Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/c761f4-0903-4ab2-8f7b-99dbf2d7648a/1/agJpfK_bXXLkejiPPhjWpKFj6Gg.roa
File: agJpfK_bXXLkejiPPhjWpKFj6Gg.roa (raw, json)
Hash identifier: GZlSgPodmXw2WNQjr+tkm9wR4ICymw7WabQ1843KVG4=
Subject key identifier: 6A:02:69:7C:AF:DB:5D:72:E4:7A:38:8F:3E:18:D6:A4:A1:63:E8:68
Certificate issuer: /CN=e28ff327f65ece51cb4e031fde7437a0a173f68c
Certificate serial: 0186CB3E25CB6ED6008ADDA4111C4F17EF03
Authority key identifier: E2:8F:F3:27:F6:5E:CE:51:CB:4E:03:1F:DE:74:37:A0:A1:73:F6:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4o_zJ_ZezlHLTgMf3nQ3oKFz9ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/c761f4-0903-4ab2-8f7b-99dbf2d7648a/1/agJpfK_bXXLkejiPPhjWpKFj6Gg.roa
Signing time: Fri 10 Mar 2023 11:18:13 +0000
ROA not before: Fri 10 Mar 2023 11:18:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210255
IP address blocks: 193.22.224.0/22 maxlen: 22
193.22.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:3e:25:cb:6e:d6:00:8a:dd:a4:11:1c:4f:17:ef:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e28ff327f65ece51cb4e031fde7437a0a173f68c
Validity
Not Before: Mar 10 11:18:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a02697cafdb5d72e47a388f3e18d6a4a163e868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2f:d7:55:36:03:be:fe:41:40:a3:8c:f6:32:
a8:71:8c:96:17:95:05:de:a6:a0:c5:e1:83:71:98:
fd:9e:e8:bb:45:db:b2:37:05:4e:30:a9:ea:1d:6e:
af:30:3d:43:ed:54:8c:e6:23:9f:1b:db:f0:80:40:
3f:95:af:9a:ea:f7:f8:76:a0:18:6b:7b:7a:cd:18:
31:93:16:64:ef:0e:2a:cb:df:18:dd:2b:fa:9e:85:
a7:41:d1:1f:1e:4e:98:67:83:ab:08:81:8a:77:81:
c8:b5:4a:ce:45:09:06:22:95:33:9f:2f:e8:0c:cc:
7c:0d:db:cf:e1:5c:10:b8:6c:33:23:85:6f:f7:07:
86:c2:04:f4:f1:a7:52:24:84:ea:2e:ee:e5:4a:24:
83:fa:e6:cb:18:fe:e3:68:64:e2:a9:92:36:f0:b0:
57:31:35:a6:4e:d0:7b:d1:3e:ea:15:a3:39:d9:46:
d8:dd:bd:49:14:00:0d:e3:4b:4e:78:52:19:41:e4:
61:8f:81:1d:09:69:7c:07:59:c2:34:7c:a9:7e:1f:
74:3d:a3:06:a4:f5:87:66:4b:d8:df:99:87:10:50:
d2:e1:e8:dd:f3:37:11:59:5a:de:a5:9b:ad:b3:67:
4f:51:81:20:dc:18:20:f0:d0:eb:4f:a2:d9:d6:d7:
54:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:02:69:7C:AF:DB:5D:72:E4:7A:38:8F:3E:18:D6:A4:A1:63:E8:68
X509v3 Authority Key Identifier:
keyid:E2:8F:F3:27:F6:5E:CE:51:CB:4E:03:1F:DE:74:37:A0:A1:73:F6:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4o_zJ_ZezlHLTgMf3nQ3oKFz9ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c761f4-0903-4ab2-8f7b-99dbf2d7648a/1/agJpfK_bXXLkejiPPhjWpKFj6Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c761f4-0903-4ab2-8f7b-99dbf2d7648a/1/4o_zJ_ZezlHLTgMf3nQ3oKFz9ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.224.0/22
