Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Sc_5nrkKtR_qJwAHiVCECkHtiV8.roa
File: Sc_5nrkKtR_qJwAHiVCECkHtiV8.roa (raw, json)
Hash identifier: FNqt/Uz1RXG/oEVQl1ECZN3RRmjx3sqMkDrv3UczRME=
Subject key identifier: 49:CF:F9:9E:B9:0A:B5:1F:EA:27:00:07:89:50:84:0A:41:ED:89:5F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB3BBA0012229438C87C2C5A100FB7
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Sc_5nrkKtR_qJwAHiVCECkHtiV8.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209889
IP address blocks: 194.56.212.0/23 maxlen: 23
194.56.152.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3b:ba:00:12:22:94:38:c8:7c:2c:5a:10:0f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49cff99eb90ab51fea2700078950840a41ed895f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:94:10:82:61:5b:ab:25:d4:c7:80:a3:9d:89:
f9:3c:5b:f3:f4:b1:65:68:f6:c3:5f:db:eb:d0:cb:
1b:63:5d:9a:c1:3e:47:15:c8:6d:78:e2:fe:a7:a2:
34:95:ee:e9:09:39:6b:54:30:fb:2f:b2:ba:4d:b3:
2a:1f:21:cd:1f:5e:9d:ea:eb:3e:75:04:77:cd:03:
e5:5f:8d:e9:57:23:99:68:5b:31:6a:47:74:e7:84:
91:81:f4:f4:b7:e3:38:dc:be:5c:0d:e5:59:39:62:
59:a0:b9:23:c4:7f:f9:33:d3:74:44:63:f4:dc:69:
13:2c:94:6f:76:ab:e7:f8:11:17:9f:da:a8:64:f3:
e4:d1:6c:8f:d5:32:33:3c:62:69:59:97:25:ee:49:
5f:6e:1a:00:fe:6e:ab:a5:b6:e4:95:bf:fc:bc:55:
df:8d:77:28:c9:8d:bc:ae:f9:c9:65:c4:34:64:53:
00:60:63:b0:63:ad:48:bc:07:9a:18:da:94:3f:06:
e0:41:3d:1b:df:f5:a6:88:f7:66:e9:05:1a:f7:58:
6f:17:cf:e6:41:a5:86:d5:22:50:33:6f:45:1a:4f:
ff:22:fb:e9:ea:f3:13:3e:f7:f3:98:34:ac:ec:06:
7f:7e:28:7e:2c:a7:54:17:92:78:49:d4:f4:3a:9a:
e5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CF:F9:9E:B9:0A:B5:1F:EA:27:00:07:89:50:84:0A:41:ED:89:5F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Sc_5nrkKtR_qJwAHiVCECkHtiV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.152.0/23
194.56.212.0/23
Signature Algorithm: sha256WithRSAEncryption
41:c1:b0:25:88:3c:3b:b5:24:8e:75:70:f5:ca:7c:3f:a8:64:
0b:d5:74:45:17:05:17:fb:a2:b6:f2:11:94:d0:d8:3c:a0:0a:
ba:c8:51:5d:f3:45:8e:0e:f7:58:04:84:e2:ff:61:cb:be:9f:
ff:75:0d:c7:14:5e:3b:21:54:66:57:86:5c:3a:d7:f0:9b:f2:
b5:77:5b:5f:5b:de:e8:7c:3b:cd:1e:d3:5a:20:9f:d2:b3:16:
33:d5:5e:89:27:c5:f9:fb:b1:7b:64:81:92:44:55:54:5c:a2:
ea:26:4b:e6:66:55:1b:1d:28:73:2f:d0:ef:92:df:5f:13:f4:
3f:ab:54:fc:56:a2:5c:f1:07:be:31:19:ff:47:c7:bc:a2:40:
c8:9c:f7:95:7b:4a:21:81:e5:b1:8f:4f:89:3d:1a:ec:8d:78:
29:ab:9b:e1:d5:f9:ef:da:3b:29:66:96:ff:ec:fe:76:3c:b8:
d6:93:14:df:a1:c9:5b:a3:c5:76:94:40:9d:5f:32:1b:b8:78:
f1:32:fe:78:9b:0c:31:ae:97:84:43:a5:65:f3:65:f4:9d:29:
0f:00:28:d6:ed:cd:6e:8f:b2:fe:93:bd:99:c6:c3:c2:94:e9:
12:2c:07:d7:d3:ef:1d:2e:45:03:20:27:c0:f9:84:40:a4:32:
19:4a:a5:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2zu6ABIilDjIfCxaEA+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWNmZjk5ZWI5MGFiNTFmZWEyNzAwMDc4OTUwODQwYTQxZWQ4OTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZQQgmFbqyXUx4CjnYn5PFvz9LFl
aPbDX9vr0MsbY12awT5HFchteOL+p6I0le7pCTlrVDD7L7K6TbMqHyHNH16d6us+
dQR3zQPlX43pVyOZaFsxakd054SRgfT0t+M43L5cDeVZOWJZoLkjxH/5M9N0RGP0
3GkTLJRvdqvn+BEXn9qoZPPk0WyP1TIzPGJpWZcl7klfbhoA/m6rpbbklb/8vFXf
jXcoyY28rvnJZcQ0ZFMAYGOwY61IvAeaGNqUPwbgQT0b3/WmiPdm6QUa91hvF8/m
QaWG1SJQM29FGk//Ivvp6vMTPvfzmDSs7AZ/fih+LKdUF5J4SdT0OprlSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEnP+Z65CrUf6icAB4lQhApB7YlfMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvU2NfNW5ya0t0Ul9xSndBSGlWQ0VDa0h0aVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwjiYAwQB
wjjUMA0GCSqGSIb3DQEBCwUAA4IBAQBBwbAliDw7tSSOdXD1ynw/qGQL1XRFFwUX
+6K28hGU0Ng8oAq6yFFd80WODvdYBITi/2HLvp//dQ3HFF47IVRmV4ZcOtfwm/K1
d1tfW97ofDvNHtNaIJ/SsxYz1V6JJ8X5+7F7ZIGSRFVUXKLqJkvmZlUbHShzL9Dv
kt9fE/Q/q1T8VqJc8Qe+MRn/R8e8okDInPeVe0ohgeWxj0+JPRrsjXgpq5vh1fnv
2jspZpb/7P52PLjWkxTfoclbo8V2lECdXzIbuHjxMv54mwwxrpeEQ6Vl82X0nSkP
ACjW7c1uj7L+k72ZxsPClOkSLAfX0+8dLkUDICfA+YRApDIZSqXk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org