Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/6e5dc3-c7fa-4d36-9095-c19232bda430/1/iMtuYelRlmQhX4zoIXJphVdWxDI.roa
File: iMtuYelRlmQhX4zoIXJphVdWxDI.roa (raw, json)
Hash identifier: 0T0bmGSzD0dLfuzfIjBblK6fW6vW++tY02FnmcMC8ds=
Subject key identifier: 88:CB:6E:61:E9:51:96:64:21:5F:8C:E8:21:72:69:85:57:56:C4:32
Certificate issuer: /CN=13b89b80186332d441bb0515c47261c5ffa0616b
Certificate serial: 01856F5DE2372ABE065B50DE96A7F142E725
Authority key identifier: 13:B8:9B:80:18:63:32:D4:41:BB:05:15:C4:72:61:C5:FF:A0:61:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7ibgBhjMtRBuwUVxHJhxf-gYWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/6e5dc3-c7fa-4d36-9095-c19232bda430/1/iMtuYelRlmQhX4zoIXJphVdWxDI.roa
Signing time: Sun 01 Jan 2023 22:05:01 +0000
ROA not before: Sun 01 Jan 2023 22:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39018
IP address blocks: 193.143.224.0/24 maxlen: 24
193.143.227.0/24 maxlen: 24
193.143.231.0/24 maxlen: 24
193.143.248.0/24 maxlen: 24
2a10:8f00::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:e2:37:2a:be:06:5b:50:de:96:a7:f1:42:e7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b89b80186332d441bb0515c47261c5ffa0616b
Validity
Not Before: Jan 1 22:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88cb6e61e9519664215f8ce8217269855756c432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f7:0e:04:c7:fc:fa:c2:3c:3d:e4:36:c0:3f:
8a:72:90:9c:3d:c1:24:4e:e1:90:e4:ab:b9:e5:20:
96:6f:ce:2f:a3:e7:79:16:bf:75:b0:3a:43:a7:f3:
cc:7f:25:7c:39:6f:c3:36:b9:9b:64:f3:6a:76:7d:
35:4b:e8:3d:70:95:a0:d1:f3:35:70:89:fb:58:0e:
a0:34:f3:85:64:67:f9:dc:d4:4f:17:04:63:24:f9:
cb:39:4a:e0:b7:7f:82:49:8d:88:21:0b:6d:ef:f8:
96:81:3d:3e:ae:0d:74:32:73:8a:78:e7:d4:d4:58:
e6:e4:5d:f2:b4:02:92:cb:cd:5c:9e:42:d5:9b:ec:
45:c6:42:21:8c:e7:46:fd:a8:ee:1f:3d:99:a5:8c:
a6:86:95:dd:15:bb:a1:b7:d5:0e:e7:e7:c7:2a:56:
6a:ef:46:a0:b0:03:ca:a5:d0:fa:85:bd:c6:28:e4:
bd:55:5e:79:71:79:5e:bd:be:72:cd:d9:b8:b8:8d:
8d:49:e0:ba:c7:c2:05:fa:6c:26:b3:60:82:8b:f5:
f9:ec:33:45:ff:e3:9a:c4:5c:55:ea:fb:5c:19:d2:
08:59:c3:09:2a:d8:24:a6:77:87:d4:55:46:65:f8:
98:2f:ac:2e:96:66:87:db:7b:71:b5:3c:e7:76:f2:
c9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:CB:6E:61:E9:51:96:64:21:5F:8C:E8:21:72:69:85:57:56:C4:32
X509v3 Authority Key Identifier:
keyid:13:B8:9B:80:18:63:32:D4:41:BB:05:15:C4:72:61:C5:FF:A0:61:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7ibgBhjMtRBuwUVxHJhxf-gYWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/6e5dc3-c7fa-4d36-9095-c19232bda430/1/iMtuYelRlmQhX4zoIXJphVdWxDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/6e5dc3-c7fa-4d36-9095-c19232bda430/1/E7ibgBhjMtRBuwUVxHJhxf-gYWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.224.0/24
