Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/yuV50cmnNiq9D5rjX4YABEcPbB4.roa
File: yuV50cmnNiq9D5rjX4YABEcPbB4.roa (raw, json)
Hash identifier: uJXlB37y7Zx9sZvLbopW1pCIsrMY7AX8Mxq9i3a1rqI=
Subject key identifier: CA:E5:79:D1:C9:A7:36:2A:BD:0F:9A:E3:5F:86:00:04:47:0F:6C:1E
Certificate issuer: /CN=f05c6af3d022620f72c53b770e82e5c73ae5506d
Certificate serial: 018BF6D7DE13BC0AEDF6850872465980402C
Authority key identifier: F0:5C:6A:F3:D0:22:62:0F:72:C5:3B:77:0E:82:E5:C7:3A:E5:50:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Fxq89AiYg9yxTt3DoLlxzrlUG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/yuV50cmnNiq9D5rjX4YABEcPbB4.roa
Signing time: Wed 22 Nov 2023 11:43:43 +0000
ROA not before: Wed 22 Nov 2023 11:43:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207355
IP address blocks: 193.187.160.0/22 maxlen: 22
91.196.172.0/22 maxlen: 22
193.239.48.0/22 maxlen: 22
66.97.192.0/19 maxlen: 19
193.239.168.0/23 maxlen: 23
2a06:f240::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:d7:de:13:bc:0a:ed:f6:85:08:72:46:59:80:40:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f05c6af3d022620f72c53b770e82e5c73ae5506d
Validity
Not Before: Nov 22 11:43:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cae579d1c9a7362abd0f9ae35f860004470f6c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8c:6a:cd:53:6a:c9:11:f1:db:82:8f:70:4b:
de:79:9d:2e:a7:18:3a:cc:69:38:10:5d:58:97:24:
da:4d:67:65:ce:fe:d8:e3:65:9e:8c:d8:2e:6b:ed:
cb:2b:c4:de:cc:4a:ba:57:f0:d6:b9:28:fc:6f:74:
97:f1:3b:70:cc:f5:46:08:84:07:a8:f8:06:7f:a6:
d2:9e:8e:ab:c4:05:9c:79:93:5c:b0:3f:96:12:a9:
02:76:98:c6:3b:a8:92:ed:d7:62:46:ee:49:c9:02:
75:41:30:15:f7:f1:50:32:2d:f1:c7:6a:82:39:b3:
29:36:b0:93:0b:cc:74:5b:40:94:69:f9:65:fe:91:
d8:e9:28:74:cc:58:61:1d:f1:eb:32:8c:1d:4b:84:
a4:be:92:6b:0a:fa:5c:05:5d:a3:d7:87:2e:7c:32:
32:9f:ae:9c:10:4e:24:06:50:c7:07:f4:c9:ac:81:
8a:c3:20:77:55:e9:cf:07:20:17:b0:8d:4c:ab:b2:
1d:1a:5e:6e:cc:bb:c8:04:bb:e1:c8:ca:a5:3a:98:
fa:0e:45:f8:99:e7:e5:fc:b8:b5:de:76:66:22:ff:
b5:d3:13:46:0f:1e:f3:4c:9e:4c:33:75:75:6f:3f:
e6:b9:57:86:00:9c:b2:88:50:c8:b7:86:3b:e6:6f:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E5:79:D1:C9:A7:36:2A:BD:0F:9A:E3:5F:86:00:04:47:0F:6C:1E
X509v3 Authority Key Identifier:
keyid:F0:5C:6A:F3:D0:22:62:0F:72:C5:3B:77:0E:82:E5:C7:3A:E5:50:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Fxq89AiYg9yxTt3DoLlxzrlUG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/yuV50cmnNiq9D5rjX4YABEcPbB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/8Fxq89AiYg9yxTt3DoLlxzrlUG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.97.192.0/19
91.196.172.0/22
193.187.160.0/22
