Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/qnTNsiP5ZdXITvb6bLMG-uR9GSw.roa
File: qnTNsiP5ZdXITvb6bLMG-uR9GSw.roa (raw, json)
Hash identifier: 2empOHlrayRp9pOtZLK4AfYMMHnS/khOgoWjc9rqa9M=
Subject key identifier: AA:74:CD:B2:23:F9:65:D5:C8:4E:F6:FA:6C:B3:06:FA:E4:7D:19:2C
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: EBB1DC
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/qnTNsiP5ZdXITvb6bLMG-uR9GSw.roa
Signing time: Mon 30 May 2022 08:14:13 +0000
ROA not before: Mon 30 May 2022 08:14:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 193.57.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15446492 (0xebb1dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: May 30 08:14:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa74cdb223f965d5c84ef6fa6cb306fae47d192c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5b:97:c1:82:41:44:d8:2e:c7:dd:ce:a5:6c:
5b:9f:97:f1:47:a5:2b:5a:bd:99:64:51:37:8a:ff:
f1:c7:8e:bd:e3:ea:f1:ba:25:5c:57:f0:de:ed:a6:
06:55:42:a0:a5:9e:48:d3:d1:6b:db:dc:25:0e:5c:
ab:d4:15:e7:84:1b:96:d0:b5:75:94:1f:a1:ca:9f:
9a:13:54:8a:54:cb:9c:e9:cb:e0:da:85:9f:81:92:
69:5e:6e:43:08:57:6c:a9:7c:8f:57:c3:3c:b0:8e:
58:f7:9d:7a:de:93:12:b9:1d:8b:0e:06:3c:d6:78:
12:d8:31:9b:13:cb:00:7f:02:af:27:34:c4:52:8b:
0d:e2:99:36:78:60:26:3f:1b:c9:2f:22:c4:dd:07:
7c:12:5a:db:c1:ad:58:31:d1:29:d5:ec:95:3a:e1:
79:9e:7d:82:02:b1:b4:f8:53:42:87:32:29:c3:a8:
59:ef:3c:6a:4b:aa:2d:26:bf:df:09:ae:e7:8d:83:
cb:46:79:45:a0:c6:16:38:cd:cd:f4:5e:a3:5a:80:
6f:23:96:38:35:38:b1:79:54:32:54:aa:f2:fe:35:
69:65:0b:fb:e9:68:60:ff:51:89:f3:e9:bd:7e:dc:
9c:96:22:27:0b:f7:01:5e:07:8f:fa:48:9e:37:8d:
a7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:74:CD:B2:23:F9:65:D5:C8:4E:F6:FA:6C:B3:06:FA:E4:7D:19:2C
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/qnTNsiP5ZdXITvb6bLMG-uR9GSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.27.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:5a:ea:ee:fb:f6:de:8b:0b:1e:bb:26:c2:98:de:2f:e8:fb:
21:ab:29:c5:ea:ad:c2:30:8d:df:9e:91:33:f8:68:14:53:a2:
ba:4b:0e:15:b9:29:6d:3a:56:a0:de:aa:b8:61:40:36:99:6a:
87:09:d0:97:39:12:b0:13:98:a0:6a:44:fb:e7:6f:26:f3:bc:
d9:12:70:75:4d:8a:31:60:42:7e:7b:5e:33:bf:36:90:cd:48:
2a:df:4d:ea:41:04:3f:e6:88:de:7d:a7:4d:a6:37:05:44:ee:
c2:c0:96:0a:d8:6b:4e:42:86:8c:72:d7:41:a8:3d:76:2e:44:
64:d9:22:d7:c7:63:de:b0:93:58:88:9d:a5:82:29:ed:93:c8:
4c:d5:52:e7:b4:40:5b:f5:23:2b:b9:c5:1f:ae:a0:97:b5:3f:
f0:cb:88:1b:14:e8:cf:f1:74:a2:ba:a0:ce:e8:13:d7:ea:bc:
f5:89:a6:d9:e3:3b:b5:7a:08:28:6b:55:01:55:b5:6b:32:b2:
7b:df:5e:81:32:77:e3:23:82:09:a5:ce:9d:ea:1c:c4:5b:2a:
38:14:f0:ff:41:3b:55:f9:7d:bb:f3:25:14:7c:05:20:7c:26:
47:58:b1:a3:f7:31:1e:ae:1e:9d:c4:8a:90:9c:ca:da:c2:de:
4b:cf:0e:32
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOux3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjE0NWE4YmRmMmJjYTE1MGYyNWVkNTRhMjc3YjhmNjUzZWZkYjNlMB4XDTIyMDUz
MDA4MTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE3NGNkYjIyM2Y5
NjVkNWM4NGVmNmZhNmNiMzA2ZmFlNDdkMTkyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpbl8GCQUTYLsfdzqVsW5+X8UelK1q9mWRRN4r/8ceOvePq
8bolXFfw3u2mBlVCoKWeSNPRa9vcJQ5cq9QV54QbltC1dZQfocqfmhNUilTLnOnL
4NqFn4GSaV5uQwhXbKl8j1fDPLCOWPedet6TErkdiw4GPNZ4EtgxmxPLAH8Cryc0
xFKLDeKZNnhgJj8byS8ixN0HfBJa28GtWDHRKdXslTrheZ59ggKxtPhTQocyKcOo
We88akuqLSa/3wmu542Dy0Z5RaDGFjjNzfReo1qAbyOWODU4sXlUMlSq8v41aWUL
++loYP9RifPpvX7cnJYiJwv3AV4Hj/pInjeNpyMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqdM2yI/ll1chO9vpsswb65H0ZLDAfBgNVHSMEGDAWgBQrFFqL3yvKFQ8l
7VSid7j2U+/bPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t4UmFpOThyeWhVUEplMVVvbmU0OWxQdjJ6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvMGQ4YzhmLWZmMmMtNGRhOC1iNDQzLTMwNDBiZWQzY2NjZC8x
L3FuVE5zaVA1WmRYSVR2YjZiTE1HLXVSOUdTdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
MGQ4YzhmLWZmMmMtNGRhOC1iNDQzLTMwNDBiZWQzY2NjZC8xL0t4UmFpOThyeWhV
UEplMVVvbmU0OWxQdjJ6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5GzANBgkqhkiG9w0BAQsFAAOC
AQEALVrq7vv23osLHrsmwpjeL+j7IaspxeqtwjCN356RM/hoFFOiuksOFbkpbTpW
oN6quGFANplqhwnQlzkSsBOYoGpE++dvJvO82RJwdU2KMWBCfnteM782kM1IKt9N
6kEEP+aI3n2nTaY3BUTuwsCWCthrTkKGjHLXQag9di5EZNki18dj3rCTWIidpYIp
7ZPITNVS57RAW/UjK7nFH66gl7U/8MuIGxToz/F0orqgzugT1+q89Ymm2eM7tXoI
KGtVAVW1azKye99egTJ34yOCCaXOneocxFsqOBTw/0E7Vfl9u/MlFHwFIHwmR1ix
o/cxHq4encSKkJzK2sLeS88OMg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:10 2023 by rpki-client on console-fra.rpki-client.org