR5jaOyPLYLtFw6dZm
0OZp2Xp1TShX4rYfKsdWT0Ex1VK3P+4NpqvL3IGGytI3LUIidN1eU1nKmCvmvE2D
/pTK8YDdvgC5GiOb5IZoZ8gQIV1DCYSPD3R1bvYXOQ9XgapjAO5gbkkiN2GBeH6e
045oJm0cRHxr8yzgLww8PO4q6QmtKPo/WennQCniVfw+ZaiPHfSUv8cPhfHfqmaw
xgF+v62aJM3W4hfcZFIIevbpqVudY4gprKWtByyAIXFwhW/DuSLyo1kKqsVqfzq/
Swji050b/pSTj0VEGbIfrhfGO9klL5IsVf42v1sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQrttqpmuTZtkIMCZz2haxFONXi4jAfBgNVHSMEGDAWgBTij/Mn9l7OUctO
Ax/edDegoXP2jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRvX3pKX1plemxITFRnTWYzblEzb0tGejlvdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvYzc2MWY0LTA5MDMtNGFiMi04ZjdiLTk5ZGJmMmQ3NjQ4YS8x
L0s3YmFxWnJrMmJaQ0RBbWM5b1dzUlRqVjR1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
Yzc2MWY0LTA5MDMtNGFiMi04ZjdiLTk5ZGJmMmQ3NjQ4YS8xLzRvX3pKX1plemxI
TFRnTWYzblEzb0tGejlvdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsEW4DANBgkqhkiG9w0BAQsFAAOC
AQEABb/nBFbAyLA+OsnLJGpnE299EFSMxKZpJsmKqChh7cZDoKSgLEKFDQklc7Gm
Ab9TRGn+KRzSAHjiKhuGzjJAOGzFnnDyRmW1YJiEfVnlamT2zBafNadMiYMVkNlv
bXJGOQBwSQdDYfhZofo30RpNYXxvR341xG6T56Vaxhl0TJPBoWUVBtaS0qNMJuID
GLYQkkJhQbebB0C4SG0mX4hcbsAj6vbVyVYzKPnerIVhT5fyfc8+opkd8OLPsgZ+
73Q3g2UjHUQHVClBaj3tfCwJ8Y7PCEAX0pE+Q8TeyDfV0C8Lu1Ug5FddkeFer8dM
BZFCDC8BAyfXy7IC8VjF8WjzTg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:08 2023 by rpki-client on console-fra.rpki-client.org