Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/FaaRwaipsqgGdOt5204WXCOdmIE.roa
File: FaaRwaipsqgGdOt5204WXCOdmIE.roa (raw, json)
Hash identifier: nt/bsckKkyCveV7AuvXceHCD5n/GhYNKQfrJAy+ZNaI=
Subject key identifier: 15:A6:91:C1:A8:A9:B2:A8:06:74:EB:79:DB:4E:16:5C:23:9D:98:81
Certificate issuer: /CN=5dc67c6be367ab9e941d1427d050449447b8865c
Certificate serial: 06D0AE9A
Authority key identifier: 5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/FaaRwaipsqgGdOt5204WXCOdmIE.roa
Signing time: Sat 01 Jan 2022 04:53:38 +0000
ROA not before: Sat 01 Jan 2022 04:53:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205240
IP address blocks: 193.218.203.0/24 maxlen: 24
2a0f:99c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114339482 (0x6d0ae9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc67c6be367ab9e941d1427d050449447b8865c
Validity
Not Before: Jan 1 04:53:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15a691c1a8a9b2a80674eb79db4e165c239d9881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ac:22:6f:d9:e3:d7:8f:5b:c0:eb:32:07:99:
ef:6c:3a:97:ba:20:58:a3:7b:7a:91:b8:0e:d2:fe:
7c:7a:2f:2b:05:8e:59:37:d8:05:66:fe:02:5e:19:
4c:60:b1:20:8e:9b:1f:0a:f6:e0:d1:c6:eb:47:d3:
0e:b7:2d:63:1c:4b:f4:a1:4b:d0:17:7b:c3:7f:46:
2c:f2:af:b4:e4:4e:2b:a7:3c:c3:a0:a4:bb:c1:df:
9b:a0:21:84:f2:f8:f9:4f:9e:f3:2a:81:02:4e:92:
c3:e2:5b:15:4b:32:30:fb:44:50:0f:f6:1c:61:19:
23:50:f3:91:26:d3:3e:36:7f:59:1d:f0:30:75:78:
82:c4:14:29:fe:07:cd:d8:9e:5e:bf:6a:57:c3:5a:
df:17:8c:1a:d9:14:11:2b:f6:99:e8:ab:6c:e6:cc:
a8:8e:8f:bb:31:18:06:15:ad:1c:2b:da:a4:66:77:
53:33:88:e0:d4:20:40:f2:99:c6:39:97:e2:d4:3d:
cc:a9:12:0e:67:00:72:a3:bb:d2:6f:e1:2f:d0:1a:
f5:d2:1d:81:e7:42:f1:fa:e4:43:3c:d5:34:0e:bb:
13:eb:ee:74:af:01:1e:9c:57:3f:21:1d:d9:f9:71:
72:c4:cb:bf:fa:01:14:99:5b:ba:24:ad:b2:c2:be:
e8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A6:91:C1:A8:A9:B2:A8:06:74:EB:79:DB:4E:16:5C:23:9D:98:81
X509v3 Authority Key Identifier:
keyid:5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/FaaRwaipsqgGdOt5204WXCOdmIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.203.0/24
IPv6:
2a0f:99c0::/32
Signature Algorithm: sha256WithRSAEncryption
80:a0:af:bb:24:af:9a:f2:03:b1:a9:44:4a:1c:48:a7:fc:e4:
7b:2e:28:b3:5e:65:d3:03:9a:fd:a9:84:39:d2:2a:8b:90:3e:
8f:43:ae:95:4d:5f:51:8b:d1:40:b7:bc:1a:bc:6f:22:ed:b6:
