Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/dSDpmZi6Lg9Ek08ge1ghpxRObkM.roa
File: dSDpmZi6Lg9Ek08ge1ghpxRObkM.roa (raw, json)
Hash identifier: f6tmoyQx+Ee4xWg2gk1Be9O0M5tsTYRjn9Hunp9GkYg=
Subject key identifier: 75:20:E9:99:98:BA:2E:0F:44:93:4F:20:7B:58:21:A7:14:4E:6E:43
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 091D13B2
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/dSDpmZi6Lg9Ek08ge1ghpxRObkM.roa
Signing time: Wed 06 Apr 2022 15:07:14 +0000
ROA not before: Wed 06 Apr 2022 15:07:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205406
IP address blocks: 130.195.48.0/22 maxlen: 24
194.156.176.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152900530 (0x91d13b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 6 15:07:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7520e99998ba2e0f44934f207b5821a7144e6e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d2:98:14:00:20:68:66:66:f4:90:3a:7c:2d:
f7:9c:dc:ec:92:50:60:e0:c2:51:33:05:94:2c:f7:
dc:09:17:e1:99:96:cd:3a:82:b6:fc:7f:32:26:94:
eb:a0:83:b0:47:3e:fc:c9:5f:59:e5:c7:d1:f3:88:
68:23:70:05:a2:83:58:85:ae:38:c1:b0:93:a4:4e:
81:d0:b0:b2:e8:dc:65:12:67:d5:80:93:34:dd:95:
29:be:c5:c1:b9:32:98:4c:eb:35:a6:1b:a4:e4:f5:
5c:e8:14:0b:52:1e:5f:b2:bf:22:36:82:3d:67:35:
5d:d1:c9:73:b4:b8:79:92:e5:0c:9c:41:2f:f3:8f:
88:fb:f1:42:ff:6f:14:af:02:c8:63:96:3b:5d:b6:
2d:24:d5:be:85:98:bd:3c:77:fa:a7:31:d7:da:e7:
8e:fe:b8:3e:fc:a3:5f:f7:e5:17:a0:6d:86:f5:20:
1b:b9:8f:e7:79:9e:10:48:9d:30:2f:b1:f1:81:36:
2b:e0:0a:af:79:4a:b6:ec:02:c2:09:87:73:eb:7c:
2a:93:ed:49:69:42:94:2c:32:3d:a0:ba:16:77:11:
5a:a5:aa:4d:34:27:6e:9e:44:b2:eb:5f:24:d9:84:
50:a3:14:74:9e:d1:2a:9c:58:0c:e3:64:8a:39:dd:
e1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:20:E9:99:98:BA:2E:0F:44:93:4F:20:7B:58:21:A7:14:4E:6E:43
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/dSDpmZi6Lg9Ek08ge1ghpxRObkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.195.48.0/22
194.156.176.0/22
Signature Algorithm: sha256WithRSAEncryption
61:2e:85:56:6a:fc:79:be:da:3d:80:85:72:9d:d8:7f:04:1e:
4e:ed:3d:3f:3e:05:50:21:bd:82:dd:66:4c:f8:fb:89:af:64:
90:18:65:a8:a5:ca:c7:02:a6:e5:2f:2b:80:81:6f:82:98:17:
3b:36:1b:89:f9:28:e0:7d:85:db:4b:14:bf:25:1b:00:ec:1d:
64:5b:1a:6a:b8:f1:4e:a7:41:d3:09:b0:af:4a:0b:8b:a1:21:
be:67:ca:d7:b5:64:1f:4b:e5:bb:05:b2:31:a4:f6:ea:ca:ea:
6b:70:42:25:d4:bf:bc:07:22:f7:8a:a9:44:d6:47:04:e5:f4:
23:59:ed:89:61:05:6b:da:c6:09:a9:04:49:70:29:ec:d2:cf:
fd:a3:a1:67:97:bc:af:d7:b3:5b:b5:09:7e:76:76:53:83:96:
2f:6e:ac:17:03:98:a0:ad:83:5c:94:cc:51:78:92:94:c8:c1:
23:05:64:d8:a9:08:de:64:da:55:59:19:54:68:1f:d2:74:f9:
d5:12:78:d3:b9:c4:a4:fa:87:14:32:62:6e:4f:52:ab:e6:04:
d6:c0:69:7c:38:60:fd:54:bc:45:49:25:dc:8c:da:7a:90:cf:
37:fe:0f:a3:1a:3d:c0:81:e7:7c:ec:6f:f3:54:64:b9:5c:7b:
c3:a0:57:28
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECR0TsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDQw
NjE1MDcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzUyMGU5OTk5OGJh
MmUwZjQ0OTM0ZjIwN2I1ODIxYTcxNDRlNmU0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzSmBQAIGhmZvSQOnwt95zc7JJQYODCUTMFlCz33AkX4ZmW
zTqCtvx/MiaU66CDsEc+/MlfWeXH0fOIaCNwBaKDWIWuOMGwk6ROgdCwsujcZRJn
1YCTNN2VKb7FwbkymEzrNaYbpOT1XOgUC1IeX7K/IjaCPWc1XdHJc7S4eZLlDJxB
L/OPiPvxQv9vFK8CyGOWO122LSTVvoWYvTx3+qcx19rnjv64PvyjX/flF6BthvUg
G7mP53meEEidMC+x8YE2K+AKr3lKtuwCwgmHc+t8KpPtSWlClCwyPaC6FncRWqWq
TTQnbp5EsutfJNmEUKMUdJ7RKpxYDONkijnd4QUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR1IOmZmLouD0STTyB7WCGnFE5uQzAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L2RTRHBtWmk2TGc5RWswOGdlMWdocHhST2JrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAoLDMAMEAsKcsDANBgkqhkiG9w0B
AQsFAAOCAQEAYS6FVmr8eb7aPYCFcp3YfwQeTu09Pz4FUCG9gt1mTPj7ia9kkBhl
qKXKxwKm5S8rgIFvgpgXOzYbifko4H2F20sUvyUbAOwdZFsaarjxTqdB0wmwr0oL
i6EhvmfK17VkH0vluwWyMaT26srqa3BCJdS/vAci94qpRNZHBOX0I1ntiWEFa9rG
CakESXAp7NLP/aOhZ5e8r9ezW7UJfnZ2U4OWL26sFwOYoK2DXJTMUXiSlMjBIwVk
2KkI3mTaVVkZVGgf0nT51RJ407nEpPqHFDJibk9Sq+YE1sBpfDhg/VS8RUkl3Iza
epDPN/4Poxo9wIHnfOxv81RkuVx7w6BXKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org