Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/217a7c-4cfd-4174-8dca-77405adaa11f/1/4xkunOCNFhhFtu1LMnLff4GyU_o.roa
File: 4xkunOCNFhhFtu1LMnLff4GyU_o.roa (raw, json)
Hash identifier: /UoHQbKm6L3f+ZbRYwZr7fxbsrLnC8vt3fXRUY/0Uek=
Subject key identifier: E3:19:2E:9C:E0:8D:16:18:45:B6:ED:4B:32:72:DF:7F:81:B2:53:FA
Certificate issuer: /CN=94ce9c4c165f1c89cb7e12b2939967dbf33c74c4
Certificate serial: 01883655FC2AD4BA7B3F710399206DE63F1D
Authority key identifier: 94:CE:9C:4C:16:5F:1C:89:CB:7E:12:B2:93:99:67:DB:F3:3C:74:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lM6cTBZfHInLfhKyk5ln2_M8dMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/217a7c-4cfd-4174-8dca-77405adaa11f/1/4xkunOCNFhhFtu1LMnLff4GyU_o.roa
Signing time: Fri 19 May 2023 23:26:24 +0000
ROA not before: Fri 19 May 2023 23:26:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49775
IP address blocks: 185.194.252.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:36:55:fc:2a:d4:ba:7b:3f:71:03:99:20:6d:e6:3f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94ce9c4c165f1c89cb7e12b2939967dbf33c74c4
Validity
Not Before: May 19 23:26:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3192e9ce08d161845b6ed4b3272df7f81b253fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a2:00:ce:c3:41:cf:a4:c6:a3:f8:87:55:fe:
5f:a2:ac:06:04:61:d4:37:ae:11:0c:63:e0:7a:62:
1d:24:5f:2c:bc:84:56:e2:03:72:d5:ec:80:f0:83:
11:1e:06:f5:42:f5:f9:04:ba:70:c5:b2:4a:98:64:
c7:67:7c:59:e3:4a:3d:38:81:f4:d8:a8:43:59:95:
da:b9:db:b6:11:ce:ac:6f:82:70:8a:63:a6:11:86:
fd:50:1f:13:f9:32:4d:8a:d5:63:e0:ba:0e:a9:1d:
02:88:fd:3b:22:82:2f:27:b9:43:76:09:67:57:c6:
dc:df:99:c0:18:04:e4:f5:54:dc:9a:a3:b7:02:d6:
5c:d1:b2:87:c2:6b:e7:cd:08:9a:d5:fc:b4:c5:89:
47:17:25:b5:2c:04:60:0d:b4:2d:06:60:3f:27:7a:
5c:e8:fd:d8:8f:7f:6c:dc:6f:37:33:24:5f:4c:a6:
94:79:50:b8:d4:37:ef:98:88:3f:b9:e0:65:4b:cc:
f0:a4:2b:c6:a5:c7:dc:b3:68:be:30:37:a1:f1:ab:
bf:4c:86:cb:c2:e7:be:34:79:5d:7a:7b:b4:1f:a5:
1e:d6:9c:d1:78:12:6d:30:7b:98:ed:fc:0b:1f:e6:
73:6b:2d:a6:2a:e4:ed:63:ca:15:d8:c7:87:49:b1:
ee:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:19:2E:9C:E0:8D:16:18:45:B6:ED:4B:32:72:DF:7F:81:B2:53:FA
X509v3 Authority Key Identifier:
keyid:94:CE:9C:4C:16:5F:1C:89:CB:7E:12:B2:93:99:67:DB:F3:3C:74:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lM6cTBZfHInLfhKyk5ln2_M8dMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/217a7c-4cfd-4174-8dca-77405adaa11f/1/4xkunOCNFhhFtu1LMnLff4GyU_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/217a7c-4cfd-4174-8dca-77405adaa11f/1/lM6cTBZfHInLfhKyk5ln2_M8dMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.252.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:fa:88:b9:5f:af:a2:6b:dc:ad:40:38:cd:75:09:b4:a6:80:
