Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/766970-1ba3-490b-a6c9-51083d8630b2/1/051n_b-x3VyO9hk4slEo6AOAIc8.roa
File: 051n_b-x3VyO9hk4slEo6AOAIc8.roa (raw, json)
Hash identifier: nzV8h4zp+fFaB2yXbuiAnNbYZVu9coJhMHbzghSTwWU=
Subject key identifier: D3:9D:67:FD:BF:B1:DD:5C:8E:F6:19:38:B2:51:28:E8:03:80:21:CF
Certificate issuer: /CN=33adf9eef1dedc7b35e0da464bfd77a49a5691ee
Certificate serial: 01882086B528CDFDA5AF6A41D4DDC2E75B9D
Authority key identifier: 33:AD:F9:EE:F1:DE:DC:7B:35:E0:DA:46:4B:FD:77:A4:9A:56:91:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M6357vHe3Hs14NpGS_13pJpWke4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/766970-1ba3-490b-a6c9-51083d8630b2/1/051n_b-x3VyO9hk4slEo6AOAIc8.roa
Signing time: Mon 15 May 2023 17:47:59 +0000
ROA not before: Mon 15 May 2023 17:47:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 193.3.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:86:b5:28:cd:fd:a5:af:6a:41:d4:dd:c2:e7:5b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33adf9eef1dedc7b35e0da464bfd77a49a5691ee
Validity
Not Before: May 15 17:47:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d39d67fdbfb1dd5c8ef61938b25128e8038021cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:61:8b:9b:3f:d8:04:ea:a2:5f:75:99:b1:7d:
2b:dc:9f:63:5d:6f:f6:10:d6:04:e7:84:54:2e:c3:
96:c3:32:eb:67:80:c6:2e:0c:f0:35:ad:12:ef:77:
9a:00:33:5b:36:28:54:65:b9:0f:0d:fa:03:ee:68:
96:26:85:61:aa:5a:d2:27:f3:17:4f:0c:8c:48:52:
a7:df:c7:12:d6:64:26:1e:88:98:5b:69:8a:42:50:
4f:f6:ee:6d:2e:ad:9e:46:e8:93:bc:87:91:47:30:
ed:0f:51:8d:42:22:7d:3e:db:8a:d7:ae:f8:c5:af:
a0:32:bd:3c:fa:4a:d5:98:11:8e:c5:05:70:59:04:
7f:24:57:0b:1d:52:8b:5c:67:51:04:02:78:c5:3d:
60:c1:e4:ef:b2:4d:f6:2f:fa:35:98:83:49:58:fd:
3a:44:94:ef:a3:4e:9f:bc:0b:ae:57:4a:fe:e3:63:
21:25:45:6f:88:fa:6e:35:34:e3:ab:10:7c:d1:38:
8f:d0:5e:96:db:39:5f:2f:ed:c7:c1:ce:8e:8a:b0:
2c:7e:9b:5b:07:38:c6:43:b5:50:2d:ad:67:4a:c6:
b0:28:8c:1e:52:ae:08:f0:51:05:31:3b:46:95:a7:
a4:2b:bd:55:a5:d3:2f:4e:e6:47:90:6f:54:8d:7a:
f4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9D:67:FD:BF:B1:DD:5C:8E:F6:19:38:B2:51:28:E8:03:80:21:CF
X509v3 Authority Key Identifier:
keyid:33:AD:F9:EE:F1:DE:DC:7B:35:E0:DA:46:4B:FD:77:A4:9A:56:91:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M6357vHe3Hs14NpGS_13pJpWke4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/766970-1ba3-490b-a6c9-51083d8630b2/1/051n_b-x3VyO9hk4slEo6AOAIc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/766970-1ba3-490b-a6c9-51083d8630b2/1/M6357vHe3Hs14NpGS_13pJpWke4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.181.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:6b:4e:58:a5:47:aa:43:31:1a:95:0b:9a:d4:34:25:00:8c:
