Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/35f1cd-a424-41ef-8b3e-3bd2243b030b/1/miOvOqh3FW3jNf2YSH1zsi2Gr68.roa
File: miOvOqh3FW3jNf2YSH1zsi2Gr68.roa (raw, json)
Hash identifier: un8OLkrdqr/pBZzTRdz7pYWxN6dNneJ1qESXeOnoZW8=
Subject key identifier: 9A:23:AF:3A:A8:77:15:6D:E3:35:FD:98:48:7D:73:B2:2D:86:AF:AF
Certificate issuer: /CN=4af4671bbfe1e38cccff8c9340039963344f23a3
Certificate serial: 7ECA9D
Authority key identifier: 4A:F4:67:1B:BF:E1:E3:8C:CC:FF:8C:93:40:03:99:63:34:4F:23:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SvRnG7_h44zM_4yTQAOZYzRPI6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/35f1cd-a424-41ef-8b3e-3bd2243b030b/1/miOvOqh3FW3jNf2YSH1zsi2Gr68.roa
Signing time: Sat 01 Jan 2022 02:00:30 +0000
ROA not before: Sat 01 Jan 2022 02:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208241
IP address blocks: 194.29.52.0/24 maxlen: 24
2a11:87c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8309405 (0x7eca9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4af4671bbfe1e38cccff8c9340039963344f23a3
Validity
Not Before: Jan 1 02:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a23af3aa877156de335fd98487d73b22d86afaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:60:56:fc:9e:ce:fa:8a:14:82:28:5a:8c:ad:
c0:01:ee:d8:2f:46:3b:0c:f3:38:1a:37:c8:ad:44:
04:7a:4e:d0:c9:7f:97:76:47:43:3e:8d:08:ae:0e:
fc:a0:88:20:c2:31:4d:b0:e2:9d:1b:91:44:7c:ea:
d2:41:0f:a0:de:40:20:cf:0d:c7:d5:d8:c2:7f:6d:
06:8f:8f:87:81:18:2a:ca:95:73:c1:be:d0:2d:4b:
2d:b8:92:4a:0f:47:14:16:de:14:2a:19:9d:27:e2:
cf:d3:74:cf:0e:e4:e0:0c:27:e1:a7:35:0f:7b:52:
6e:2a:be:ce:52:f1:47:8a:fc:a7:e4:a2:d6:3b:69:
e0:5e:e7:d1:47:9f:ff:20:a8:1c:a0:7d:ce:2d:d7:
1b:00:9c:41:54:3b:85:ac:11:c5:5c:5e:0c:71:36:
f4:a2:a8:ac:47:52:50:04:e5:16:89:17:d2:82:aa:
75:47:83:7a:a4:4e:6d:f9:8e:f0:95:fc:fd:89:cc:
61:f4:32:79:66:5a:e2:95:8a:96:f0:29:73:7c:05:
6d:6d:97:c6:a1:31:63:69:29:16:46:0f:07:40:1b:
a0:6c:f2:cb:34:17:a0:71:99:73:b9:0d:02:67:50:
0c:5a:96:c1:a5:47:fc:92:67:b6:50:87:f5:83:00:
b8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:23:AF:3A:A8:77:15:6D:E3:35:FD:98:48:7D:73:B2:2D:86:AF:AF
X509v3 Authority Key Identifier:
keyid:4A:F4:67:1B:BF:E1:E3:8C:CC:FF:8C:93:40:03:99:63:34:4F:23:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SvRnG7_h44zM_4yTQAOZYzRPI6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/35f1cd-a424-41ef-8b3e-3bd2243b030b/1/miOvOqh3FW3jNf2YSH1zsi2Gr68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/35f1cd-a424-41ef-8b3e-3bd2243b030b/1/SvRnG7_h44zM_4yTQAOZYzRPI6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.29.52.0/24