f8:bd:95:49:77:ac:44:b7:a8:a3:fd:12:d4:c5:fb:db:28:7d:
ba:75:87:ca:f4:22:72:35:e0:73:07:52:f7:a5:78:e3:e9:d1:
6e:4a:1f:a1:a8:1a:bd:23:8a:3d:86:ef:68:bc:fd:b9:92:4d:
0e:c4:5d:87:d7:68:fe:bf:87:06:04:78:0d:2d:0b:16:5a:40:
94:4c:e5:82:03:11:1f:14:f5:7a:56:1c:d3:41:44:9f:5d:a6:
f5:7d:04:3a:72:42:ba:54:f3:57:1a:0b:5b:3d:0d:44:90:65:
d6:d2:66:47:6f:b8:8b:01:d5:c8:9e:37:8f:18:6a:29:52:5c:
99:ea:9d:51:a6:17:83:e6:f3:f2:14:62:23:8b:c4:84:9c:db:
4c:9c:1b:26:6d:5e:c2:d2:f4:42:ff:d6:50:75:99:76:90:36:
83:d1:26:cd:e6:de:ad:1a:45:d4:bd:66:5d:46:a5:f8:64:cd:
b2:5e:bb:19:9c:67:08:2b:e4:dc:23:06:34:47:58:62:98:7e:
c0:15:97:d0:2e:c7:82:05:e2:88:ef:b1:cc:07:5c:75:0a:4b:
a0:ab:95:59:e6:1b:fd:36:93:35:9b:aa:41:32:a1:9c:da:7a:
a2:a7:1b:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYg2Vfwq1Lp7P3EDmSBt5j8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Y2U5YzRjMTY1ZjFjODljYjdlMTJiMjkzOTk2N2RiZjMz
Yzc0YzQwHhcNMjMwNTE5MjMyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzE5MmU5Y2UwOGQxNjE4NDViNmVkNGIzMjcyZGY3ZjgxYjI1M2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaIAzsNBz6TGo/iHVf5foqwGBGHU
N64RDGPgemIdJF8svIRW4gNy1eyA8IMRHgb1QvX5BLpwxbJKmGTHZ3xZ40o9OIH0
2KhDWZXaudu2Ec6sb4JwimOmEYb9UB8T+TJNitVj4LoOqR0CiP07IoIvJ7lDdgln
V8bc35nAGATk9VTcmqO3AtZc0bKHwmvnzQia1fy0xYlHFyW1LARgDbQtBmA/J3pc
6P3Yj39s3G83MyRfTKaUeVC41DfvmIg/ueBlS8zwpCvGpcfcs2i+MDeh8au/TIbL
wue+NHldenu0H6Ue1pzReBJtMHuY7fwLH+Zzay2mKuTtY8oV2MeHSbHuaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMZLpzgjRYYRbbtSzJy33+BslP6MB8GA1UdIwQY
MBaAFJTOnEwWXxyJy34SspOZZ9vzPHTEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE02Y1RCWmZISW5MZmhLeWs1bG4yX004ZE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yMTdhN2MtNGNmZC00MTc0LThkY2Et
Nzc0MDVhZGFhMTFmLzEvNHhrdW5PQ05GaGhGdHUxTE1uTGZmNEd5VV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yMTdhN2MtNGNmZC00MTc0LThkY2EtNzc0MDVhZGFhMTFm
LzEvbE02Y1RCWmZISW5MZmhLeWs1bG4yX004ZE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucL8MA0G
CSqGSIb3DQEBCwUAA4IBAQBr+oi5X6+ia9ytQDjNdQm0poD4vZVJd6xEt6ij/RLU
xfvbKH26dYfK9CJyNeBzB1L3pXjj6dFuSh+hqBq9I4o9hu9ovP25kk0OxF2H12j+
v4cGBHgNLQsWWkCUTOWCAxEfFPV6VhzTQUSfXab1fQQ6ckK6VPNXGgtbPQ1EkGXW
0mZHb7iLAdXInjePGGopUlyZ6p1RpheD5vPyFGIji8SEnNtMnBsmbV7C0vRC/9ZQ
dZl2kDaD0SbN5t6tGkXUvWZdRqX4ZM2yXrsZnGcIK+TcIwY0R1himH7AFZfQLseC
BeKI77HMB1x1Ckugq5VZ5hv9NpM1m6pBMqGc2nqipxsh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:28 2023 by rpki-client on console-ams.rpki-client.org