Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/_gAJVRMSCXcaMIwoels3GlaA49w.roa
File: _gAJVRMSCXcaMIwoels3GlaA49w.roa (raw, json)
Hash identifier: 0PnP/2MfRefSaL4RHb8U1GQjvX42MDllCmzPuX3na4s=
Subject key identifier: FE:00:09:55:13:12:09:77:1A:30:8C:28:7A:5B:37:1A:56:80:E3:DC
Certificate issuer: /CN=eb317e1be7bb6f82cb9c34a096dc088f5f8f92ca
Certificate serial: 030F969F
Authority key identifier: EB:31:7E:1B:E7:BB:6F:82:CB:9C:34:A0:96:DC:08:8F:5F:8F:92:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zF-G-e7b4LLnDSgltwIj1-Pkso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/_gAJVRMSCXcaMIwoels3GlaA49w.roa
Signing time: Sat 01 Jan 2022 01:01:25 +0000
ROA not before: Sat 01 Jan 2022 01:01:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 194.50.82.0/24 maxlen: 24
194.50.52.0/24 maxlen: 24
194.50.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51353247 (0x30f969f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb317e1be7bb6f82cb9c34a096dc088f5f8f92ca
Validity
Not Before: Jan 1 01:01:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe000955131209771a308c287a5b371a5680e3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:af:de:03:2b:3c:09:d7:4f:aa:40:99:46:17:
e5:24:51:32:ab:ba:ef:85:84:e8:86:fb:dd:06:da:
29:e4:e6:e9:3d:c5:4d:44:84:77:60:3d:2a:2d:3f:
7f:47:24:e5:51:74:eb:4c:52:06:1c:64:2f:26:24:
77:05:05:a4:d6:d9:29:07:fc:cd:77:20:76:1e:a1:
39:bd:66:e5:e8:6a:28:95:57:7c:0a:a0:cb:50:6d:
90:62:45:3d:a2:7e:c8:ad:bb:31:c6:95:26:0f:46:
b9:c0:87:e4:ef:39:82:9b:f9:00:a7:fa:15:5f:12:
15:d8:f1:e1:b9:cd:b1:f3:a4:4b:45:86:77:ea:e6:
e4:65:53:dc:1a:8c:5d:d5:a1:54:fe:f7:aa:9a:85:
c4:48:4c:c7:51:ca:77:a6:ac:be:cd:c1:30:64:cd:
c0:31:48:48:81:0d:19:f7:5c:79:ec:9c:d1:36:c2:
46:80:49:3f:c5:67:31:00:a0:e4:68:56:1e:7e:11:
34:36:1d:3f:bf:c2:c8:71:ca:46:16:30:04:3a:51:
c7:e5:5f:b8:a6:91:1e:bd:87:c3:1d:28:3b:c4:9c:
b6:6d:4f:76:c3:15:8c:05:e1:9f:4c:9c:c8:90:e8:
9e:f7:d8:59:21:18:cc:06:d4:f8:d8:bd:ca:a2:10:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:00:09:55:13:12:09:77:1A:30:8C:28:7A:5B:37:1A:56:80:E3:DC
X509v3 Authority Key Identifier:
keyid:EB:31:7E:1B:E7:BB:6F:82:CB:9C:34:A0:96:DC:08:8F:5F:8F:92:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zF-G-e7b4LLnDSgltwIj1-Pkso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/_gAJVRMSCXcaMIwoels3GlaA49w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/6zF-G-e7b4LLnDSgltwIj1-Pkso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.52.0/24
194.50.59.0/24
