Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/QpRyMvQJGH18TJuitbqA6Xddbo0.roa
File: QpRyMvQJGH18TJuitbqA6Xddbo0.roa (raw, json)
Hash identifier: hX6zzB4SPJQSo59me2oag/4OMrWTg/4dkgAvUJTLzbQ=
Subject key identifier: 42:94:72:32:F4:09:18:7D:7C:4C:9B:A2:B5:BA:80:E9:77:5D:6E:8D
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018E9F1DA6902E5020A01AD8E2EE90A1B840
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/QpRyMvQJGH18TJuitbqA6Xddbo0.roa
Signing time: Tue 02 Apr 2024 14:01:44 +0000
ROA not before: Tue 02 Apr 2024 14:01:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 194.50.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:1d:a6:90:2e:50:20:a0:1a:d8:e2:ee:90:a1:b8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Apr 2 14:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42947232f409187d7c4c9ba2b5ba80e9775d6e8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:af:24:a5:ca:3e:d5:b4:16:4a:ee:35:d8:
5f:1f:7f:5e:20:4e:f3:b4:1e:c3:73:06:36:07:7f:
b5:08:37:ad:2f:2c:12:25:0e:b4:c9:08:38:de:37:
bf:79:3f:91:88:d5:09:66:71:c7:2b:f1:32:7b:c9:
be:87:45:14:00:32:5c:84:e3:d9:7d:7f:90:42:b2:
09:e6:da:71:1c:bd:22:e7:14:be:5d:02:23:87:bc:
99:24:f4:c0:d3:62:fe:d9:66:f9:f9:7d:d4:9d:9c:
16:64:57:80:82:eb:b9:8f:b2:fb:2b:fc:92:e7:2a:
e1:35:a7:3c:0f:1a:13:cb:06:98:d0:55:5a:e6:08:
4e:fe:49:78:cf:9e:56:3a:45:d0:85:86:57:74:4f:
40:13:fc:85:11:d8:e9:2d:d0:f9:4b:6e:ff:ae:2d:
d6:b0:49:51:57:f8:32:34:37:26:46:a6:f7:88:f3:
6b:55:61:1f:37:53:69:78:04:52:69:e8:86:fd:2c:
92:28:20:55:10:d5:bf:f5:5b:ff:6f:2a:aa:b5:eb:
a9:f3:94:5b:d7:63:da:06:12:8a:fc:70:1a:df:14:
81:72:30:97:79:f7:4f:10:a1:19:93:7e:35:6c:2e:
d8:89:78:18:58:a1:49:b6:10:a9:9f:df:2a:e4:53:
0a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:94:72:32:F4:09:18:7D:7C:4C:9B:A2:B5:BA:80:E9:77:5D:6E:8D
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/QpRyMvQJGH18TJuitbqA6Xddbo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.73.0/24
Signature Algorithm: sha256WithRSAEncryption
14:e7:dc:62:d5:fd:74:71:7a:69:e1:7a:b7:58:ea:29:91:8c:
20:6d:c4:3a:b7:7d:cd:71:21:68:ef:6c:9d:4f:b6:9f:d0:ce:
a9:f2:ad:92:92:35:4b:f9:6c:39:1a:30:ad:37:94:45:93:7e:
60:c1:cb:f9:f3:86:ee:3b:bd:aa:6a:a3:a1:40:ec:f2:e8:88:
bb:3e:cf:a3:7c:bd:4f:ad:19:b0:41:27:59:84:41:9e:e3:9f:
5a:7b:9a:f5:87:69:45:38:fb:90:24:75:ef:f4:51:4c:35:14:
3e:cf:80:fa:62:8a:9b:a4:74:d2:29:05:5c:10:3b:49:6a:84:
2f:b7:90:57:59:4c:80:97:28:5a:6e:3c:fa:f4:ce:5b:f2:22:
25:2f:8f:fe:32:36:0c:86:50:64:1f:27:77:c1:da:34:09:fd:
ef:87:2b:ef:3c:53:72:66:94:0a:7f:c1:e7:75:a4:71:a1:83:
a9:06:63:45:b2:d9:a2:cb:7d:db:be:e3:b5:97:6f:fb:c2:ee:
1d:49:db:70:02:bb:2b:6d:fe:79:83:2c:67:f2:cb:cf:dc:15:
53:ea:f3:aa:8e:4e:c4:8f:2a:8e:7a:cc:06:2e:ee:37:d5:a0:
ad:64:25:10:ec:0c:c7:76:4f:49:a6:31:6e:ec:ec:2b:4d:e8:
63:3d:10:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6fHaaQLlAgoBrY4u6QobhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwNDAyMTQwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk0NzIzMmY0MDkxODdkN2M0YzliYTJiNWJhODBlOTc3NWQ2ZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvSvJKXKPtW0FkruNdhfH39eIE7z
tB7DcwY2B3+1CDetLywSJQ60yQg43je/eT+RiNUJZnHHK/Eye8m+h0UUADJchOPZ
fX+QQrIJ5tpxHL0i5xS+XQIjh7yZJPTA02L+2Wb5+X3UnZwWZFeAguu5j7L7K/yS
5yrhNac8DxoTywaY0FVa5ghO/kl4z55WOkXQhYZXdE9AE/yFEdjpLdD5S27/ri3W
sElRV/gyNDcmRqb3iPNrVWEfN1NpeARSaeiG/SySKCBVENW/9Vv/byqqteup85Rb
12PaBhKK/HAa3xSBcjCXefdPEKEZk341bC7YiXgYWKFJthCpn98q5FMKLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKUcjL0CRh9fEyborW6gOl3XW6NMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvUXBSeU12UUpHSDE4VEp1aXRicUE2WGRkYm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjJJMA0G
CSqGSIb3DQEBCwUAA4IBAQAU59xi1f10cXpp4Xq3WOopkYwgbcQ6t33NcSFo72yd
T7af0M6p8q2SkjVL+Ww5GjCtN5RFk35gwcv584buO72qaqOhQOzy6Ii7Ps+jfL1P
rRmwQSdZhEGe459ae5r1h2lFOPuQJHXv9FFMNRQ+z4D6YoqbpHTSKQVcEDtJaoQv
t5BXWUyAlyhabjz69M5b8iIlL4/+MjYMhlBkHyd3wdo0Cf3vhyvvPFNyZpQKf8Hn
daRxoYOpBmNFstmiy33bvuO1l2/7wu4dSdtwArsrbf55gyxn8svP3BVT6vOqjk7E
jyqOeswGLu431aCtZCUQ7AzHdk9JpjFu7OwrTehjPRDl
-----END CERTIFICATE-----
Generated at Wed Aug 21 13:10:08 2024 by rpki-client on console-ams.rpki-client.org