Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/U-xZF38sfjUgOOI4CWtO_phzJLo.roa
File: U-xZF38sfjUgOOI4CWtO_phzJLo.roa (raw, json)
Hash identifier: KCSppXsF/dsXhwR87JcUb9mrrINFJamZxujFQ1YY5AE=
Subject key identifier: 53:EC:59:17:7F:2C:7E:35:20:38:E2:38:09:6B:4E:FE:98:73:24:BA
Certificate issuer: /CN=49596cecc21dd02677a727ef37f0689546ea5097
Certificate serial: 1A7E024D
Authority key identifier: 49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/U-xZF38sfjUgOOI4CWtO_phzJLo.roa
Signing time: Tue 31 May 2022 11:27:59 +0000
ROA not before: Tue 31 May 2022 11:27:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48714
IP address blocks: 194.134.44.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444465741 (0x1a7e024d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49596cecc21dd02677a727ef37f0689546ea5097
Validity
Not Before: May 31 11:27:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53ec59177f2c7e352038e238096b4efe987324ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1e:90:b7:b5:11:53:41:1d:8b:31:b4:54:0b:
bf:4b:52:26:56:87:3e:b0:a4:03:4d:a2:b1:0c:35:
6a:8e:ff:2e:31:9b:44:4e:6f:f8:a2:94:21:23:c8:
e3:31:eb:56:d9:ae:8e:9e:e3:5a:ef:67:d9:ff:50:
ae:17:32:97:07:89:3e:ae:be:5b:87:0e:fc:70:47:
8f:29:9f:f4:74:50:d9:66:fa:a0:1c:44:d9:11:d7:
57:72:10:39:5f:bb:35:6c:c8:8e:b6:5a:c9:f8:0d:
14:14:8c:1d:3f:5c:09:1d:cb:cd:3f:e9:8c:7a:16:
ff:e1:74:66:c5:0d:1d:0c:0f:7d:3d:c2:e1:a7:19:
f0:87:1a:cc:01:ad:0d:d2:0a:97:f2:b2:05:df:21:
e3:49:f5:0e:e9:17:f2:4b:c6:36:9c:95:74:9f:22:
d0:50:6c:c2:e4:19:a7:28:b5:02:43:64:6f:dc:ea:
ec:1a:1d:62:47:88:77:c3:f4:3d:78:88:8d:8d:2e:
cd:71:2c:bc:78:a1:31:b5:76:f2:2b:3b:a9:73:67:
3d:db:54:fa:54:29:48:12:79:78:25:98:7e:f0:41:
f6:6a:78:94:2d:92:37:9e:96:95:46:4d:53:63:37:
1e:30:32:ba:84:9c:e2:eb:51:e5:10:86:d6:a8:71:
7d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EC:59:17:7F:2C:7E:35:20:38:E2:38:09:6B:4E:FE:98:73:24:BA
X509v3 Authority Key Identifier:
keyid:49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/U-xZF38sfjUgOOI4CWtO_phzJLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.134.44.0/24
Signature Algorithm: sha256WithRSAEncryption
48:d4:ee:e6:ca:08:9f:6c:8a:0c:38:14:26:20:80:73:b3:d3:
ff:a8:be:37:e0:76:9d:44:8f:c6:7b:c9:cc:e2:a9:e3:ad:73:
51:2f:2b:1c:c4:e6:bd:f2:c6:78:d7:2b:5f:d7:7f:61:cf:aa:
2e:4b:89:eb:20:d2:16:a1:05:86:6f:2d:a0:f2:2a:54:22:15:
1e:fc:2b:5c:a4:e5:41:df:44:97:61:2e:07:01:8e:b4:ad:ec:
a0:a5:43:a0:a5:3d:a3:f9:e5:35:c0:4a:0b:ea:34:5e:86:e0:
d0:61:27:38:cb:04:54:b1:ce:5c:3c:d6:71:70:e8:85:3e:3b:
cc:f4:6b:ec:49:2d:be:d5:ce:d6:b3:a0:2c:6d:c2:d1:95:9a:
8c:70:af:8e:19:79:aa:29:9b:14:d4:9f:6f:0d:df:d2:52:f4:
fd:16:e0:8a:fa:7c:0f:2d:d9:d3:c1:5d:69:ec:c0:82:a9:61:
de:da:fb:50:51:61:9f:e0:e0:38:f7:32:55:0b:73:42:64:d4:
31:83:76:f6:f6:6c:1d:6e:82:ad:67:a8:d4:9f:fd:e2:8c:9e:
f1:8a:60:de:28:ff:a2:32:b6:47:38:0a:d9:5f:62:85:e6:5d:
82:2a:d3:71:e5:83:52:88:78:a4:67:93:51:df:b8:eb:dc:0b:
e1:8a:1c:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGn4CTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTU5NmNlY2MyMWRkMDI2NzdhNzI3ZWYzN2YwNjg5NTQ2ZWE1MDk3MB4XDTIyMDUz
MTExMjc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNlYzU5MTc3ZjJj
N2UzNTIwMzhlMjM4MDk2YjRlZmU5ODczMjRiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8ekLe1EVNBHYsxtFQLv0tSJlaHPrCkA02isQw1ao7/LjGb
RE5v+KKUISPI4zHrVtmujp7jWu9n2f9QrhcylweJPq6+W4cO/HBHjymf9HRQ2Wb6
oBxE2RHXV3IQOV+7NWzIjrZayfgNFBSMHT9cCR3LzT/pjHoW/+F0ZsUNHQwPfT3C
4acZ8IcazAGtDdIKl/KyBd8h40n1DukX8kvGNpyVdJ8i0FBswuQZpyi1AkNkb9zq
7BodYkeId8P0PXiIjY0uzXEsvHihMbV28is7qXNnPdtU+lQpSBJ5eCWYfvBB9mp4
lC2SN56WlUZNU2M3HjAyuoSc4utR5RCG1qhxff8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRT7FkXfyx+NSA44jgJa07+mHMkujAfBgNVHSMEGDAWgBRJWWzswh3QJnen
J+838GiVRupQlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NWbHM3TUlkMENaM3B5ZnZOX0JvbFVicVVKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZTdiZDAxLTQzMmYtNGJmOS04MGM1LTg5N2QwMDk3N2ZmMi8x
L1UteFpGMzhzZmpVZ09PSTRDV3RPX3BoekpMby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZTdiZDAxLTQzMmYtNGJmOS04MGM1LTg5N2QwMDk3N2ZmMi8xL1NWbHM3TUlkMENa
M3B5ZnZOX0JvbFVicVVKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKGLDANBgkqhkiG9w0BAQsFAAOC
AQEASNTu5soIn2yKDDgUJiCAc7PT/6i+N+B2nUSPxnvJzOKp461zUS8rHMTmvfLG
eNcrX9d/Yc+qLkuJ6yDSFqEFhm8toPIqVCIVHvwrXKTlQd9El2EuBwGOtK3soKVD
oKU9o/nlNcBKC+o0Xobg0GEnOMsEVLHOXDzWcXDohT47zPRr7EktvtXO1rOgLG3C
0ZWajHCvjhl5qimbFNSfbw3f0lL0/Rbgivp8Dy3Z08FdaezAgqlh3tr7UFFhn+Dg
OPcyVQtzQmTUMYN29vZsHW6CrWeo1J/94oye8Ypg3ij/ojK2RzgK2V9iheZdgirT
ceWDUoh4pGeTUd+469wL4YocIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:07 2024 by rpki-client on console-fra.rpki-client.org