86:73:63:82:05:04:59:fd:82:ca:dc:4f:10:aa:4e:4d:8a:d2:
99:00:da:34:90:84:39:c1:e5:12:7d:e4:65:bd:f7:19:0f:a7:
38:eb:7b:12:37:8c:a4:43:90:c7:a0:63:e8:9a:4e:85:49:6d:
10:67:a2:01:4d:c2:90:15:6a:17:d2:94:56:98:0d:82:26:14:
5e:c0:f4:43:ee:db:8a:f7:30:15:0f:60:34:40:02:81:8d:99:
fe:c9:c3:64:96:93:15:7b:c6:79:ed:2c:94:ba:80:3c:c0:16:
3c:bd:7f:2f:e4:db:2c:bc:ee:87:38:0d:f7:31:15:47:e9:26:
7a:e5:10:84:60:27:e5:72:b8:00:1e:68:1c:e6:0e:65:b3:05:
88:45:15:b6:d6:9f:bb:db:23:f6:02:8b:ca:41:8e:ee:6e:33:
e9:90:0d:8f:f4:44:f9:f5:25:1b:6a:90:73:ee:f7:37:3e:95:
e7:9e:04:f6:18:01:8d:e0:15:92:82:8c:76:85:23:bf:62:e8:
7e:60:2a:69:71:4f:a6:32:80:77:58:01:21:3b:55:74:d1:48:
c1:b1:6e:85:9b:81:22:cb:91:8d:56:cd:f1:07:9d:ac:df:1c:
83:50:d8:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgghrUozf2lr2pB1N3C51udMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYWRmOWVlZjFkZWRjN2IzNWUwZGE0NjRiZmQ3N2E0OWE1
NjkxZWUwHhcNMjMwNTE1MTc0NzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzlkNjdmZGJmYjFkZDVjOGVmNjE5MzhiMjUxMjhlODAzODAyMWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GGLmz/YBOqiX3WZsX0r3J9jXW/2
ENYE54RULsOWwzLrZ4DGLgzwNa0S73eaADNbNihUZbkPDfoD7miWJoVhqlrSJ/MX
TwyMSFKn38cS1mQmHoiYW2mKQlBP9u5tLq2eRuiTvIeRRzDtD1GNQiJ9PtuK1674
xa+gMr08+krVmBGOxQVwWQR/JFcLHVKLXGdRBAJ4xT1gweTvsk32L/o1mINJWP06
RJTvo06fvAuuV0r+42MhJUVviPpuNTTjqxB80TiP0F6W2zlfL+3Hwc6OirAsfptb
BzjGQ7VQLa1nSsawKIweUq4I8FEFMTtGlaekK71VpdMvTuZHkG9UjXr0qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOdZ/2/sd1cjvYZOLJRKOgDgCHPMB8GA1UdIwQY
MBaAFDOt+e7x3tx7NeDaRkv9d6SaVpHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTYzNTd2SGUzSHMxNE5wR1NfMTNwSnBXa2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS83NjY5NzAtMWJhMy00OTBiLWE2Yzkt
NTEwODNkODYzMGIyLzEvMDUxbl9iLXgzVnlPOWhrNHNsRW82QU9BSWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS83NjY5NzAtMWJhMy00OTBiLWE2YzktNTEwODNkODYzMGIy
LzEvTTYzNTd2SGUzSHMxNE5wR1NfMTNwSnBXa2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQO1MA0G
CSqGSIb3DQEBCwUAA4IBAQC9a05YpUeqQzEalQua1DQlAIyGc2OCBQRZ/YLK3E8Q
qk5NitKZANo0kIQ5weUSfeRlvfcZD6c463sSN4ykQ5DHoGPomk6FSW0QZ6IBTcKQ
FWoX0pRWmA2CJhRewPRD7tuK9zAVD2A0QAKBjZn+ycNklpMVe8Z57SyUuoA8wBY8
vX8v5NssvO6HOA33MRVH6SZ65RCEYCflcrgAHmgc5g5lswWIRRW21p+72yP2AovK
QY7ubjPpkA2P9ET59SUbapBz7vc3PpXnngT2GAGN4BWSgox2hSO/Yuh+YCppcU+m
MoB3WAEhO1V00UjBsW6Fm4Eiy5GNVs3xB52s3xyDUNhl
-----END CERTIFICATE-----
Generated at Thu Nov 2 10:41:55 2023 by rpki-client on console-ams.rpki-client.org