Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/373bcf-79d6-4863-9bf0-d8c964591afa/1/rpDKuPschHkfq7Uj7eCs1nfpAJA.roa
File: rpDKuPschHkfq7Uj7eCs1nfpAJA.roa (raw, json)
Hash identifier: 7zGOR4WoTVtJCXxV4Y5tMMb+dJ3CrHOgkSb92ZAWVSs=
Subject key identifier: AE:90:CA:B8:FB:1C:84:79:1F:AB:B5:23:ED:E0:AC:D6:77:E9:00:90
Certificate issuer: /CN=7c46a3cad80965af86cbb0083dfb40ab2ff1bacf
Certificate serial: 018CC26D46C5B21EF5C4330DB30AD441A29A
Authority key identifier: 7C:46:A3:CA:D8:09:65:AF:86:CB:B0:08:3D:FB:40:AB:2F:F1:BA:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEajytgJZa-Gy7AIPftAqy_xus8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/373bcf-79d6-4863-9bf0-d8c964591afa/1/rpDKuPschHkfq7Uj7eCs1nfpAJA.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49425
IP address blocks: 130.185.160.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:c5:b2:1e:f5:c4:33:0d:b3:0a:d4:41:a2:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c46a3cad80965af86cbb0083dfb40ab2ff1bacf
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae90cab8fb1c84791fabb523ede0acd677e90090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ff:a3:c0:14:23:e7:ad:8e:b7:40:9d:98:24:
6e:43:15:02:06:b5:0c:19:46:78:05:c2:1f:4c:f2:
81:93:17:5a:e7:ff:80:74:4b:4f:f6:0c:44:e7:d0:
6c:8d:87:55:8d:d3:22:f2:5f:19:a8:d7:95:d7:d5:
f5:ac:d8:9a:a4:f5:8f:10:b2:62:17:1c:3f:99:e7:
91:66:4c:ea:77:23:42:05:91:a0:58:f3:93:24:41:
ab:05:66:cf:d8:1f:90:98:58:4c:26:53:b6:f6:c7:
54:d1:4e:46:75:ad:74:58:3a:43:37:2d:f5:a7:4d:
69:3e:43:b1:d0:34:21:d3:65:5b:55:34:cc:ca:3d:
8e:73:2e:c4:46:58:d2:4a:da:c0:0b:8e:1a:9e:92:
21:a3:58:1d:0f:38:01:71:48:cb:2b:37:9c:d9:9d:
80:03:c5:ca:7f:89:27:81:0e:ca:aa:7a:72:04:ca:
45:58:85:b0:3c:66:33:75:8d:f8:12:8c:a3:f1:98:
10:d2:59:a0:15:b6:36:d7:19:60:cb:26:4f:dd:8d:
16:13:cb:f7:8e:3d:8d:14:79:c2:54:b1:15:c6:f1:
16:40:75:79:7e:f4:c9:4d:f8:e8:f6:80:0f:d5:88:
61:b8:ae:15:01:89:51:f2:d2:0f:06:24:a7:f3:f8:
b2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:90:CA:B8:FB:1C:84:79:1F:AB:B5:23:ED:E0:AC:D6:77:E9:00:90
X509v3 Authority Key Identifier:
keyid:7C:46:A3:CA:D8:09:65:AF:86:CB:B0:08:3D:FB:40:AB:2F:F1:BA:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEajytgJZa-Gy7AIPftAqy_xus8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/373bcf-79d6-4863-9bf0-d8c964591afa/1/rpDKuPschHkfq7Uj7eCs1nfpAJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/373bcf-79d6-4863-9bf0-d8c964591afa/1/fEajytgJZa-Gy7AIPftAqy_xus8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.160.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:d7:d1:83:a1:9b:4e:d1:e5:d8:ca:f5:31:86:e5:e6:9d:d7:
