Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/373bcf-79d6-4863-9bf0-d8c964591afa/1/USuVRnlsWtuF5oUw_4X2FmQASOI.roa
File: USuVRnlsWtuF5oUw_4X2FmQASOI.roa (raw, json)
Hash identifier: 0D2JK/2wp8M/sHTJOJSpupLVBxve2bRjquEr9QsXXr4=
Subject key identifier: 51:2B:95:46:79:6C:5A:DB:85:E6:85:30:FF:85:F6:16:64:00:48:E2
Certificate issuer: /CN=7c46a3cad80965af86cbb0083dfb40ab2ff1bacf
Certificate serial: 01856E2FA1E9B4AEF0D4ABF0D7DEC493CDF1
Authority key identifier: 7C:46:A3:CA:D8:09:65:AF:86:CB:B0:08:3D:FB:40:AB:2F:F1:BA:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEajytgJZa-Gy7AIPftAqy_xus8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/373bcf-79d6-4863-9bf0-d8c964591afa/1/USuVRnlsWtuF5oUw_4X2FmQASOI.roa
Signing time: Sun 01 Jan 2023 16:34:53 +0000
ROA not before: Sun 01 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49425
IP address blocks: 130.185.160.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a1:e9:b4:ae:f0:d4:ab:f0:d7:de:c4:93:cd:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c46a3cad80965af86cbb0083dfb40ab2ff1bacf
Validity
Not Before: Jan 1 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=512b9546796c5adb85e68530ff85f616640048e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8f:14:4e:1e:0c:d7:d8:67:2f:17:8b:09:83:
18:7f:8e:9d:19:38:ca:d4:9e:42:a0:27:e8:fe:a2:
78:f3:5a:c9:04:d1:ff:44:f6:20:e0:dc:d2:b8:4f:
1c:a6:60:cb:14:f3:ce:ac:4a:da:b5:ea:36:01:fd:
77:2b:36:95:db:1c:9d:ed:e6:40:df:3f:7e:0d:9c:
fa:81:58:f8:95:d8:4c:34:d9:69:6b:59:37:5d:15:
6a:4a:ef:d4:4c:f1:81:12:f1:97:f5:9c:9b:2a:11:
c8:1f:85:09:64:74:9b:da:1f:c8:17:27:40:0b:cb:
64:3d:46:0d:69:58:96:cb:20:64:30:bb:58:1c:b7:
33:26:71:9c:51:2a:f1:b8:f8:28:d9:c2:80:eb:35:
19:84:8a:aa:4a:a9:b1:ad:41:d3:e3:62:54:d9:7f:
18:15:38:48:b5:4a:b8:2a:f6:8d:5a:fc:c3:32:b7:
7e:23:b6:3d:a2:ae:f8:32:7e:95:04:e7:96:43:87:
bd:d3:f7:fa:ab:3c:36:ca:36:bb:c4:bb:53:63:c6:
ef:7a:41:0b:ba:86:cc:b2:9f:ee:23:61:40:55:42:
01:f7:46:46:e0:33:f4:35:a3:84:eb:72:2a:e1:2e:
40:3a:29:c4:8f:89:9c:a1:c2:d1:81:58:4d:27:4f:
78:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2B:95:46:79:6C:5A:DB:85:E6:85:30:FF:85:F6:16:64:00:48:E2
X509v3 Authority Key Identifier:
keyid:7C:46:A3:CA:D8:09:65:AF:86:CB:B0:08:3D:FB:40:AB:2F:F1:BA:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEajytgJZa-Gy7AIPftAqy_xus8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/373bcf-79d6-4863-9bf0-d8c964591afa/1/USuVRnlsWtuF5oUw_4X2FmQASOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/373bcf-79d6-4863-9bf0-d8c964591afa/1/fEajytgJZa-Gy7AIPftAqy_xus8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.160.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:a4:8b:da:36:3e:26:d0:c6:af:49:5e:58:2b:83:a8:76:10:
