Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/n2fQ90lB3j9RnIBApnUyBH9HcNc.roa
File: n2fQ90lB3j9RnIBApnUyBH9HcNc.roa (raw, json)
Hash identifier: oYJGk9uZZfBVAphv6YOFtMdSWENTPJMB6wjSonN6Plk=
Subject key identifier: 9F:67:D0:F7:49:41:DE:3F:51:9C:80:40:A6:75:32:04:7F:47:70:D7
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: C83065
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/n2fQ90lB3j9RnIBApnUyBH9HcNc.roa
Signing time: Tue 17 May 2022 10:34:30 +0000
ROA not before: Tue 17 May 2022 10:34:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 193.57.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13119589 (0xc83065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: May 17 10:34:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f67d0f74941de3f519c8040a67532047f4770d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ba:c8:8c:77:af:07:09:64:ee:b2:2b:4d:82:
3d:53:31:52:31:78:d5:17:60:0f:0b:d8:f5:ef:24:
f4:b9:a8:d0:68:34:02:d7:25:dd:9f:3d:c0:a5:ae:
da:d5:77:b5:a0:cd:5a:55:7e:b1:f1:d2:54:e1:c0:
89:d2:98:52:2a:20:09:28:bc:ca:42:34:45:07:1c:
4a:3b:87:46:cb:0f:34:b2:33:cd:d7:ea:bd:fe:1c:
e9:ef:8d:56:63:97:da:7b:0a:d4:58:bb:59:b5:3a:
e4:7c:f0:e2:5f:f0:11:33:46:66:ee:7c:b8:18:53:
ad:71:5b:df:a3:73:81:a4:56:f6:63:20:5a:82:0f:
b9:9e:dd:91:2e:69:27:e7:e4:8f:af:41:93:fa:aa:
98:fe:5d:16:3a:57:68:a4:1e:a9:e4:1c:0e:50:20:
77:94:c7:6f:18:a4:0a:06:f4:e7:f7:9b:0e:f4:c2:
a3:90:5f:9c:29:68:dc:c1:f9:e7:9d:61:bb:a2:3e:
ce:22:90:46:28:ac:b5:73:54:d8:b7:91:42:7f:c9:
96:13:54:30:01:60:a2:b8:2a:09:55:dc:3e:2a:27:
71:97:d6:c7:d2:8b:ee:44:24:ca:91:bc:8e:d5:13:
7f:84:ee:b1:30:ee:c0:8d:40:c3:24:47:f1:44:5e:
12:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:67:D0:F7:49:41:DE:3F:51:9C:80:40:A6:75:32:04:7F:47:70:D7
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/n2fQ90lB3j9RnIBApnUyBH9HcNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.27.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:83:b2:fe:9c:40:6d:ab:04:96:f6:ec:b8:58:a0:17:27:07:
da:dc:38:95:62:97:37:f3:61:b1:91:a1:05:ee:86:0c:4a:6a:
1b:4d:99:c8:32:05:d7:7f:eb:6c:c4:ae:5f:d0:cc:52:de:ea:
c0:b3:38:fb:ca:f8:6b:46:cd:2e:a4:19:8c:c6:9c:45:0b:8b:
12:a1:76:3e:cc:0a:f6:b6:63:8f:ee:f4:11:b7:aa:4a:17:16:
b4:94:93:72:14:15:1d:05:0a:9c:0b:11:65:67:66:06:3c:9d:
87:3b:fd:07:d0:f5:5e:35:19:fa:8f:bd:95:86:bd:02:8f:0f:
7b:b5:7e:7f:37:17:a0:69:37:7c:0a:fd:db:7b:da:d6:53:a5:
29:d1:17:d5:61:b1:8b:9f:9a:30:65:ed:25:8b:e3:44:10:b0:
27:fc:41:e6:95:d0:74:10:e8:73:11:6d:3e:59:d6:bd:52:7f:
43:80:b3:c6:0d:9e:87:c3:2c:37:c8:fa:81:00:46:91:fa:74:
00:9b:16:c0:76:6b:e1:03:59:b8:2a:34:98:8f:83:90:99:02:
a6:31:f2:4f:68:e5:3c:23:eb:9d:38:ae:af:21:f3:b7:cf:9e:
e3:01:09:b0:57:de:af:3c:16:20:d5:19:9c:28:bc:0f:1b:86:
08:72:04:28
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMgwZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjE0NWE4YmRmMmJjYTE1MGYyNWVkNTRhMjc3YjhmNjUzZWZkYjNlMB4XDTIyMDUx
NzEwMzQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY2N2QwZjc0OTQx
ZGUzZjUxOWM4MDQwYTY3NTMyMDQ3ZjQ3NzBkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOC6yIx3rwcJZO6yK02CPVMxUjF41RdgDwvY9e8k9Lmo0Gg0
Atcl3Z89wKWu2tV3taDNWlV+sfHSVOHAidKYUiogCSi8ykI0RQccSjuHRssPNLIz
zdfqvf4c6e+NVmOX2nsK1Fi7WbU65Hzw4l/wETNGZu58uBhTrXFb36NzgaRW9mMg
WoIPuZ7dkS5pJ+fkj69Bk/qqmP5dFjpXaKQeqeQcDlAgd5THbxikCgb05/ebDvTC
o5BfnClo3MH5551hu6I+ziKQRiistXNU2LeRQn/JlhNUMAFgorgqCVXcPioncZfW
x9KL7kQkypG8jtUTf4TusTDuwI1AwyRH8UReEm8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSfZ9D3SUHeP1GcgECmdTIEf0dw1zAfBgNVHSMEGDAWgBQrFFqL3yvKFQ8l
7VSid7j2U+/bPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t4UmFpOThyeWhVUEplMVVvbmU0OWxQdjJ6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvMGQ4YzhmLWZmMmMtNGRhOC1iNDQzLTMwNDBiZWQzY2NjZC8x
L24yZlE5MGxCM2o5Um5JQkFwblV5Qkg5SGNOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
MGQ4YzhmLWZmMmMtNGRhOC1iNDQzLTMwNDBiZWQzY2NjZC8xL0t4UmFpOThyeWhV
UEplMVVvbmU0OWxQdjJ6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5GzANBgkqhkiG9w0BAQsFAAOC
AQEAfoOy/pxAbasElvbsuFigFycH2tw4lWKXN/NhsZGhBe6GDEpqG02ZyDIF13/r
bMSuX9DMUt7qwLM4+8r4a0bNLqQZjMacRQuLEqF2PswK9rZjj+70EbeqShcWtJST
chQVHQUKnAsRZWdmBjydhzv9B9D1XjUZ+o+9lYa9Ao8Pe7V+fzcXoGk3fAr923va
1lOlKdEX1WGxi5+aMGXtJYvjRBCwJ/xB5pXQdBDocxFtPlnWvVJ/Q4Czxg2eh8Ms
N8j6gQBGkfp0AJsWwHZr4QNZuCo0mI+DkJkCpjHyT2jlPCPrnTiuryHzt8+e4wEJ
sFferzwWINUZnCi8DxuGCHIEKA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-ams.rpki-client.org