Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/NHqrGzx29iqjxTYPY8xEqN8o98A.roa
File: NHqrGzx29iqjxTYPY8xEqN8o98A.roa (raw, json)
Hash identifier: CIfANYR7qFCq03n+9KDPn1cmsBhGK6MXoU53+PMOS4o=
Subject key identifier: 34:7A:AB:1B:3C:76:F6:2A:A3:C5:36:0F:63:CC:44:A8:DF:28:F7:C0
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 38183B23
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/NHqrGzx29iqjxTYPY8xEqN8o98A.roa
Signing time: Sat 01 Jan 2022 09:59:24 +0000
ROA not before: Sat 01 Jan 2022 09:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35534
IP address blocks: 178.175.186.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941112099 (0x38183b23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jan 1 09:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=347aab1b3c76f62aa3c5360f63cc44a8df28f7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:8e:e2:46:7a:0a:52:b6:57:41:01:81:8a:5f:
a1:28:00:95:51:4f:0c:bc:25:8e:cf:60:35:2f:dd:
b0:a8:d3:fc:cb:00:1d:eb:53:f8:bd:fb:21:f9:75:
f6:9d:e6:9b:10:18:c4:73:b4:5c:4c:fe:ea:87:eb:
02:71:af:2d:a1:c7:4c:9a:99:2c:13:b1:3d:e2:f5:
69:cb:84:1f:9e:b4:4e:ea:5d:14:ea:46:4f:53:a3:
e1:6c:9b:30:6a:66:76:59:ee:02:39:6d:3f:b7:26:
b1:4b:9c:ab:cf:1a:22:3d:dd:75:90:ce:e2:2a:49:
c7:87:d5:5c:c3:71:fe:8f:74:a6:a6:be:c4:8e:3c:
2f:7e:c5:b5:cc:60:1b:be:2f:ec:07:86:65:99:c9:
db:d5:73:8a:9a:96:bb:5f:4f:17:96:83:21:9e:51:
71:61:87:fb:cc:9f:ae:e3:b9:72:e5:01:e1:86:34:
e7:3a:a5:c9:23:60:22:2c:eb:da:6a:08:5d:9e:71:
1e:c3:86:1f:84:e6:be:ed:59:84:ea:af:50:5b:5e:
53:aa:fe:32:a8:c7:48:6a:8b:f0:46:4f:69:4b:27:
d8:aa:06:84:6b:0c:12:11:96:4c:d3:8c:9a:32:a8:
46:73:ae:5b:83:f2:fb:f3:2c:5e:6a:7a:95:d3:7d:
6b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7A:AB:1B:3C:76:F6:2A:A3:C5:36:0F:63:CC:44:A8:DF:28:F7:C0
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/NHqrGzx29iqjxTYPY8xEqN8o98A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.186.0/23
Signature Algorithm: sha256WithRSAEncryption
06:a2:c5:bf:fa:4f:a6:d8:1e:6e:5f:63:9b:64:06:d2:2e:e2:
13:b8:f1:38:51:73:fc:52:1a:cd:62:41:64:a5:e0:32:68:2c:
24:a9:6e:1d:94:61:d3:c8:7a:a2:e9:74:c7:18:b8:54:25:39:
32:5c:1b:59:40:05:71:67:95:29:ae:69:2b:9d:d9:46:ac:0e:
d8:5a:9d:c9:75:6e:6b:39:a7:7f:1d:21:38:f2:3f:dd:f9:f3:
0e:05:ea:6c:3f:f2:0e:a2:74:cd:e5:3e:94:63:59:e4:e4:18:
70:82:70:02:d8:42:1e:52:75:0f:3b:06:4e:08:26:4a:f3:49:
dd:0e:34:3a:7c:44:5b:1d:8b:55:13:10:ca:25:25:9b:db:b0:
6f:41:4f:8c:4c:81:d8:d2:f9:3c:69:a7:b4:d2:8a:67:3c:61:
a4:67:be:e6:dd:9f:ca:f8:f4:8f:ee:e1:98:e4:fe:a7:2a:17:
89:4d:8c:90:4f:ed:4d:46:58:19:48:32:dd:67:50:c0:d8:21:
e1:06:f1:97:6f:8c:51:6e:c4:bf:88:b3:41:75:24:72:6e:f6:
77:7d:4e:cb:91:15:d1:d3:41:0b:e8:6b:8d:10:b4:ba:da:3a:
82:ef:59:08:ab:81:95:94:c9:46:76:04:25:43:22:30:46:26:
61:c7:b4:33
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOBg7IzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTFiOTE1MDQ5ODMwOTE1MDZhMWE5NDQ0NTdhNDU1OGI5NGRhYjdmMB4XDTIyMDEw
MTA5NTkyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ3YWFiMWIzYzc2
ZjYyYWEzYzUzNjBmNjNjYzQ0YThkZjI4ZjdjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO+O4kZ6ClK2V0EBgYpfoSgAlVFPDLwljs9gNS/dsKjT/MsA
HetT+L37Ifl19p3mmxAYxHO0XEz+6ofrAnGvLaHHTJqZLBOxPeL1acuEH560Tupd
FOpGT1Oj4WybMGpmdlnuAjltP7cmsUucq88aIj3ddZDO4ipJx4fVXMNx/o90pqa+
xI48L37FtcxgG74v7AeGZZnJ29VzipqWu19PF5aDIZ5RcWGH+8yfruO5cuUB4YY0
5zqlySNgIizr2moIXZ5xHsOGH4Tmvu1ZhOqvUFteU6r+MqjHSGqL8EZPaUsn2KoG
hGsMEhGWTNOMmjKoRnOuW4Py+/MsXmp6ldN9a2kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0eqsbPHb2KqPFNg9jzESo3yj3wDAfBgNVHSMEGDAWgBS5G5FQSYMJFQah
qURFekVYuU2rfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VSdVJVRW1EQ1JVR29hbEVSWHBGV0xsTnEzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8x
L05IcXJHengyOWlxanhUWVBZOHhFcU44bzk4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8xL3VSdVJVRW1EQ1JV
R29hbEVSWHBGV0xsTnEzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbKvujANBgkqhkiG9w0BAQsFAAOC
AQEABqLFv/pPptgebl9jm2QG0i7iE7jxOFFz/FIazWJBZKXgMmgsJKluHZRh08h6
oul0xxi4VCU5MlwbWUAFcWeVKa5pK53ZRqwO2FqdyXVuazmnfx0hOPI/3fnzDgXq
bD/yDqJ0zeU+lGNZ5OQYcIJwAthCHlJ1DzsGTggmSvNJ3Q40OnxEWx2LVRMQyiUl
m9uwb0FPjEyB2NL5PGmntNKKZzxhpGe+5t2fyvj0j+7hmOT+pyoXiU2MkE/tTUZY
GUgy3WdQwNgh4Qbxl2+MUW7Ev4izQXUkcm72d31Oy5EV0dNBC+hrjRC0uto6gu9Z
CKuBlZTJRnYEJUMiMEYmYce0Mw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org