Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/P6L3q6LxpkvBauyvgTPTXbv9Caw.roa
File: P6L3q6LxpkvBauyvgTPTXbv9Caw.roa (raw, json)
Hash identifier: fKqMnxX/gGmfjfqDSVROJ9rzkKQIZhAtv7Qx4q2ElmA=
Subject key identifier: 3F:A2:F7:AB:A2:F1:A6:4B:C1:6A:EC:AF:81:33:D3:5D:BB:FD:09:AC
Certificate issuer: /CN=eb317e1be7bb6f82cb9c34a096dc088f5f8f92ca
Certificate serial: 030E8723
Authority key identifier: EB:31:7E:1B:E7:BB:6F:82:CB:9C:34:A0:96:DC:08:8F:5F:8F:92:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zF-G-e7b4LLnDSgltwIj1-Pkso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/P6L3q6LxpkvBauyvgTPTXbv9Caw.roa
Signing time: Sat 01 Jan 2022 01:01:24 +0000
ROA not before: Sat 01 Jan 2022 01:01:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 194.50.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51283747 (0x30e8723)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb317e1be7bb6f82cb9c34a096dc088f5f8f92ca
Validity
Not Before: Jan 1 01:01:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fa2f7aba2f1a64bc16aecaf8133d35dbbfd09ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dc:20:3e:e2:52:b7:ec:be:ad:7b:c3:e9:0a:
e0:c6:e2:0e:35:c7:c0:9e:e8:3c:8a:b2:f2:98:9e:
d2:17:86:a9:d0:f8:35:34:fc:14:c0:bb:b5:cd:42:
a9:79:71:95:65:e6:cc:91:21:84:d9:84:1a:13:3a:
b8:15:c7:3d:75:e0:18:1e:1d:5b:96:fa:3b:6b:43:
7d:64:93:55:8b:e1:33:7f:0b:7a:0f:d8:4f:9a:6c:
49:28:30:87:06:e4:6f:79:12:c5:4d:7e:31:20:85:
e7:6e:0e:9e:4a:1a:f1:1a:e1:d3:64:bf:1e:0e:6d:
0e:15:fe:47:10:da:de:4d:06:fc:06:a4:74:f4:3d:
49:7c:fb:8d:e0:d8:85:86:11:8b:29:72:fc:ef:2d:
49:23:50:e1:a8:b2:e4:b6:fd:32:99:df:8a:1f:6b:
24:7e:b3:06:f8:ac:39:5c:3f:3a:84:ce:29:43:c7:
5c:d4:7f:23:9c:2b:ce:ce:ad:8b:b9:d8:d6:93:88:
d7:91:b6:4d:a1:aa:47:4f:e6:fa:0e:9e:5c:51:ee:
85:47:b6:df:d7:9f:c1:56:e3:ea:66:5d:04:d1:89:
31:8b:5c:11:2b:42:5c:6d:0f:d6:fb:5b:b6:16:29:
c5:1c:2e:15:46:9a:b2:88:b3:1e:35:f3:90:7c:0f:
0a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A2:F7:AB:A2:F1:A6:4B:C1:6A:EC:AF:81:33:D3:5D:BB:FD:09:AC
X509v3 Authority Key Identifier:
keyid:EB:31:7E:1B:E7:BB:6F:82:CB:9C:34:A0:96:DC:08:8F:5F:8F:92:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zF-G-e7b4LLnDSgltwIj1-Pkso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/P6L3q6LxpkvBauyvgTPTXbv9Caw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/6zF-G-e7b4LLnDSgltwIj1-Pkso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.74.0/24
Signature Algorithm: sha256WithRSAEncryption