193.143.227.0/24
193.143.231.0/24
193.143.248.0/24
IPv6:
2a10:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
1e:02:1c:b8:0c:5d:a1:3c:77:70:de:96:fa:9d:d0:37:b3:fc:
35:e5:1c:88:38:8b:33:ae:09:72:46:6a:5b:06:83:c6:65:3f:
c3:8d:99:96:b8:a7:c1:dd:2d:a3:09:5f:12:10:0e:84:81:9c:
7f:5c:71:d5:7b:bb:d4:01:6a:5b:e1:bf:f8:34:b7:f3:c2:19:
fe:a7:d6:6f:03:23:6b:99:fb:28:a4:ff:d0:0a:18:f4:4b:97:
31:3e:c0:be:8b:e4:a6:f1:78:1b:75:ba:b1:b3:f4:b1:66:7b:
63:d4:03:75:f8:e2:ce:cb:6b:32:87:b3:ba:c1:46:ab:0d:a7:
47:d2:c7:d4:29:69:d2:e4:3f:30:de:e0:4a:46:7b:87:6e:f6:
17:b7:53:fe:60:2c:c7:c3:98:80:99:da:b3:1b:01:4a:5c:b0:
b1:4a:aa:b1:de:0a:f9:15:58:b6:22:3b:00:1f:f7:c5:97:ff:
f5:97:30:fc:46:64:da:c2:c9:34:4a:d3:d4:a4:4e:fb:a7:0a:
6c:50:d0:3c:ee:3f:19:6a:10:32:cc:61:5a:de:45:47:41:ce:
9f:9b:7e:3b:30:f2:31:e4:c7:c0:fa:31:ad:3e:a5:95:93:56:
a5:32:0e:91:5d:49:bc:3b:1e:d6:12:90:f5:e0:92:0c:fd:09:
f8:bc:2e:85
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvXeI3Kr4GW1DelqfxQuclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjg5YjgwMTg2MzMyZDQ0MWJiMDUxNWM0NzI2MWM1ZmZh
MDYxNmIwHhcNMjMwMTAxMjIwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGNiNmU2MWU5NTE5NjY0MjE1ZjhjZTgyMTcyNjk4NTU3NTZjNDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPcOBMf8+sI8PeQ2wD+KcpCcPcEk
TuGQ5Ku55SCWb84vo+d5Fr91sDpDp/PMfyV8OW/DNrmbZPNqdn01S+g9cJWg0fM1
cIn7WA6gNPOFZGf53NRPFwRjJPnLOUrgt3+CSY2IIQtt7/iWgT0+rg10MnOKeOfU
1Fjm5F3ytAKSy81cnkLVm+xFxkIhjOdG/ajuHz2ZpYymhpXdFbuht9UO5+fHKlZq
70agsAPKpdD6hb3GKOS9VV55cXlevb5yzdm4uI2NSeC6x8IF+mwms2CCi/X57DNF
/+OaxFxV6vtcGdIIWcMJKtgkpneH1FVGZfiYL6wulmaH23txtTzndvLJFQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIjLbmHpUZZkIV+M6CFyaYVXVsQyMB8GA1UdIwQY
MBaAFBO4m4AYYzLUQbsFFcRyYcX/oGFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdpYmdCaGpNdFJCdXdVVnhISmh4Zi1nWVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS82ZTVkYzMtYzdmYS00ZDM2LTkwOTUt
YzE5MjMyYmRhNDMwLzEvaU10dVllbFJsbVFoWDR6b0lYSnBoVmRXeERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS82ZTVkYzMtYzdmYS00ZDM2LTkwOTUtYzE5MjMyYmRhNDMw
LzEvRTdpYmdCaGpNdFJCdXdVVnhISmh4Zi1nWVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwY/gAwQA
wY/jAwQAwY/nAwQAwY/4MA0EAgACMAcDBQMqEI8AMA0GCSqGSIb3DQEBCwUAA4IB
AQAeAhy4DF2hPHdw3pb6ndA3s/w15RyIOIszrglyRmpbBoPGZT/DjZmWuKfB3S2j
CV8SEA6EgZx/XHHVe7vUAWpb4b/4NLfzwhn+p9ZvAyNrmfsopP/QChj0S5cxPsC+
i+Sm8Xgbdbqxs/SxZntj1AN1+OLOy2syh7O6wUarDadH0sfUKWnS5D8w3uBKRnuH
bvYXt1P+YCzHw5iAmdqzGwFKXLCxSqqx3gr5FVi2IjsAH/fFl//1lzD8RmTawsk0
StPUpE77pwpsUNA87j8ZahAyzGFa3kVHQc6fm347MPIx5MfA+jGtPqWVk1alMg6R
XUm8Ox7WEpD14JIM/Qn4vC6F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:54 2024 by rpki-client on console-ams.rpki-client.org