Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/a66c25-2711-4659-b162-35b483bb4c84/1/yxbivM36tYQMb0i84eMj6ptN_5w.roa
File: yxbivM36tYQMb0i84eMj6ptN_5w.roa (raw, json)
Hash identifier: SU+GAoXLrZY0H53R9k+MVxCaAbZz6by1+q+bSaxsvkk=
Subject key identifier: CB:16:E2:BC:CD:FA:B5:84:0C:6F:48:BC:E1:E3:23:EA:9B:4D:FF:9C
Certificate issuer: /CN=f26144c824959711b652d78c18702bf432f2195c
Certificate serial: 09DC7B81
Authority key identifier: F2:61:44:C8:24:95:97:11:B6:52:D7:8C:18:70:2B:F4:32:F2:19:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mFEyCSVlxG2UteMGHAr9DLyGVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/a66c25-2711-4659-b162-35b483bb4c84/1/yxbivM36tYQMb0i84eMj6ptN_5w.roa
Signing time: Sat 01 Jan 2022 00:54:18 +0000
ROA not before: Sat 01 Jan 2022 00:54:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25151
IP address blocks: 193.33.220.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165444481 (0x9dc7b81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f26144c824959711b652d78c18702bf432f2195c
Validity
Not Before: Jan 1 00:54:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb16e2bccdfab5840c6f48bce1e323ea9b4dff9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0e:fd:10:ca:49:d9:a8:66:8e:89:ad:a6:df:
b4:fa:7b:29:ea:48:64:73:e4:3e:e1:27:c7:c4:c6:
5c:b5:ed:6e:59:c8:a0:30:60:b9:a4:7d:bf:b4:76:
ad:ae:c4:6d:57:a8:9f:8b:aa:4c:e3:7d:1b:5e:d9:
24:df:1c:eb:5a:c9:53:64:b7:96:6c:fe:b0:cb:f4:
b9:c0:66:fc:11:66:76:94:58:68:b3:62:4a:c8:11:
fc:00:02:63:51:01:4b:e5:29:1e:92:f8:10:d4:f9:
d6:e2:d6:d1:4b:cc:c0:35:b5:b1:04:75:76:6e:9c:
05:d8:4e:f4:df:94:5e:27:69:49:75:0b:ed:45:75:
bc:e0:05:d7:c4:45:67:83:02:11:2b:0a:a4:4f:00:
0b:a3:55:7a:67:90:51:1e:ea:d0:c0:ca:d1:ae:49:
e1:24:65:4f:1e:cd:29:de:b9:75:40:89:3a:1c:5e:
7e:1e:ad:8e:a1:24:62:dc:a6:ee:95:7a:78:2d:02:
98:6b:3f:e5:68:72:42:57:b7:07:dd:e8:a2:71:27:
2e:39:a6:32:fa:37:ca:6f:5c:6b:ac:ec:b9:48:00:
fd:e0:4f:20:08:79:16:01:d0:2e:f9:08:c1:55:32:
d3:c1:bc:e8:10:20:04:d6:c4:6a:a6:2d:b3:0e:1d:
d1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:16:E2:BC:CD:FA:B5:84:0C:6F:48:BC:E1:E3:23:EA:9B:4D:FF:9C
X509v3 Authority Key Identifier:
keyid:F2:61:44:C8:24:95:97:11:B6:52:D7:8C:18:70:2B:F4:32:F2:19:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mFEyCSVlxG2UteMGHAr9DLyGVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a66c25-2711-4659-b162-35b483bb4c84/1/yxbivM36tYQMb0i84eMj6ptN_5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a66c25-2711-4659-b162-35b483bb4c84/1/8mFEyCSVlxG2UteMGHAr9DLyGVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.220.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:93:ac:d5:60:db:05:86:9d:a1:00:ad:39:f3:e3:73:b6:f5:
