Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4VmOUBTytINpsz3LCY_dVGLFNnw.roa
File: 4VmOUBTytINpsz3LCY_dVGLFNnw.roa (raw, json)
Hash identifier: wdpBrSorXyeKme9CQHlRfKkqdj2/nbs9OdwvUP9oIVA=
Subject key identifier: E1:59:8E:50:14:F2:B4:83:69:B3:3D:CB:09:8F:DD:54:62:C5:36:7C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 13A21409
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4VmOUBTytINpsz3LCY_dVGLFNnw.roa
Signing time: Tue 04 Jan 2022 16:54:47 +0000
ROA not before: Tue 04 Jan 2022 16:54:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209889
IP address blocks: 194.56.212.0/23 maxlen: 23
194.56.152.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 329389065 (0x13a21409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 4 16:54:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1598e5014f2b48369b33dcb098fdd5462c5367c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a2:7b:03:c8:e0:19:c4:cc:57:76:6a:b9:3b:
f2:30:e3:ad:d0:25:9a:4a:41:ba:76:e6:87:0f:40:
69:57:1e:56:e3:7f:6e:d8:58:e9:f0:d1:3f:bb:d7:
bc:ef:27:d2:40:c7:dc:44:36:b1:4d:19:ff:18:37:
14:9a:0e:03:0f:e9:5d:0f:63:2c:8b:75:87:34:4c:
88:fa:de:db:f5:72:e1:31:b9:3c:d1:14:b4:95:f2:
e2:8e:4d:4c:c5:aa:4a:0d:e7:fc:47:c1:fc:55:aa:
7b:25:89:14:8b:c0:07:de:a5:46:d4:24:51:ef:29:
55:e3:1c:98:a8:f3:11:4a:c4:a5:82:79:26:74:02:
7b:bc:47:b5:a0:f3:c1:8f:b3:9d:64:82:0a:56:35:
4c:a5:be:a4:dd:35:cc:6c:23:f7:15:78:bc:66:8b:
e5:a1:3c:47:97:b8:16:f7:22:08:7e:58:8a:54:20:
56:92:a5:0e:1b:97:63:cc:98:4a:c3:c0:ac:4b:c8:
a8:1b:eb:9c:34:5a:6f:c6:5f:91:96:04:fd:d9:ad:
01:a8:29:77:2f:28:f4:b2:a3:66:3a:2f:ae:e6:83:
5a:3e:e0:59:9d:92:8f:b8:03:2c:ab:8b:38:a2:8b:
70:f5:bb:cf:f2:dd:ce:64:6b:2d:2d:59:c7:47:d9:
a1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:59:8E:50:14:F2:B4:83:69:B3:3D:CB:09:8F:DD:54:62:C5:36:7C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4VmOUBTytINpsz3LCY_dVGLFNnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.152.0/23
194.56.212.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:10:83:3d:02:75:fe:d6:e5:bc:f3:f8:99:d2:dc:b9:76:26:
0b:51:cc:f4:0e:4f:b1:73:fb:74:18:1d:99:7f:4a:d3:1a:c8:
f2:66:89:43:58:08:f6:00:bb:93:cd:94:8d:73:54:2e:72:93:
ce:cc:e0:4f:cf:09:19:0f:6f:12:06:9f:b2:c5:c7:c1:fa:72:
38:7a:7b:6d:e5:9c:06:d1:53:9a:00:64:88:07:f1:dc:8e:6d:
a5:4c:66:80:8f:30:a8:4a:07:87:65:c5:69:cd:85:de:bb:99:
ec:10:86:c4:a2:35:57:3f:22:ad:9c:d2:74:60:99:92:c1:8c:
ce:6e:55:c6:c8:fa:b7:0d:32:2b:66:b4:2d:23:88:0e:32:94:
e7:42:8c:57:2f:d2:23:ff:dd:22:e7:06:fd:37:6a:4f:08:65:
ff:65:1b:ec:59:ac:75:39:9f:d8:0c:2e:b5:5e:f0:84:c0:aa:
50:6d:f9:dd:f4:54:13:ca:51:75:a3:76:0c:55:2d:67:4d:a5:
b5:dc:b5:a4:e7:7b:c0:fc:66:f5:48:ee:14:27:bf:ff:71:95:
86:39:92:79:48:42:9b:a9:57:75:31:ea:2f:18:e5:96:86:c4:
32:0c:a9:24:c9:cd:c6:aa:27:e3:e4:40:40:56:ff:9d:4b:01:
17:93:7c:56
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEE6IUCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
NDE2NTQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE1OThlNTAxNGYy
YjQ4MzY5YjMzZGNiMDk4ZmRkNTQ2MmM1MzY3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6iewPI4BnEzFd2ark78jDjrdAlmkpBunbmhw9AaVceVuN/
bthY6fDRP7vXvO8n0kDH3EQ2sU0Z/xg3FJoOAw/pXQ9jLIt1hzRMiPre2/Vy4TG5
PNEUtJXy4o5NTMWqSg3n/EfB/FWqeyWJFIvAB96lRtQkUe8pVeMcmKjzEUrEpYJ5
JnQCe7xHtaDzwY+znWSCClY1TKW+pN01zGwj9xV4vGaL5aE8R5e4FvciCH5YilQg
VpKlDhuXY8yYSsPArEvIqBvrnDRab8ZfkZYE/dmtAagpdy8o9LKjZjovruaDWj7g
WZ2Sj7gDLKuLOKKLcPW7z/LdzmRrLS1Zx0fZoR0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBThWY5QFPK0g2mzPcsJj91UYsU2fDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
LzRWbU9VQlR5dElOcHN6M0xDWV9kVkdMRk5udy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcI4mAMEAcI41DANBgkqhkiG9w0B
AQsFAAOCAQEAoBCDPQJ1/tblvPP4mdLcuXYmC1HM9A5PsXP7dBgdmX9K0xrI8maJ
Q1gI9gC7k82UjXNULnKTzszgT88JGQ9vEgafssXHwfpyOHp7beWcBtFTmgBkiAfx
3I5tpUxmgI8wqEoHh2XFac2F3ruZ7BCGxKI1Vz8irZzSdGCZksGMzm5Vxsj6tw0y
K2a0LSOIDjKU50KMVy/SI//dIucG/TdqTwhl/2Ub7FmsdTmf2AwutV7whMCqUG35
3fRUE8pRdaN2DFUtZ02ltdy1pOd7wPxm9UjuFCe//3GVhjmSeUhCm6lXdTHqLxjl
lobEMgypJMnNxqon4+RAQFb/nUsBF5N8Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:25 2024 by rpki-client on console-ams.rpki-client.org