Signature Algorithm: sha256WithRSAEncryption
25:32:6c:e7:c4:f9:a3:80:af:c9:69:79:4e:41:bb:f2:c3:15:
d1:c3:d5:d1:31:b8:93:4a:d7:c3:f6:f2:a9:07:f6:b6:6d:1f:
3f:0e:8a:d7:04:54:78:a0:4b:d7:4f:9b:52:21:2c:ee:ab:bc:
80:6e:b0:0d:40:11:d0:8e:ec:18:19:04:6d:3e:b6:f0:19:c9:
b5:db:df:f3:bd:23:3f:5d:d0:7b:30:d5:d2:a3:38:7d:47:05:
45:0f:7d:bf:27:d1:13:19:61:9b:3f:86:89:15:54:5b:e3:3f:
41:a6:e1:44:24:b7:39:25:84:04:86:40:2b:cc:0a:04:6e:33:
fc:9a:a5:b1:7a:ee:42:03:36:34:5e:c0:05:9f:e0:32:8c:62:
c5:4c:5f:ed:49:84:f4:3e:fd:7c:eb:66:73:df:13:9d:a0:97:
a1:5b:14:e5:5b:8d:fd:44:de:42:da:d6:e3:a6:6a:fa:6b:18:
94:4c:45:9e:25:bd:e1:b5:c0:8f:98:ff:da:44:89:93:53:1d:
16:4a:bb:1f:0b:63:62:27:9b:1a:a4:83:d2:e8:28:00:b9:d7:
d8:a6:6e:f9:f6:3f:72:5d:74:31:6d:02:83:a5:32:52:e1:45:
22:f1:c6:2c:d6:1f:25:f0:6c:ff:ea:7c:44:17:d5:b0:24:8a:
74:fd:c0:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbLPiXLbtYAit2kERxPF+8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOGZmMzI3ZjY1ZWNlNTFjYjRlMDMxZmRlNzQzN2EwYTE3
M2Y2OGMwHhcNMjMwMzEwMTExODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTAyNjk3Y2FmZGI1ZDcyZTQ3YTM4OGYzZTE4ZDZhNGExNjNlODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi/XVTYDvv5BQKOM9jKocYyWF5UF
3qagxeGDcZj9nui7RduyNwVOMKnqHW6vMD1D7VSM5iOfG9vwgEA/la+a6vf4dqAY
a3t6zRgxkxZk7w4qy98Y3Sv6noWnQdEfHk6YZ4OrCIGKd4HItUrORQkGIpUzny/o
DMx8DdvP4VwQuGwzI4Vv9weGwgT08adSJITqLu7lSiSD+ubLGP7jaGTiqZI28LBX
MTWmTtB70T7qFaM52UbY3b1JFAAN40tOeFIZQeRhj4EdCWl8B1nCNHypfh90PaMG
pPWHZkvY35mHEFDS4ejd8zcRWVrepZuts2dPUYEg3Bgg8NDrT6LZ1tdU+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoCaXyv211y5Ho4jz4Y1qShY+hoMB8GA1UdIwQY
MBaAFOKP8yf2Xs5Ry04DH950N6Chc/aMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG9fekpfWmV6bEhMVGdNZjNuUTNvS0Z6OW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9jNzYxZjQtMDkwMy00YWIyLThmN2It
OTlkYmYyZDc2NDhhLzEvYWdKcGZLX2JYWExrZWppUFBoaldwS0ZqNkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9jNzYxZjQtMDkwMy00YWIyLThmN2ItOTlkYmYyZDc2NDhh
LzEvNG9fekpfWmV6bEhMVGdNZjNuUTNvS0Z6OW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwRbgMA0G
CSqGSIb3DQEBCwUAA4IBAQAlMmznxPmjgK/JaXlOQbvywxXRw9XRMbiTStfD9vKp
B/a2bR8/DorXBFR4oEvXT5tSISzuq7yAbrANQBHQjuwYGQRtPrbwGcm129/zvSM/
XdB7MNXSozh9RwVFD32/J9ETGWGbP4aJFVRb4z9BpuFEJLc5JYQEhkArzAoEbjP8
mqWxeu5CAzY0XsAFn+AyjGLFTF/tSYT0Pv1862Zz3xOdoJehWxTlW439RN5C2tbj
pmr6axiUTEWeJb3htcCPmP/aRImTUx0WSrsfC2NiJ5sapIPS6CgAudfYpm759j9y
XXQxbQKDpTJS4UUi8cYs1h8l8Gz/6nxEF9WwJIp0/cDe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:08 2023 by rpki-client on console-fra.rpki-client.org