Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/lHpInPVM2e1B84_ZtWPCe_1chAo.roa
File: lHpInPVM2e1B84_ZtWPCe_1chAo.roa (raw, json)
Hash identifier: YSSYq6AVAyDEPrRGPDpG0V5pWa95uH8ptwTNmN190QM=
Subject key identifier: 94:7A:48:9C:F5:4C:D9:ED:41:F3:8F:D9:B5:63:C2:7B:FD:5C:84:0A
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018A1D2E54145033D82E3D4100DFA31B1B5A
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/lHpInPVM2e1B84_ZtWPCe_1chAo.roa
Signing time: Tue 22 Aug 2023 12:18:09 +0000
ROA not before: Tue 22 Aug 2023 12:18:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210421
IP address blocks: 193.107.21.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:2e:54:14:50:33:d8:2e:3d:41:00:df:a3:1b:1b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Aug 22 12:18:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=947a489cf54cd9ed41f38fd9b563c27bfd5c840a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d0:03:0b:11:76:ae:95:93:60:c4:dd:8f:5e:
25:9f:1d:26:fd:5e:c5:52:1b:3f:56:5d:b2:3f:82:
0f:d2:00:d7:62:08:94:82:75:5e:af:83:84:42:0f:
d6:96:fa:0d:2a:7b:cf:55:91:30:e5:a1:d0:a1:4f:
9b:b6:31:94:cc:29:c0:58:72:3b:13:1e:9b:39:88:
e4:44:d7:5b:ec:89:cf:18:6a:99:77:fe:39:3a:99:
02:4e:8a:04:9b:fd:9d:c5:35:8d:55:08:4e:26:38:
7b:5a:2c:05:0a:6a:e3:92:38:6e:34:cc:25:6f:a1:
75:03:e7:69:2d:d4:9a:e0:84:3a:fc:bf:65:da:a2:
58:2c:a9:35:3a:1b:37:11:ac:3f:bd:b6:15:7b:82:
d2:f6:75:c5:91:bb:14:77:7d:21:58:5b:9e:41:6c:
dd:08:3d:53:57:8a:e2:f6:70:8c:9b:ee:dd:04:35:
80:c3:a7:72:0c:9b:2f:a5:87:ee:ad:7c:00:16:ba:
6e:96:fa:be:1a:4c:68:dc:f9:61:a5:ae:7c:0a:14:
20:32:30:85:85:85:c7:ed:17:f1:c4:72:82:b9:88:
db:b9:d9:33:80:78:6b:cd:80:6b:b9:a2:21:61:2a:
24:d2:86:4a:06:d4:90:ab:03:5a:6a:74:6c:72:3e:
eb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:7A:48:9C:F5:4C:D9:ED:41:F3:8F:D9:B5:63:C2:7B:FD:5C:84:0A
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/lHpInPVM2e1B84_ZtWPCe_1chAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.21.0/24
Signature Algorithm: sha256WithRSAEncryption
53:e2:d7:9e:c3:7c:c9:14:59:07:f0:bc:9a:2c:bf:7f:cf:3f:
23:50:85:33:da:d2:e6:f6:73:79:3b:ff:1a:2e:59:bc:82:87:
83:4f:ed:bf:b3:df:83:46:0d:eb:1e:06:64:d3:47:e1:31:98:
5c:4e:2b:f1:24:30:08:26:b3:24:8a:f8:10:72:42:c8:77:16:
3f:61:2e:4a:4f:ec:62:f4:0c:a1:af:20:dd:69:6c:8f:4d:a2:
ec:32:36:87:d5:79:c6:ab:63:de:bc:20:e0:7a:23:e0:55:75:
ed:42:82:40:a8:f7:1c:ea:2b:1a:a4:ce:ca:71:ae:ff:6a:b2:
81:de:8f:57:03:18:85:0d:0e:34:5b:d7:70:4c:b7:b6:4a:52:
66:1d:95:02:9b:31:4e:f7:50:5b:a6:64:1d:5e:42:b4:61:5c:
46:c0:83:56:e9:f7:6b:9a:ea:08:40:54:23:4b:c8:6c:2d:3f:
45:d6:11:f4:ce:df:d6:78:7c:11:c3:70:cd:bd:e3:d4:31:71:
2c:2e:19:fa:f2:fd:bb:70:9d:40:97:cd:81:b6:6f:cb:e2:5e:
23:58:84:8b:1d:eb:05:6f:6c:83:36:fc:1b:9a:5e:52:39:f1:
d1:73:d3:23:c0:09:0d:b8:8f:9b:1b:69:ef:f5:35:e2:bd:72:
50:b3:4f:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYodLlQUUDPYLj1BAN+jGxtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMwODIyMTIxODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDdhNDg5Y2Y1NGNkOWVkNDFmMzhmZDliNTYzYzI3YmZkNWM4NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtADCxF2rpWTYMTdj14lnx0m/V7F
Uhs/Vl2yP4IP0gDXYgiUgnVer4OEQg/WlvoNKnvPVZEw5aHQoU+btjGUzCnAWHI7
Ex6bOYjkRNdb7InPGGqZd/45OpkCTooEm/2dxTWNVQhOJjh7WiwFCmrjkjhuNMwl
b6F1A+dpLdSa4IQ6/L9l2qJYLKk1Ohs3Eaw/vbYVe4LS9nXFkbsUd30hWFueQWzd
CD1TV4ri9nCMm+7dBDWAw6dyDJsvpYfurXwAFrpulvq+Gkxo3Plhpa58ChQgMjCF
hYXH7RfxxHKCuYjbudkzgHhrzYBruaIhYSok0oZKBtSQqwNaanRscj7rMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJR6SJz1TNntQfOP2bVjwnv9XIQKMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvbEhwSW5QVk0yZTFCODRfWnRXUENlXzFjaEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWsVMA0G
CSqGSIb3DQEBCwUAA4IBAQBT4teew3zJFFkH8LyaLL9/zz8jUIUz2tLm9nN5O/8a
Llm8goeDT+2/s9+DRg3rHgZk00fhMZhcTivxJDAIJrMkivgQckLIdxY/YS5KT+xi
9AyhryDdaWyPTaLsMjaH1XnGq2PevCDgeiPgVXXtQoJAqPcc6isapM7Kca7/arKB
3o9XAxiFDQ40W9dwTLe2SlJmHZUCmzFO91BbpmQdXkK0YVxGwINW6fdrmuoIQFQj
S8hsLT9F1hH0zt/WeHwRw3DNvePUMXEsLhn68v27cJ1Al82Btm/L4l4jWISLHesF
b2yDNvwbml5SOfHRc9MjwAkNuI+bG2nv9TXivXJQs083
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org