Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/1-q5nh-ZYAywTrBBHCGtIvF6R-z0.roa
File: 1-q5nh-ZYAywTrBBHCGtIvF6R-z0.roa (raw, json)
Hash identifier: 1dM8A8g+ykf2A7/8UNj5LC6yI0NAPN8HHhOPKCSLkzE=
Subject key identifier: FA:AE:67:87:E6:58:03:2C:13:AC:10:47:08:6B:48:BC:5E:91:FB:3D
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 02085D4E
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/1-q5nh-ZYAywTrBBHCGtIvF6R-z0.roa
Signing time: Mon 31 Jan 2022 06:34:06 +0000
ROA not before: Mon 31 Jan 2022 06:34:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47843
IP address blocks: 195.182.38.0/24 maxlen: 24
195.190.144.0/24 maxlen: 24
195.190.130.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34102606 (0x2085d4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Jan 31 06:34:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=faae6787e658032c13ac1047086b48bc5e91fb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:34:ca:2c:e0:ff:b4:f1:8e:82:39:ed:ee:ef:
d7:08:9f:b7:80:75:20:e8:46:78:37:db:b1:f9:37:
57:94:4d:3b:b2:c5:97:d0:02:0f:a0:c0:82:29:55:
86:da:4b:36:c6:ab:7f:03:74:30:dc:0a:fc:6b:9a:
f9:4d:22:a0:f2:8e:ca:cf:99:96:e5:dd:6e:5a:af:
64:a7:aa:05:61:8c:74:4c:c0:88:f6:fb:0c:a8:99:
9a:45:a0:5f:bd:34:48:57:2d:02:d2:93:9b:0a:1a:
bd:c3:26:a3:55:13:a0:b5:75:6b:a2:17:f6:d1:d7:
24:c4:e2:e4:7d:e3:24:e9:a3:37:93:84:2c:a0:18:
90:5e:c1:d1:cf:4a:2b:ef:f7:c6:47:f0:e2:d7:93:
63:66:19:87:a7:91:14:1a:54:67:84:f9:ea:f2:62:
e3:46:a2:a1:e2:1e:93:70:e2:32:37:57:ed:e2:55:
33:ab:94:70:32:db:bd:b0:52:a5:88:f8:c4:69:04:
df:65:30:3a:1e:dd:25:1b:4c:64:20:a5:75:d2:8e:
8b:90:fa:0a:5a:4a:5a:8d:08:9a:8a:5c:ef:ef:74:
38:88:3e:96:fc:55:79:d4:88:91:cd:fd:69:58:a4:
35:94:71:44:66:68:a8:aa:12:dd:53:d7:e8:06:38:
ff:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:AE:67:87:E6:58:03:2C:13:AC:10:47:08:6B:48:BC:5E:91:FB:3D
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/1-q5nh-ZYAywTrBBHCGtIvF6R-z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.38.0/24
195.190.130.0/24
195.190.144.0/24
Signature Algorithm: sha256WithRSAEncryption
08:c8:99:d3:07:45:89:fc:76:b0:6b:3e:d0:e1:31:3f:d6:bc:
b6:ed:47:dd:8d:87:d4:21:20:2f:e7:93:27:28:20:0d:d4:61:
07:38:be:f0:19:05:3a:a7:b1:84:5f:41:cb:09:0b:cb:7f:fe:
c4:20:0f:f7:dd:5e:81:70:cd:8f:5d:59:0a:f8:29:cb:af:27:
9d:eb:88:3f:f8:8e:0f:09:1d:3f:f5:9f:53:ae:a6:79:a0:69:
d9:a0:8d:cb:5d:c4:71:64:82:4b:07:84:ed:28:26:17:36:86:
d7:da:32:f0:9b:3e:ed:e9:c6:32:ad:98:59:98:92:0c:a9:e2:
9d:b9:98:dd:e1:f9:bc:ca:3b:3a:3e:d6:d3:7a:d2:a7:67:48:
ee:18:17:c8:2c:90:3f:4d:75:0c:fd:40:a7:b2:8c:f6:47:82:
3a:3e:12:99:e9:a8:a1:c0:08:76:a3:0b:fc:c7:b2:3a:df:42:
2a:f1:90:7b:cc:65:61:fd:92:44:4d:86:31:f8:a9:34:c8:29:
2f:a6:fb:de:2e:25:f7:3e:9e:f5:79:94:14:f8:a1:e8:fb:2c:
af:97:41:aa:13:d2:98:04:8b:6d:4f:1b:ad:52:33:55:29:c7:
83:7d:09:64:22:d2:64:94:ab:39:a0:d5:35:b3:a5:bc:3d:ae:
66:61:3f:79
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEAghdTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDg0Njc0MTEzOTI2MzM4OGQ5ODRkYjFlOTdlMDMxNjY5YzY0ODZlMB4XDTIyMDEz
MTA2MzQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFhZTY3ODdlNjU4
MDMyYzEzYWMxMDQ3MDg2YjQ4YmM1ZTkxZmIzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI0yizg/7TxjoI57e7v1wift4B1IOhGeDfbsfk3V5RNO7LF
l9ACD6DAgilVhtpLNsarfwN0MNwK/Gua+U0ioPKOys+ZluXdblqvZKeqBWGMdEzA
iPb7DKiZmkWgX700SFctAtKTmwoavcMmo1UToLV1a6IX9tHXJMTi5H3jJOmjN5OE
LKAYkF7B0c9KK+/3xkfw4teTY2YZh6eRFBpUZ4T56vJi40aioeIek3DiMjdX7eJV
M6uUcDLbvbBSpYj4xGkE32UwOh7dJRtMZCClddKOi5D6ClpKWo0Imopc7+90OIg+
lvxVedSIkc39aVikNZRxRGZoqKoS3VPX6AY4/xUCAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBT6rmeH5lgDLBOsEEcIa0i8XpH7PTAfBgNVHSMEGDAWgBSUhGdBE5JjOI2Y
TbHpfgMWacZIbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xJUm5RUk9TWXppTm1FMng2WDRERm1uR1NHNC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYTQ5MTAyLTA2MTItNDdhMC04MTE3LWNiMTEyNTAwN2RmYi8x
LzEtcTVuaC1aWUF5d1RyQkJIQ0d0SXZGNlItejAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQw
L2E0OTEwMi0wNjEyLTQ3YTAtODExNy1jYjExMjUwMDdkZmIvMS9sSVJuUVJPU1l6
aU5tRTJ4Nlg0REZtbkdTRzQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
KwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBADDtiYDBADDvoIDBADDvpAwDQYJ
KoZIhvcNAQELBQADggEBAAjImdMHRYn8drBrPtDhMT/WvLbtR92Nh9QhIC/nkyco
IA3UYQc4vvAZBTqnsYRfQcsJC8t//sQgD/fdXoFwzY9dWQr4KcuvJ53riD/4jg8J
HT/1n1OupnmgadmgjctdxHFkgksHhO0oJhc2htfaMvCbPu3pxjKtmFmYkgyp4p25
mN3h+bzKOzo+1tN60qdnSO4YF8gskD9NdQz9QKeyjPZHgjo+EpnpqKHACHajC/zH
sjrfQirxkHvMZWH9kkRNhjH4qTTIKS+m+94uJfc+nvV5lBT4oej7LK+XQaoT0pgE
i21PG61SM1Upx4N9CWQi0mSUqzmg1TWzpbw9rmZhP3k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:51 2024 by rpki-client on console-fra.rpki-client.org