193.239.48.0/22
193.239.168.0/23
IPv6:
2a06:f240::/29
Signature Algorithm: sha256WithRSAEncryption
1f:96:f5:8d:f0:5c:f5:cd:2e:32:63:f4:1a:76:ec:52:23:0c:
1d:9c:de:7d:23:05:78:8b:cc:af:25:61:6a:a8:dc:1f:e0:b9:
7a:f3:75:9c:45:bc:ff:24:ae:24:30:de:e0:30:51:b5:07:2b:
e7:86:fd:d7:09:12:71:19:18:b0:1e:89:51:64:3f:df:98:7a:
af:00:be:e7:14:d4:2f:f0:39:5f:7b:ff:36:72:1a:dd:4c:0a:
93:df:19:70:76:89:d3:67:78:2f:0e:94:3f:e1:a2:22:ea:5d:
06:ca:9e:8f:3b:f3:de:29:5c:dd:a8:a0:bd:e1:21:03:15:ad:
36:d3:27:c3:03:6b:bf:f5:d3:73:8e:79:40:2d:87:10:73:95:
1b:16:22:c4:80:9b:a9:0a:cb:dc:4b:d8:29:c5:14:16:d0:88:
b9:e5:d1:96:92:4d:75:df:aa:64:c6:bd:b4:3c:bd:f5:10:28:
09:f3:cb:58:c1:91:50:eb:9f:59:5c:07:18:62:76:8d:63:47:
80:5c:06:bb:d4:54:b6:56:b0:aa:74:88:54:89:5e:84:ed:ee:
67:f4:d6:2b:87:fe:c5:ec:be:94:7b:e1:07:c9:1f:fd:18:98:
1c:84:9d:cd:6b:cd:41:cc:52:5f:1c:27:08:ea:b5:fa:20:7e:
31:d8:66:15
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYv2194TvArt9oUIckZZgEAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNWM2YWYzZDAyMjYyMGY3MmM1M2I3NzBlODJlNWM3M2Fl
NTUwNmQwHhcNMjMxMTIyMTE0MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWU1NzlkMWM5YTczNjJhYmQwZjlhZTM1Zjg2MDAwNDQ3MGY2YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoxqzVNqyRHx24KPcEveeZ0upxg6
zGk4EF1YlyTaTWdlzv7Y42WejNgua+3LK8TezEq6V/DWuSj8b3SX8TtwzPVGCIQH
qPgGf6bSno6rxAWceZNcsD+WEqkCdpjGO6iS7ddiRu5JyQJ1QTAV9/FQMi3xx2qC
ObMpNrCTC8x0W0CUafll/pHY6Sh0zFhhHfHrMowdS4SkvpJrCvpcBV2j14cufDIy
n66cEE4kBlDHB/TJrIGKwyB3VenPByAXsI1Mq7IdGl5uzLvIBLvhyMqlOpj6DkX4
mefl/Li13nZmIv+10xNGDx7zTJ5MM3V1bz/muVeGAJyyiFDIt4Y75m9+1QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMrledHJpzYqvQ+a41+GAARHD2weMB8GA1UdIwQY
MBaAFPBcavPQImIPcsU7dw6C5cc65VBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZ4cTg5QWlZZzl5eFR0M0RvTGx4enJsVUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9mN2I3YzItNWQ4ZC00ZTg4LTg0NTQt
MGE1MzIxNTZiMmE2LzEveXVWNTBjbW5OaXE5RDVyalg0WUFCRWNQYkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9mN2I3YzItNWQ4ZC00ZTg4LTg0NTQtMGE1MzIxNTZiMmE2
LzEvOEZ4cTg5QWlZZzl5eFR0M0RvTGx4enJsVUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFQmHAAwQC
W8SsAwQCwbugAwQCwe8wAwQBwe+oMA0EAgACMAcDBQMqBvJAMA0GCSqGSIb3DQEB
CwUAA4IBAQAflvWN8Fz1zS4yY/QaduxSIwwdnN59IwV4i8yvJWFqqNwf4Ll683Wc
Rbz/JK4kMN7gMFG1Byvnhv3XCRJxGRiwHolRZD/fmHqvAL7nFNQv8Dlfe/82chrd
TAqT3xlwdonTZ3gvDpQ/4aIi6l0Gyp6PO/PeKVzdqKC94SEDFa020yfDA2u/9dNz
jnlALYcQc5UbFiLEgJupCsvcS9gpxRQW0Ii55dGWkk1136pkxr20PL31ECgJ88tY
wZFQ659ZXAcYYnaNY0eAXAa71FS2VrCqdIhUiV6E7e5n9NYrh/7F7L6Ue+EHyR/9
GJgchJ3Na81BzFJfHCcI6rX6IH4x2GYV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:33 2024 by rpki-client on console-fra.rpki-client.org