f0:45:03:61:97:12:11:2d:87:76:d7:33:a8:54:b0:d3:27:e4:
70:38:48:07:2b:81:b3:5b:65:5e:fa:c0:09:57:35:04:6a:89:
95:6f:7d:b5:12:c8:71:36:e1:1d:d1:c1:50:83:ae:7a:23:68:
59:69:ee:d5:09:6a:cb:56:43:50:0f:d2:94:ce:5f:34:fd:09:
74:fd:03:bd:06:ed:a6:0c:12:d8:99:07:88:aa:c1:be:fd:ab:
c8:66:ca:25:88:e8:60:2f:d0:12:e6:ab:6e:46:92:98:ab:c9:
f7:f7:78:f6:9e:dd:2e:e6:9a:1a:82:4c:e6:ad:5b:c6:22:10:
29:aa:96:54:e1:ed:cc:b5:6e:85:34:ae:9f:de:67:89:4b:19:
94:0d:f2:2a:d0:27:1b:e2:10:35:8e:e2:94:0b:9b:b1:fa:b9:
a2:14:27:28:e2:e0:9b:29:3f:f3:99:d4:a5:de:f5:58:61:94:
7c:8c:77:26:b0:70:d6:8a:bf:5a:e6:c2:28:33:90:de:2b:0c:
48:64:ae:46:2d:3c:bb:d9:6f:76:1c:50:8d:6d:54:64:ee:db:
af:83:a1:af:32:73:74:27:25:56:eb:c4:05:28:16:16:f9:68:
8f:e4:81:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECdx7gTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjYxNDRjODI0OTU5NzExYjY1MmQ3OGMxODcwMmJmNDMyZjIxOTVjMB4XDTIyMDEw
MTAwNTQxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2IxNmUyYmNjZGZh
YjU4NDBjNmY0OGJjZTFlMzIzZWE5YjRkZmY5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO8O/RDKSdmoZo6JrabftPp7KepIZHPkPuEnx8TGXLXtblnI
oDBguaR9v7R2ra7EbVeon4uqTON9G17ZJN8c61rJU2S3lmz+sMv0ucBm/BFmdpRY
aLNiSsgR/AACY1EBS+UpHpL4ENT51uLW0UvMwDW1sQR1dm6cBdhO9N+UXidpSXUL
7UV1vOAF18RFZ4MCESsKpE8AC6NVemeQUR7q0MDK0a5J4SRlTx7NKd65dUCJOhxe
fh6tjqEkYtym7pV6eC0CmGs/5WhyQle3B93oonEnLjmmMvo3ym9ca6zsuUgA/eBP
IAh5FgHQLvkIwVUy08G86BAgBNbEaqYtsw4d0WECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTLFuK8zfq1hAxvSLzh4yPqm03/nDAfBgNVHSMEGDAWgBTyYUTIJJWXEbZS
14wYcCv0MvIZXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhtRkV5Q1NWbHhHMlV0ZU1HSEFyOURMeUdWdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvYTY2YzI1LTI3MTEtNDY1OS1iMTYyLTM1YjQ4M2JiNGM4NC8x
L3l4Yml2TTM2dFlRTWIwaTg0ZU1qNnB0Tl81dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
YTY2YzI1LTI3MTEtNDY1OS1iMTYyLTM1YjQ4M2JiNGM4NC8xLzhtRkV5Q1NWbHhH
MlV0ZU1HSEFyOURMeUdWdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcEh3DANBgkqhkiG9w0BAQsFAAOC
AQEATJOs1WDbBYadoQCtOfPjc7b18EUDYZcSES2HdtczqFSw0yfkcDhIByuBs1tl
XvrACVc1BGqJlW99tRLIcTbhHdHBUIOueiNoWWnu1Qlqy1ZDUA/SlM5fNP0JdP0D
vQbtpgwS2JkHiKrBvv2ryGbKJYjoYC/QEuarbkaSmKvJ9/d49p7dLuaaGoJM5q1b
xiIQKaqWVOHtzLVuhTSun95niUsZlA3yKtAnG+IQNY7ilAubsfq5ohQnKOLgmyk/
85nUpd71WGGUfIx3JrBw1oq/WubCKDOQ3isMSGSuRi08u9lvdhxQjW1UZO7br4Oh
rzJzdCclVuvEBSgWFvloj+SB3A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:06 2025 by rpki-client