IPv6:
2a11:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:1e:bc:e7:b2:1f:d9:cb:7e:22:e0:15:b2:0c:93:37:fc:3b:
a0:63:23:0c:a8:86:b9:85:0a:16:da:9d:26:f8:81:bb:ee:12:
ec:f6:66:61:5c:4e:d4:20:c6:67:ff:fc:9f:23:ce:52:d2:b1:
bc:71:3e:fa:cd:64:d2:eb:8d:1a:15:19:00:53:f6:5a:8d:7d:
be:df:29:c4:3f:09:e7:44:d8:56:c4:66:bf:80:2b:00:e5:eb:
12:9d:ee:41:b0:cb:1f:54:fa:57:95:d3:26:e4:15:46:c0:0c:
64:6e:b0:9a:41:76:45:7d:ca:37:74:93:67:29:0d:a3:5c:b9:
0c:91:ce:85:9c:5a:7b:9f:e3:0a:30:2d:ec:33:03:99:f8:0d:
3a:9f:75:eb:b3:24:37:5a:4d:a3:46:f8:92:ac:1a:0b:fb:b1:
e1:8a:d1:93:cf:69:0a:7b:0e:03:52:b2:5e:31:9f:96:cf:98:
60:d8:3a:03:31:76:3a:1d:72:b0:f0:44:49:f5:f1:3a:ac:26:
27:67:67:17:c5:97:c1:03:02:71:c0:a7:19:98:35:e2:67:1b:
ba:08:7a:74:a5:61:37:4f:a4:7d:b9:b8:c0:5a:27:f7:8b:95:
2a:49:6b:4c:a9:7a:01:80:ad:93:ab:b2:2d:3f:50:8b:99:42:
77:6f:9d:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDfsqdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRh
ZjQ2NzFiYmZlMWUzOGNjY2ZmOGM5MzQwMDM5OTYzMzQ0ZjIzYTMwHhcNMjIwMTAx
MDIwMDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5YTIzYWYzYWE4Nzcx
NTZkZTMzNWZkOTg0ODdkNzNiMjJkODZhZmFmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArWBW/J7O+ooUgihajK3AAe7YL0Y7DPM4GjfIrUQEek7QyX+X
dkdDPo0Irg78oIggwjFNsOKdG5FEfOrSQQ+g3kAgzw3H1djCf20Gj4+HgRgqypVz
wb7QLUstuJJKD0cUFt4UKhmdJ+LP03TPDuTgDCfhpzUPe1JuKr7OUvFHivyn5KLW
O2ngXufRR5//IKgcoH3OLdcbAJxBVDuFrBHFXF4McTb0oqisR1JQBOUWiRfSgqp1
R4N6pE5t+Y7wlfz9icxh9DJ5ZlrilYqW8ClzfAVtbZfGoTFjaSkWRg8HQBugbPLL
NBegcZlzuQ0CZ1AMWpbBpUf8kme2UIf1gwC4SwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFJojrzqodxVt4zX9mEh9c7Ithq+vMB8GA1UdIwQYMBaAFEr0Zxu/4eOMzP+M
k0ADmWM0TyOjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U3ZSbkc3X2g0NHpNXzR5VFFBT1pZelJQSTZNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wZC8zNWYxY2QtYTQyNC00MWVmLThiM2UtM2JkMjI0M2IwMzBiLzEv
bWlPdk9xaDNGVzNqTmYyWVNIMXpzaTJHcjY4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8z
NWYxY2QtYTQyNC00MWVmLThiM2UtM2JkMjI0M2IwMzBiLzEvU3ZSbkc3X2g0NHpN
XzR5VFFBT1pZelJQSTZNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwh00MA0EAgACMAcDBQMqEYfAMA0G
CSqGSIb3DQEBCwUAA4IBAQBbHrznsh/Zy34i4BWyDJM3/DugYyMMqIa5hQoW2p0m
+IG77hLs9mZhXE7UIMZn//yfI85S0rG8cT76zWTS640aFRkAU/ZajX2+3ynEPwnn
RNhWxGa/gCsA5esSne5BsMsfVPpXldMm5BVGwAxkbrCaQXZFfco3dJNnKQ2jXLkM
kc6FnFp7n+MKMC3sMwOZ+A06n3XrsyQ3Wk2jRviSrBoL+7HhitGTz2kKew4DUrJe
MZ+Wz5hg2DoDMXY6HXKw8ERJ9fE6rCYnZ2cXxZfBAwJxwKcZmDXiZxu6CHp0pWE3
T6R9ubjAWif3i5UqSWtMqXoBgK2Tq7ItP1CLmUJ3b53S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:44 2024 by rpki-client on console-fra.rpki-client.org