1f:c6:bc:84:3b:a4:9e:d5:48:c8:e1:eb:ab:ed:c4:c7:cf:a6:
24:67:c9:eb:5b:6a:00:38:85:83:cc:a7:96:17:8f:7a:5e:46:
9e:55:c3:e1:e5:22:95:9c:13:15:f3:06:60:9b:e3:22:a9:bc:
be:86:90:cd:36:3b:76:1d:bb:07:55:cb:de:57:9a:3f:c2:1d:
9d:82:8e:9f:3c:54:ae:b7:af:16:a7:6f:38:cf:fa:c4:6a:80:
b8:92:c7:3e:ef:8f:58:3b:db:19:8d:bf:08:0c:44:c6:f0:4e:
e3:be:24:12:d3:48:8b:14:79:cc:c9:6d:19:b2:ab:3b:ee:50:
64:98:4f:6b:f4:af:a6:37:79:ed:ab:f5:b7:df:fa:6d:38:b0:
13:bc:6d:fa:b4:a4:6e:6e:28:76:19:58:27:ef:fa:c7:02:d5:
76:8d:f2:28:10:39:f1:22:10:13:e6:38:eb:fa:a6:b2:a4:01:
6d:7b:88:3e:98:e4:92:d6:1c:63:a0:7a:1a:6e:6d:1c:87:5d:
f3:a2:59:05:ce:8c:5c:43:a8:d9:82:82:6e:51:f1:33:cd:6f:
cb:e4:36:4a:99:74:79:a6:a3:b4:76:93:64:b1:2f:32:60:48:
96:e1:99:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL6HptK7w1Kvw197Ek83xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNDZhM2NhZDgwOTY1YWY4NmNiYjAwODNkZmI0MGFiMmZm
MWJhY2YwHhcNMjMwMTAxMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJiOTU0Njc5NmM1YWRiODVlNjg1MzBmZjg1ZjYxNjY0MDA0OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY8UTh4M19hnLxeLCYMYf46dGTjK
1J5CoCfo/qJ481rJBNH/RPYg4NzSuE8cpmDLFPPOrErateo2Af13KzaV2xyd7eZA
3z9+DZz6gVj4ldhMNNlpa1k3XRVqSu/UTPGBEvGX9ZybKhHIH4UJZHSb2h/IFydA
C8tkPUYNaViWyyBkMLtYHLczJnGcUSrxuPgo2cKA6zUZhIqqSqmxrUHT42JU2X8Y
FThItUq4KvaNWvzDMrd+I7Y9oq74Mn6VBOeWQ4e90/f6qzw2yja7xLtTY8bvekEL
uobMsp/uI2FAVUIB90ZG4DP0NaOE63Iq4S5AOinEj4mcocLRgVhNJ094ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFErlUZ5bFrbheaFMP+F9hZkAEjiMB8GA1UdIwQY
MBaAFHxGo8rYCWWvhsuwCD37QKsv8brPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkVhanl0Z0paYS1HeTdBSVBmdEFxeV94dXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zNzNiY2YtNzlkNi00ODYzLTliZjAt
ZDhjOTY0NTkxYWZhLzEvVVN1VlJubHNXdHVGNW9Vd180WDJGbVFBU09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zNzNiY2YtNzlkNi00ODYzLTliZjAtZDhjOTY0NTkxYWZh
LzEvZkVhanl0Z0paYS1HeTdBSVBmdEFxeV94dXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDgrmgMA0G
CSqGSIb3DQEBCwUAA4IBAQBcpIvaNj4m0MavSV5YK4OodhAfxryEO6Se1UjI4eur
7cTHz6YkZ8nrW2oAOIWDzKeWF496XkaeVcPh5SKVnBMV8wZgm+Miqby+hpDNNjt2
HbsHVcveV5o/wh2dgo6fPFSut68Wp284z/rEaoC4ksc+749YO9sZjb8IDETG8E7j
viQS00iLFHnMyW0Zsqs77lBkmE9r9K+mN3ntq/W33/ptOLATvG36tKRubih2GVgn
7/rHAtV2jfIoEDnxIhAT5jjr+qaypAFte4g+mOSS1hxjoHoabm0ch13zolkFzoxc
Q6jZgoJuUfEzzW/L5DZKmXR5pqO0dpNksS8yYEiW4ZmW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org