2a:e1:2d:1a:47:0d:3e:8a:1d:68:c1:87:c0:5b:4d:35:19:19:
44:92:54:e4:e8:52:57:cc:45:fa:10:05:2b:0b:89:53:a0:ef:
38:0f:e7:b3:0e:00:8b:6c:06:80:b2:1c:15:31:76:8a:48:bd:
12:9e:a6:74:23:c1:9d:38:72:7b:2b:57:1a:34:1f:65:8f:e1:
cb:c1:f9:69:7b:80:f2:76:5a:ab:92:9d:b7:6a:bd:e0:ff:91:
87:22:c9:aa:8c:9c:1f:b9:0c:17:a9:05:22:bc:ff:ed:9e:11:
4c:0f:e2:cf:eb:1f:ce:46:4d:d5:8c:98:24:46:6c:8b:68:5e:
91:16:9d:27:03:c3:6c:4c:29:5d:0d:b2:98:c4:00:ec:25:92:
7f:01:2f:a6:ef:00:3b:60:1a:13:bd:a8:a4:c9:df:4d:ed:41:
d5:64:95:c8:74:5c:56:c5:e7:31:26:dc:3c:1d:21:08:46:45:
9d:66:4b:41:eb:14:e4:1f:09:3b:9d:32:ae:e3:c3:f4:0d:f5:
53:74:97:2d:79:bf:9b:9e:45:a1:18:34:ed:39:f9:fd:e8:ea:
41:d5:a1:ee:dc:77:29:62:37:5c:3a:43:31:0b:4e:4f:2f:0d:
5f:aa:07:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbUbFsh71xDMNswrUQaKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNDZhM2NhZDgwOTY1YWY4NmNiYjAwODNkZmI0MGFiMmZm
MWJhY2YwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTkwY2FiOGZiMWM4NDc5MWZhYmI1MjNlZGUwYWNkNjc3ZTkwMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv+jwBQj562Ot0CdmCRuQxUCBrUM
GUZ4BcIfTPKBkxda5/+AdEtP9gxE59BsjYdVjdMi8l8ZqNeV19X1rNiapPWPELJi
Fxw/meeRZkzqdyNCBZGgWPOTJEGrBWbP2B+QmFhMJlO29sdU0U5Gda10WDpDNy31
p01pPkOx0DQh02VbVTTMyj2Ocy7ERljSStrAC44anpIho1gdDzgBcUjLKzec2Z2A
A8XKf4kngQ7KqnpyBMpFWIWwPGYzdY34Eoyj8ZgQ0lmgFbY21xlgyyZP3Y0WE8v3
jj2NFHnCVLEVxvEWQHV5fvTJTfjo9oAP1YhhuK4VAYlR8tIPBiSn8/iywwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6Qyrj7HIR5H6u1I+3grNZ36QCQMB8GA1UdIwQY
MBaAFHxGo8rYCWWvhsuwCD37QKsv8brPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkVhanl0Z0paYS1HeTdBSVBmdEFxeV94dXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zNzNiY2YtNzlkNi00ODYzLTliZjAt
ZDhjOTY0NTkxYWZhLzEvcnBES3VQc2NoSGtmcTdVajdlQ3MxbmZwQUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zNzNiY2YtNzlkNi00ODYzLTliZjAtZDhjOTY0NTkxYWZh
LzEvZkVhanl0Z0paYS1HeTdBSVBmdEFxeV94dXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDgrmgMA0G
CSqGSIb3DQEBCwUAA4IBAQBe19GDoZtO0eXYyvUxhuXmndcq4S0aRw0+ih1owYfA
W001GRlEklTk6FJXzEX6EAUrC4lToO84D+ezDgCLbAaAshwVMXaKSL0SnqZ0I8Gd
OHJ7K1caNB9lj+HLwflpe4Dydlqrkp23ar3g/5GHIsmqjJwfuQwXqQUivP/tnhFM
D+LP6x/ORk3VjJgkRmyLaF6RFp0nA8NsTCldDbKYxADsJZJ/AS+m7wA7YBoTvaik
yd9N7UHVZJXIdFxWxecxJtw8HSEIRkWdZktB6xTkHwk7nTKu48P0DfVTdJcteb+b
nkWhGDTtOfn96OpB1aHu3HcpYjdcOkMxC05PLw1fqgce
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org