45:25:23:f4:80:3c:65:c1:0e:d4:31:7b:39:2f:b1:e1:69:c6:
6d:9b:e9:a5:8c:8b:39:92:d3:27:e8:1c:75:eb:0b:de:a3:d8:
60:93:c3:d0:6f:e7:0d:3e:a2:2b:10:1e:37:27:e4:1d:a1:72:
c6:95:18:ae:5c:e9:2a:03:46:07:78:4d:f6:7d:a3:bc:33:8f:
59:b1:71:87:18:d0:a9:25:ba:8c:05:c2:17:be:1d:0f:23:96:
0b:52:ff:a9:79:11:d0:9a:dd:48:50:91:63:f9:44:1b:9b:c9:
0c:03:5a:3c:02:c0:21:94:e8:fe:8f:86:a6:a0:20:95:95:b0:
31:b5:86:da:63:20:54:3a:2b:58:bf:05:41:8e:a2:42:b2:fe:
d9:22:2a:22:83:7b:b1:77:55:90:3b:b3:b3:e1:c2:7e:64:66:
23:c4:f0:08:5c:ca:76:03:ac:70:5e:52:49:67:82:7f:34:0c:
d7:78:58:25:9d:79:b6:4f:d1:8f:05:50:16:d4:a6:27:a3:57:
67:a5:b1:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBtCumjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGM2N2M2YmUzNjdhYjllOTQxZDE0MjdkMDUwNDQ5NDQ3Yjg4NjVjMB4XDTIyMDEw
MTA0NTMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTVhNjkxYzFhOGE5
YjJhODA2NzRlYjc5ZGI0ZTE2NWMyMzlkOTg4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANisIm/Z49ePW8DrMgeZ72w6l7ogWKN7epG4DtL+fHovKwWO
WTfYBWb+Al4ZTGCxII6bHwr24NHG60fTDrctYxxL9KFL0Bd7w39GLPKvtOROK6c8
w6Cku8Hfm6AhhPL4+U+e8yqBAk6Sw+JbFUsyMPtEUA/2HGEZI1DzkSbTPjZ/WR3w
MHV4gsQUKf4HzdieXr9qV8Na3xeMGtkUESv2meirbObMqI6PuzEYBhWtHCvapGZ3
UzOI4NQgQPKZxjmX4tQ9zKkSDmcAcqO70m/hL9Aa9dIdgedC8frkQzzVNA67E+vu
dK8BHpxXPyEd2flxcsTLv/oBFJlbuiStssK+6E0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQVppHBqKmyqAZ063nbThZcI52YgTAfBgNVHSMEGDAWgBRdxnxr42ernpQd
FCfQUESUR7iGXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hjWjhhLU5ucTU2VUhSUW4wRkJFbEVlNGhsdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNzYyNzVhLTZmNDEtNDgwNC04MzdiLTg5Nzk5ZGVhZGM0Ny8x
L0ZhYVJ3YWlwc3FnR2RPdDUyMDRXWENPZG1JRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NzYyNzVhLTZmNDEtNDgwNC04MzdiLTg5Nzk5ZGVhZGM0Ny8xL1hjWjhhLU5ucTU2
VUhSUW4wRkJFbEVlNGhsdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMHayzANBAIAAjAHAwUAKg+ZwDAN
BgkqhkiG9w0BAQsFAAOCAQEAgKCvuySvmvIDsalEShxIp/zkey4os15l0wOa/amE
OdIqi5A+j0OulU1fUYvRQLe8GrxvIu22RSUj9IA8ZcEO1DF7OS+x4WnGbZvppYyL
OZLTJ+gcdesL3qPYYJPD0G/nDT6iKxAeNyfkHaFyxpUYrlzpKgNGB3hN9n2jvDOP
WbFxhxjQqSW6jAXCF74dDyOWC1L/qXkR0JrdSFCRY/lEG5vJDANaPALAIZTo/o+G
pqAglZWwMbWG2mMgVDorWL8FQY6iQrL+2SIqIoN7sXdVkDuzs+HCfmRmI8TwCFzK
dgOscF5SSWeCfzQM13hYJZ15tk/RjwVQFtSmJ6NXZ6Wxaw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:45 2023 by rpki-client on console-ams.rpki-client.org