Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/cXlEwXwvQ_G4IRwaohwP6DeYPgE.roa
File: cXlEwXwvQ_G4IRwaohwP6DeYPgE.roa (raw, json)
Hash identifier: 6WhSGxnqC9f+/RxoFqX+EDBINoMg7AvRjXJcx4hg3Po=
Subject key identifier: 71:79:44:C1:7C:2F:43:F1:B8:21:1C:1A:A2:1C:0F:E8:37:98:3E:01
Certificate issuer: /CN=eb317e1be7bb6f82cb9c34a096dc088f5f8f92ca
Certificate serial: 0421CAF1
Authority key identifier: EB:31:7E:1B:E7:BB:6F:82:CB:9C:34:A0:96:DC:08:8F:5F:8F:92:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zF-G-e7b4LLnDSgltwIj1-Pkso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/cXlEwXwvQ_G4IRwaohwP6DeYPgE.roa
Signing time: Thu 28 Apr 2022 15:15:25 +0000
ROA not before: Thu 28 Apr 2022 15:15:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202709
IP address blocks: 194.50.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69323505 (0x421caf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb317e1be7bb6f82cb9c34a096dc088f5f8f92ca
Validity
Not Before: Apr 28 15:15:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=717944c17c2f43f1b8211c1aa21c0fe837983e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a9:6f:52:9c:eb:8a:ba:e5:d2:16:f0:f6:b3:
57:52:49:f4:fb:78:63:9a:02:5b:91:24:e7:55:d8:
9a:3d:62:d6:17:19:14:70:f9:67:80:43:5a:e6:fb:
fc:26:37:99:05:3e:a9:5b:d7:d1:63:88:4c:a5:1d:
80:d6:d1:9c:e5:35:7a:8c:b4:61:e9:7a:21:0f:09:
6d:2a:c7:6b:74:54:12:4d:26:e8:cf:c0:e9:04:b4:
4e:fb:bc:e7:33:fa:9c:54:fc:d9:29:19:75:14:06:
b5:93:1b:61:4f:9f:38:c1:be:9f:85:09:91:fd:a3:
e4:5b:8b:98:e6:7f:5b:b9:42:ab:c3:ad:6d:6c:19:
93:c3:b7:8e:ba:ab:f6:e1:52:d3:8c:59:39:56:cd:
31:de:a9:5b:3c:6c:fd:e5:7f:86:c0:62:0c:5f:04:
a7:93:ee:ce:81:e6:3f:1f:7b:1a:aa:25:d7:c7:d9:
29:7d:62:33:81:73:50:6d:d5:52:00:be:e9:9e:93:
e3:41:d8:b5:1b:e5:7e:e0:33:f9:0f:88:55:d6:d2:
8a:13:e9:ce:8e:a9:be:64:e0:10:6f:ca:4f:64:fb:
6a:18:65:48:57:3c:49:b5:11:1d:e2:2c:9f:07:ac:
01:1a:b9:79:94:a8:ea:0e:1a:c0:a0:23:9e:f1:6c:
a5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:79:44:C1:7C:2F:43:F1:B8:21:1C:1A:A2:1C:0F:E8:37:98:3E:01
X509v3 Authority Key Identifier:
keyid:EB:31:7E:1B:E7:BB:6F:82:CB:9C:34:A0:96:DC:08:8F:5F:8F:92:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zF-G-e7b4LLnDSgltwIj1-Pkso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/cXlEwXwvQ_G4IRwaohwP6DeYPgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b4fab5-aa01-4a70-88d0-fbd9bf622f44/1/6zF-G-e7b4LLnDSgltwIj1-Pkso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.74.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:3c:f3:bc:b8:9b:f9:47:98:c3:1c:d6:76:60:59:b4:51:77:
