Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/x0XydFjCvYr7e2VtekjYhoLj98M.roa
File: x0XydFjCvYr7e2VtekjYhoLj98M.roa (raw, json)
Hash identifier: pjG1GNK7NirFD8NN9v38RjfSb6AjIVGdH5WgBJo6+14=
Subject key identifier: C7:45:F2:74:58:C2:BD:8A:FB:7B:65:6D:7A:48:D8:86:82:E3:F7:C3
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0187948D9CC59580778DFF72B3A3DFC7582C
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/x0XydFjCvYr7e2VtekjYhoLj98M.roa
Signing time: Tue 18 Apr 2023 13:28:41 +0000
ROA not before: Tue 18 Apr 2023 13:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 193.168.130.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:8d:9c:c5:95:80:77:8d:ff:72:b3:a3:df:c7:58:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Apr 18 13:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c745f27458c2bd8afb7b656d7a48d88682e3f7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ea:b0:50:46:9a:1c:cb:ad:1d:dd:56:3f:d1:
c7:4f:41:78:6a:85:ae:17:23:b9:7e:7c:26:ab:0e:
6b:1a:41:4e:89:33:85:7a:da:d8:cf:f0:ac:f5:54:
9a:fb:10:41:ca:64:84:67:61:d7:14:ad:a0:f6:1f:
24:41:4b:aa:63:80:e2:f8:bf:a8:d8:12:03:fc:4c:
d4:90:4d:4b:36:3a:73:ee:41:5d:88:ce:81:9c:63:
bb:f8:2f:4a:4c:4f:98:19:49:6f:df:8f:db:3c:7a:
c9:87:14:2a:f9:25:bb:a5:6f:63:7b:22:2e:cc:1b:
c5:87:61:a2:5e:cb:a2:14:27:4e:68:f4:6e:1c:60:
63:d7:30:43:61:1b:52:67:d5:eb:d4:7d:15:13:3f:
55:13:2c:41:15:f5:02:63:e2:f3:cf:42:d1:f7:55:
a1:38:fc:3e:c3:ca:ac:37:a6:b8:99:85:61:a1:78:
20:35:98:8e:5e:d6:96:8f:83:9f:82:7d:f2:39:11:
ef:f0:ae:10:c6:80:f1:db:a8:58:c7:05:26:17:b8:
ac:93:f2:13:00:10:23:92:2d:95:0c:cb:e3:08:18:
48:7a:23:f8:01:ae:f8:47:7d:55:3f:d5:81:3b:73:
03:e2:67:de:97:89:1e:dd:2c:34:91:63:49:e4:14:
bd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:45:F2:74:58:C2:BD:8A:FB:7B:65:6D:7A:48:D8:86:82:E3:F7:C3
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/x0XydFjCvYr7e2VtekjYhoLj98M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.130.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c3:9e:d9:a1:3c:13:fa:82:16:0e:24:4b:de:0e:a6:9a:f1:
2e:12:ef:6c:d6:28:ed:38:fa:3c:39:62:e7:92:50:3a:0b:a0:
70:0c:bf:e5:5a:82:3b:e7:d5:1b:bd:83:27:ef:6b:b1:d3:34:
0a:44:1c:54:c2:79:6c:e2:a3:1e:1c:42:df:e5:18:d8:9f:b5:
de:81:eb:8f:65:22:8c:f9:6d:bc:87:3c:5a:74:6a:7e:0d:2a:
2b:4c:b3:a1:21:99:34:15:1f:78:50:05:54:d7:dc:ba:97:54:
3b:c9:89:bd:f0:7f:9b:4a:a2:5a:46:a8:15:8d:a3:e6:d1:49:
55:57:95:ac:b4:01:7e:5c:d0:61:4e:9c:de:5b:6b:c3:ea:05:
af:18:f6:7a:98:b7:b4:7a:95:77:a4:bb:a7:71:0f:0a:0e:58:
11:9b:c1:9d:45:ed:f2:6d:0e:8f:00:a3:54:29:6c:7e:70:1c:
f0:1d:af:03:fe:ef:1d:70:16:31:38:47:9b:a3:68:d9:79:fd:
2e:fb:57:d5:89:36:f6:84:fd:e6:22:cf:2d:c7:ff:ac:42:91:
37:83:ce:7f:9d:e3:fa:94:ae:e2:1c:ce:1c:ce:17:17:60:fb:
1b:5e:1c:89:30:6d:59:6f:ca:b7:2b:f9:fb:be:cd:8a:3b:df:
06:f7:b5:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeUjZzFlYB3jf9ys6Pfx1gsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjMwNDE4MTMyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzQ1ZjI3NDU4YzJiZDhhZmI3YjY1NmQ3YTQ4ZDg4NjgyZTNmN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+qwUEaaHMutHd1WP9HHT0F4aoWu
FyO5fnwmqw5rGkFOiTOFetrYz/Cs9VSa+xBBymSEZ2HXFK2g9h8kQUuqY4Di+L+o
2BID/EzUkE1LNjpz7kFdiM6BnGO7+C9KTE+YGUlv34/bPHrJhxQq+SW7pW9jeyIu
zBvFh2GiXsuiFCdOaPRuHGBj1zBDYRtSZ9Xr1H0VEz9VEyxBFfUCY+Lzz0LR91Wh
OPw+w8qsN6a4mYVhoXggNZiOXtaWj4Ofgn3yORHv8K4QxoDx26hYxwUmF7isk/IT
ABAjki2VDMvjCBhIeiP4Aa74R31VP9WBO3MD4mfel4ke3Sw0kWNJ5BS9PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMdF8nRYwr2K+3tlbXpI2IaC4/fDMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEveDBYeWRGakN2WXI3ZTJWdGVrallob0xqOThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaiCMA0G
CSqGSIb3DQEBCwUAA4IBAQBgw57ZoTwT+oIWDiRL3g6mmvEuEu9s1ijtOPo8OWLn
klA6C6BwDL/lWoI759UbvYMn72ux0zQKRBxUwnls4qMeHELf5RjYn7XegeuPZSKM
+W28hzxadGp+DSorTLOhIZk0FR94UAVU19y6l1Q7yYm98H+bSqJaRqgVjaPm0UlV
V5WstAF+XNBhTpzeW2vD6gWvGPZ6mLe0epV3pLuncQ8KDlgRm8GdRe3ybQ6PAKNU
KWx+cBzwHa8D/u8dcBYxOEebo2jZef0u+1fViTb2hP3mIs8tx/+sQpE3g85/neP6
lK7iHM4czhcXYPsbXhyJMG1Zb8q3K/n7vs2KO98G97Vm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:13 2023 by rpki-client on console-fra.rpki-client.org