00:18:9f:06:61:92:cd:3b:8c:60:90:61:34:88:4a:cb:5a:f6:
14:8d:cd:de:c4:99:b5:ac:5c:e7:dd:bd:ce:27:83:ee:45:6b:
9a:6d:0b:ac:1e:9c:5e:48:5b:18:32:ff:82:f4:c3:d6:20:ef:
a6:a7:94:d9:60:0a:aa:fe:74:c3:7b:6a:80:50:fe:63:80:0b:
dd:5c:e4:6e:d2:84:c8:37:27:99:22:ae:86:7f:16:38:99:e4:
a8:ab:7e:a4:17:2c:08:68:7c:12:88:7a:0d:a2:19:d2:da:50:
6c:b6:a2:b8:6a:68:3c:7a:10:b2:f1:ea:ce:45:84:08:2b:f8:
70:a0:e3:ae:da:72:d3:96:cd:d3:4a:5c:96:33:2a:56:de:ad:
59:61:8c:68:c0:f3:0e:b2:a8:76:56:c6:6f:f9:bc:2f:70:32:
be:51:dc:28:b9:ec:8f:04:f6:5c:46:ff:8d:c0:49:53:51:bf:
a9:a9:ad:88:30:de:b4:cf:31:59:58:13:d3:6d:63:d7:39:0e:
c8:6d:c8:67:01:40:69:3d:eb:8d:5c:9e:19:94:8d:db:5d:aa:
3d:0e:29:05:1b:86:f7:6e:d1:91:b3:31:1d:62:f2:07:3e:7d:
68:08:75:44:91:45:30:e7:4f:f1:08:e7:f5:6a:85:8c:08:4f:
d6:f6:f7:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAw6HIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjMxN2UxYmU3YmI2ZjgyY2I5YzM0YTA5NmRjMDg4ZjVmOGY5MmNhMB4XDTIyMDEw
MTAxMDEyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZhMmY3YWJhMmYx
YTY0YmMxNmFlY2FmODEzM2QzNWRiYmZkMDlhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvcID7iUrfsvq17w+kK4MbiDjXHwJ7oPIqy8pie0heGqdD4
NTT8FMC7tc1CqXlxlWXmzJEhhNmEGhM6uBXHPXXgGB4dW5b6O2tDfWSTVYvhM38L
eg/YT5psSSgwhwbkb3kSxU1+MSCF524Onkoa8Rrh02S/Hg5tDhX+RxDa3k0G/Aak
dPQ9SXz7jeDYhYYRiyly/O8tSSNQ4aiy5Lb9Mpnfih9rJH6zBvisOVw/OoTOKUPH
XNR/I5wrzs6ti7nY1pOI15G2TaGqR0/m+g6eXFHuhUe239efwVbj6mZdBNGJMYtc
EStCXG0P1vtbthYpxRwuFUaasoizHjXzkHwPCksCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/overovGmS8Fq7K+BM9Ndu/0JrDAfBgNVHSMEGDAWgBTrMX4b57tvgsuc
NKCW3AiPX4+SyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZ6Ri1HLWU3YjRMTG5EU2dsdHdJajEtUGtzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvYjRmYWI1LWFhMDEtNGE3MC04OGQwLWZiZDliZjYyMmY0NC8x
L1A2TDNxNkx4cGt2QmF1eXZnVFBUWGJ2OUNhdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
YjRmYWI1LWFhMDEtNGE3MC04OGQwLWZiZDliZjYyMmY0NC8xLzZ6Ri1HLWU3YjRM
TG5EU2dsdHdJajEtUGtzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIySjANBgkqhkiG9w0BAQsFAAOC
AQEAABifBmGSzTuMYJBhNIhKy1r2FI3N3sSZtaxc5929zieD7kVrmm0LrB6cXkhb
GDL/gvTD1iDvpqeU2WAKqv50w3tqgFD+Y4AL3VzkbtKEyDcnmSKuhn8WOJnkqKt+
pBcsCGh8Eoh6DaIZ0tpQbLaiuGpoPHoQsvHqzkWECCv4cKDjrtpy05bN00pcljMq
Vt6tWWGMaMDzDrKodlbGb/m8L3AyvlHcKLnsjwT2XEb/jcBJU1G/qamtiDDetM8x
WVgT021j1zkOyG3IZwFAaT3rjVyeGZSN212qPQ4pBRuG927RkbMxHWLyBz59aAh1
RJFFMOdP8Qjn9WqFjAhP1vb3+Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:03 2023 by rpki-client on console-ams.rpki-client.org