Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a2E40om1rzAmiV-Zwi8-soIfsbY.roa
File: a2E40om1rzAmiV-Zwi8-soIfsbY.roa (raw, json)
Hash identifier: /+vZ70MrpE/A/11zX56xNMdbOrBsCHl45FUThQOWnPQ=
Subject key identifier: 6B:61:38:D2:89:B5:AF:30:26:89:5F:99:C2:2F:3E:B2:82:1F:B1:B6
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7BE6F61D93F2D3E2ABD14ADCAAC44
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a2E40om1rzAmiV-Zwi8-soIfsbY.roa
Signing time: Mon 02 Jan 2023 08:44:56 +0000
ROA not before: Mon 02 Jan 2023 08:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209889
IP address blocks: 194.56.212.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:be:6f:61:d9:3f:2d:3e:2a:bd:14:ad:ca:ac:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b6138d289b5af3026895f99c22f3eb2821fb1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:13:cc:fc:e3:9e:d3:3e:8b:f5:8e:80:0f:60:
4e:6c:ae:c6:54:32:b0:4a:ce:e8:9a:fb:a0:89:6f:
0f:89:fd:48:83:56:9d:86:a2:b2:c5:f8:86:f0:c1:
0e:16:e2:d7:6d:97:fe:49:bd:1c:b5:93:98:ba:55:
53:10:7a:cc:87:b4:35:bc:49:1e:76:6c:7b:c7:db:
d4:a3:4c:42:5a:f3:5f:72:50:22:3c:9f:1a:c2:aa:
c3:12:1b:bf:4f:55:4a:ae:ba:eb:73:55:bd:f7:6d:
0b:23:84:69:53:e8:38:d1:3a:62:d9:88:17:91:a3:
3e:ef:32:3f:03:25:99:26:80:aa:8d:89:6e:c2:c1:
6a:5f:6e:dc:d4:67:5e:1f:53:d8:e6:a1:fd:86:01:
52:d5:c1:ad:4d:2f:35:41:5d:1b:4c:ba:5b:64:24:
b1:b7:df:28:f4:3f:08:5a:a4:5f:5b:56:cc:8e:0a:
c2:4e:e1:ab:b6:6a:3c:bf:b2:a8:db:4c:b7:a7:10:
b8:95:59:b2:39:57:50:ee:c4:24:9d:ad:d6:40:13:
c4:e1:35:6d:8a:97:05:73:87:20:1c:ce:07:02:71:
8e:e3:70:78:e7:b9:20:05:13:58:4c:0a:4c:ef:62:
c1:cf:4a:bf:74:42:65:fa:9b:c3:d5:22:e4:46:40:
17:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:61:38:D2:89:B5:AF:30:26:89:5F:99:C2:2F:3E:B2:82:1F:B1:B6
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a2E40om1rzAmiV-Zwi8-soIfsbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.212.0/23
Signature Algorithm: sha256WithRSAEncryption
61:59:b6:b5:78:b7:c7:2d:54:71:be:44:2e:3d:c7:4c:b1:98:
93:9e:26:b9:83:df:39:e8:84:00:42:38:a9:f9:1f:38:27:a3:
e5:16:d5:b3:ab:d8:31:24:ea:66:b3:d9:be:b6:b4:1f:50:fd:
06:b6:d5:8d:32:af:b1:52:d6:9e:46:6e:65:d8:59:95:7b:bf:
27:d7:92:e4:dc:64:90:f8:93:16:ec:29:78:0e:69:21:d3:b2:
3b:61:db:51:58:e0:f0:85:b6:b5:35:c3:30:ec:c8:b2:a0:44:
cd:18:4c:37:72:5b:16:52:ba:6a:8c:7d:21:c3:f0:a0:c0:6c:
0b:c4:da:de:9c:40:45:15:52:a8:27:b2:82:fc:97:99:68:1e:
f4:db:e9:86:c3:3e:a7:d0:20:94:7b:e0:50:0d:fa:16:b7:ad:
38:d6:a5:ec:93:ef:38:e2:4b:83:29:f4:e4:42:32:e9:d6:15:
df:6d:c5:ca:27:0d:0b:29:20:2d:80:dd:b6:79:4c:2f:c7:23:
6b:fa:83:1d:cb:44:cd:cc:90:d8:b5:28:bb:70:2b:97:ec:56:
2b:6e:24:09:d8:15:49:32:41:2b:2b:fa:ad:82:e1:35:5c:e6:
1c:91:5c:c1:b5:af:db:9f:36:5b:16:0f:71:4f:d3:51:f3:3f:
ac:8f:3b:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp75vYdk/LT4qvRStyqxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjYxMzhkMjg5YjVhZjMwMjY4OTVmOTljMjJmM2ViMjgyMWZiMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hPM/OOe0z6L9Y6AD2BObK7GVDKw
Ss7omvugiW8Pif1Ig1adhqKyxfiG8MEOFuLXbZf+Sb0ctZOYulVTEHrMh7Q1vEke
dmx7x9vUo0xCWvNfclAiPJ8awqrDEhu/T1VKrrrrc1W9920LI4RpU+g40Tpi2YgX
kaM+7zI/AyWZJoCqjYluwsFqX27c1GdeH1PY5qH9hgFS1cGtTS81QV0bTLpbZCSx
t98o9D8IWqRfW1bMjgrCTuGrtmo8v7Ko20y3pxC4lVmyOVdQ7sQkna3WQBPE4TVt
ipcFc4cgHM4HAnGO43B457kgBRNYTApM72LBz0q/dEJl+pvD1SLkRkAXswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGthONKJta8wJolfmcIvPrKCH7G2MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYTJFNDBvbTFyekFtaVYtWndpOC1zb0lmc2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwjjUMA0G
CSqGSIb3DQEBCwUAA4IBAQBhWba1eLfHLVRxvkQuPcdMsZiTnia5g9856IQAQjip
+R84J6PlFtWzq9gxJOpms9m+trQfUP0GttWNMq+xUtaeRm5l2FmVe78n15Lk3GSQ
+JMW7Cl4Dmkh07I7YdtRWODwhba1NcMw7MiyoETNGEw3clsWUrpqjH0hw/CgwGwL
xNrenEBFFVKoJ7KC/JeZaB702+mGwz6n0CCUe+BQDfoWt6041qXsk+844kuDKfTk
QjLp1hXfbcXKJw0LKSAtgN22eUwvxyNr+oMdy0TNzJDYtSi7cCuX7FYrbiQJ2BVJ
MkErK/qtguE1XOYckVzBta/bnzZbFg9xT9NR8z+sjztm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org