c2:fc:a6:16:cb:49:b9:2c:9f:c8:eb:12:90:f1:92:e8:68:c2:
40:d2:6b:d6:19:74:ca:13:af:de:f2:7b:f9:d0:f0:c2:4e:73:
8e:4b:11:9b:e9:ac:2d:fb:19:87:fb:fa:57:dc:bb:a7:48:a5:
8a:4b:d1:b8:0c:d5:06:b7:3c:f1:fe:eb:ae:3a:4c:46:c0:1f:
24:6c:a1:8f:31:77:61:7e:5a:57:87:9f:c1:23:ed:a7:55:ee:
35:5b:8c:c6:59:32:ab:75:71:ce:ee:1f:7c:9d:de:88:dd:ab:
06:d9:93:0a:63:0b:cb:08:08:d3:73:b3:a9:7b:f3:06:87:3f:
7f:27:b4:fc:e3:6f:c1:64:49:48:06:7a:35:74:f5:6d:1d:5d:
4a:fd:72:41:88:6d:7a:7d:fc:92:e1:13:52:e2:83:56:e2:78:
5a:97:80:13:5c:ae:60:0b:49:52:f7:b8:f8:b3:f8:65:fe:77:
ba:29:34:20:e8:39:c5:ff:6a:e8:6b:d8:47:7e:3b:9a:36:b6:
5f:b1:24:9c:af:fe:a6:70:ad:e7:9c:d0:76:a1:d5:81:b0:e8:
1f:8d:01:30:d2:38:f9:aa:88:fc:13:eb:4d:41:e3:8a:3a:d5:
72:2e:67:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCHK8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjMxN2UxYmU3YmI2ZjgyY2I5YzM0YTA5NmRjMDg4ZjVmOGY5MmNhMB4XDTIyMDQy
ODE1MTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE3OTQ0YzE3YzJm
NDNmMWI4MjExYzFhYTIxYzBmZTgzNzk4M2UwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI6pb1Kc64q65dIW8PazV1JJ9Pt4Y5oCW5Ek51XYmj1i1hcZ
FHD5Z4BDWub7/CY3mQU+qVvX0WOITKUdgNbRnOU1eoy0Yel6IQ8JbSrHa3RUEk0m
6M/A6QS0Tvu85zP6nFT82SkZdRQGtZMbYU+fOMG+n4UJkf2j5FuLmOZ/W7lCq8Ot
bWwZk8O3jrqr9uFS04xZOVbNMd6pWzxs/eV/hsBiDF8Ep5PuzoHmPx97Gqol18fZ
KX1iM4FzUG3VUgC+6Z6T40HYtRvlfuAz+Q+IVdbSihPpzo6pvmTgEG/KT2T7ahhl
SFc8SbURHeIsnwesARq5eZSo6g4awKAjnvFspX0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxeUTBfC9D8bghHBqiHA/oN5g+ATAfBgNVHSMEGDAWgBTrMX4b57tvgsuc
NKCW3AiPX4+SyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZ6Ri1HLWU3YjRMTG5EU2dsdHdJajEtUGtzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvYjRmYWI1LWFhMDEtNGE3MC04OGQwLWZiZDliZjYyMmY0NC8x
L2NYbEV3WHd2UV9HNElSd2FvaHdQNkRlWVBnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
YjRmYWI1LWFhMDEtNGE3MC04OGQwLWZiZDliZjYyMmY0NC8xLzZ6Ri1HLWU3YjRM
TG5EU2dsdHdJajEtUGtzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIySjANBgkqhkiG9w0BAQsFAAOC
AQEAPzzzvLib+UeYwxzWdmBZtFF3wvymFstJuSyfyOsSkPGS6GjCQNJr1hl0yhOv
3vJ7+dDwwk5zjksRm+msLfsZh/v6V9y7p0ilikvRuAzVBrc88f7rrjpMRsAfJGyh
jzF3YX5aV4efwSPtp1XuNVuMxlkyq3Vxzu4ffJ3eiN2rBtmTCmMLywgI03OzqXvz
Boc/fye0/ONvwWRJSAZ6NXT1bR1dSv1yQYhten38kuETUuKDVuJ4WpeAE1yuYAtJ
Uve4+LP4Zf53uik0IOg5xf9q6GvYR347mja2X7EknK/+pnCt55zQdqHVgbDoH40B
MNI4+aqI/BPrTUHjijrVci5nng==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:18 2023 by rpki-client on console-fra.rpki-client.org