194.50.82.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:06:ce:89:e1:b1:03:11:3f:2d:fc:e6:86:8c:ba:68:19:78:
5c:d8:9f:aa:3b:2a:da:69:27:3c:2c:25:e0:66:aa:2b:25:c9:
47:9d:44:13:5d:dd:27:9e:19:de:5c:37:b2:37:26:44:cd:06:
fe:53:ff:d6:93:06:88:02:5f:05:8d:61:36:dd:80:86:30:4a:
1f:ca:29:72:76:ae:0c:b7:52:7c:7c:b9:ec:b6:6f:22:88:83:
7e:57:ee:64:c1:fa:c4:5e:22:cc:cc:ce:e1:d4:ae:2e:28:7a:
e8:85:2a:5f:8d:b0:0f:17:ac:81:dd:94:fb:38:93:06:18:3e:
42:08:15:08:16:5d:92:06:2e:3b:60:e7:63:a9:f9:a5:28:27:
f0:ed:ad:e1:25:4d:64:80:90:d2:2b:37:63:38:f3:1e:25:6c:
b9:ba:05:dc:6d:9b:cc:4a:19:76:a1:ce:27:3d:08:a4:a1:56:
e6:26:d0:0a:61:f9:12:82:76:a1:08:57:89:90:0b:f0:33:96:
5b:73:df:6e:fb:e2:bf:72:ee:72:aa:6d:ff:69:40:01:9c:96:
51:c5:ee:91:1d:a0:e3:6e:b1:c8:73:a2:97:16:21:16:2e:0a:
9b:5f:3e:b4:d9:e1:4f:fe:ef:d6:c1:2c:5a:ec:49:f8:76:6a:
a7:76:67:bd
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAw+WnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjMxN2UxYmU3YmI2ZjgyY2I5YzM0YTA5NmRjMDg4ZjVmOGY5MmNhMB4XDTIyMDEw
MTAxMDEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmUwMDA5NTUxMzEy
MDk3NzFhMzA4YzI4N2E1YjM3MWE1NjgwZTNkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqv3gMrPAnXT6pAmUYX5SRRMqu674WE6Ib73QbaKeTm6T3F
TUSEd2A9Ki0/f0ck5VF060xSBhxkLyYkdwUFpNbZKQf8zXcgdh6hOb1m5ehqKJVX
fAqgy1BtkGJFPaJ+yK27McaVJg9GucCH5O85gpv5AKf6FV8SFdjx4bnNsfOkS0WG
d+rm5GVT3BqMXdWhVP73qpqFxEhMx1HKd6asvs3BMGTNwDFISIENGfdceeyc0TbC
RoBJP8VnMQCg5GhWHn4RNDYdP7/CyHHKRhYwBDpRx+VfuKaRHr2Hwx0oO8Sctm1P
dsMVjAXhn0ycyJDonvfYWSEYzAbU+Ni9yqIQnOcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBT+AAlVExIJdxowjCh6WzcaVoDj3DAfBgNVHSMEGDAWgBTrMX4b57tvgsuc
NKCW3AiPX4+SyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZ6Ri1HLWU3YjRMTG5EU2dsdHdJajEtUGtzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvYjRmYWI1LWFhMDEtNGE3MC04OGQwLWZiZDliZjYyMmY0NC8x
L19nQUpWUk1TQ1hjYU1Jd29lbHMzR2xhQTQ5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
YjRmYWI1LWFhMDEtNGE3MC04OGQwLWZiZDliZjYyMmY0NC8xLzZ6Ri1HLWU3YjRM
TG5EU2dsdHdJajEtUGtzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMIyNAMEAMIyOwMEAMIyUjANBgkq
hkiG9w0BAQsFAAOCAQEAngbOieGxAxE/Lfzmhoy6aBl4XNifqjsq2mknPCwl4Gaq
KyXJR51EE13dJ54Z3lw3sjcmRM0G/lP/1pMGiAJfBY1hNt2AhjBKH8opcnauDLdS
fHy57LZvIoiDflfuZMH6xF4izMzO4dSuLih66IUqX42wDxesgd2U+ziTBhg+QggV
CBZdkgYuO2DnY6n5pSgn8O2t4SVNZICQ0is3YzjzHiVsuboF3G2bzEoZdqHOJz0I
pKFW5ibQCmH5EoJ2oQhXiZAL8DOWW3Pfbvviv3Lucqpt/2lAAZyWUcXukR2g426x
yHOilxYhFi4Km18+tNnhT/7v1sEsWuxJ+HZqp3ZnvQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:03 2023 by rpki-client on console-ams.rpki-client.org