Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/dZO7mXMPdZjJDmFoBVgA1PWVq6E.roa
File: dZO7mXMPdZjJDmFoBVgA1PWVq6E.roa (raw, json)
Hash identifier: y6TznXzPxeQklLaN5sZV2TFJbwGq3SpQSnNfIrKivzU=
Subject key identifier: 75:93:BB:99:73:0F:75:98:C9:0E:61:68:05:58:00:D4:F5:95:AB:A1
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 0181D796BAFF45A9A14A054057DAAB9201C2
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/dZO7mXMPdZjJDmFoBVgA1PWVq6E.roa
Signing time: Thu 07 Jul 2022 07:36:28 +0000
ROA not before: Thu 07 Jul 2022 07:36:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 193.46.81.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d7:96:ba:ff:45:a9:a1:4a:05:40:57:da:ab:92:01:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jul 7 07:36:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7593bb99730f7598c90e6168055800d4f595aba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:76:21:2a:86:83:50:66:8c:56:e5:36:0a:4f:
94:cb:8d:f5:97:9b:2a:40:aa:49:3c:10:f4:fc:2c:
31:c4:dd:bc:c9:87:17:58:00:fa:81:f0:7a:25:06:
ea:cd:b3:fa:3c:70:58:11:9a:f1:49:e3:32:66:b6:
a4:9e:ae:de:60:89:f4:ef:15:7b:ea:15:19:39:b0:
c4:b6:bd:c0:15:bc:98:df:48:c7:87:39:93:8e:59:
6b:7d:5b:86:33:d1:7c:86:eb:8f:e5:32:29:29:67:
b8:a1:02:60:0d:a9:2f:fe:d0:62:28:ef:6b:5a:04:
eb:26:d1:a0:ad:c9:10:9c:cf:63:0e:11:91:8b:90:
90:3c:8a:b0:10:5a:95:77:76:48:ee:88:78:29:f0:
dc:7d:99:19:05:6a:59:62:8b:3d:19:7d:3a:8f:19:
19:15:19:d8:90:e9:c4:be:9f:1a:67:25:20:13:89:
b6:46:e2:bc:fa:f3:8a:4e:bf:d3:04:bb:ff:f9:76:
65:f9:07:77:02:ab:dc:79:6a:74:d9:60:54:3c:6d:
e0:3f:71:71:36:48:21:dd:73:cb:7a:03:89:10:e0:
df:40:fc:80:b8:92:4b:24:0b:df:81:ca:f2:57:1b:
97:fb:ed:93:f5:bb:ee:c7:19:91:6f:62:e6:a4:62:
7c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:93:BB:99:73:0F:75:98:C9:0E:61:68:05:58:00:D4:F5:95:AB:A1
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/dZO7mXMPdZjJDmFoBVgA1PWVq6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.81.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:c4:6d:8d:cc:e3:b9:61:47:9a:68:d6:2f:aa:2c:b7:2e:4f:
e6:96:07:35:a3:f1:9d:9e:4d:a0:88:db:1f:f5:80:b5:29:cd:
e5:fb:cf:3a:00:69:20:d0:0c:74:06:98:bf:96:e6:e4:b2:bf:
47:34:60:c2:2c:2d:3d:01:a2:40:0c:36:40:81:b3:9a:46:74:
54:8d:75:78:97:46:c3:cc:4a:43:b6:5a:99:d0:60:26:5e:1d:
47:cc:a3:74:32:a5:9e:d7:3c:e2:0a:18:65:7c:4c:3d:72:6f:
a9:13:75:23:4b:f3:06:91:19:10:b9:2a:03:18:ed:20:36:07:
64:fa:ff:24:c8:98:89:05:b6:47:3d:12:e2:49:53:36:4b:20:
1b:97:7c:53:a9:ae:04:b7:3c:54:ff:ce:1e:a4:54:9a:75:78:
81:e8:ef:94:24:40:07:11:6c:d3:a7:d7:07:a9:f0:48:7c:c0:
3d:66:51:0a:f4:5b:9b:58:ee:88:a8:fa:93:c5:9b:87:b3:ca:
2f:af:6a:58:32:b2:4c:7f:a2:40:a4:3f:36:f5:9b:fc:05:97:
9f:1a:07:d8:25:48:c6:04:94:21:52:c3:9c:88:2b:8d:25:9f:
08:51:1c:12:5f:03:05:83:12:8b:8a:60:0f:f1:cf:76:45:4e:
68:f5:d4:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHXlrr/RamhSgVAV9qrkgHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIwNzA3MDczNjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTkzYmI5OTczMGY3NTk4YzkwZTYxNjgwNTU4MDBkNGY1OTVhYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHYhKoaDUGaMVuU2Ck+Uy431l5sq
QKpJPBD0/CwxxN28yYcXWAD6gfB6JQbqzbP6PHBYEZrxSeMyZraknq7eYIn07xV7
6hUZObDEtr3AFbyY30jHhzmTjllrfVuGM9F8huuP5TIpKWe4oQJgDakv/tBiKO9r
WgTrJtGgrckQnM9jDhGRi5CQPIqwEFqVd3ZI7oh4KfDcfZkZBWpZYos9GX06jxkZ
FRnYkOnEvp8aZyUgE4m2RuK8+vOKTr/TBLv/+XZl+Qd3AqvceWp02WBUPG3gP3Fx
Nkgh3XPLegOJEODfQPyAuJJLJAvfgcryVxuX++2T9bvuxxmRb2LmpGJ8vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWTu5lzD3WYyQ5haAVYANT1lauhMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvZFpPN21YTVBkWmpKRG1Gb0JWZ0ExUFdWcTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS5RMA0G
CSqGSIb3DQEBCwUAA4IBAQBvxG2NzOO5YUeaaNYvqiy3Lk/mlgc1o/Gdnk2giNsf
9YC1Kc3l+886AGkg0Ax0Bpi/lubksr9HNGDCLC09AaJADDZAgbOaRnRUjXV4l0bD
zEpDtlqZ0GAmXh1HzKN0MqWe1zziChhlfEw9cm+pE3UjS/MGkRkQuSoDGO0gNgdk
+v8kyJiJBbZHPRLiSVM2SyAbl3xTqa4EtzxU/84epFSadXiB6O+UJEAHEWzTp9cH
qfBIfMA9ZlEK9FubWO6IqPqTxZuHs8ovr2pYMrJMf6JApD829Zv8BZefGgfYJUjG
BJQhUsOciCuNJZ8IURwSXwMFgxKLimAP8c92RU5o9dSL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:49 2025 by rpki-client