Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/qc3SJPhY-0XA-766xcI43HKjkxY.roa
File: qc3SJPhY-0XA-766xcI43HKjkxY.roa (raw, json)
Hash identifier: JqfagBmjwvO0nEyiM3OlnN+Zk2SUEpjFXjTO6yLjUoE=
Subject key identifier: A9:CD:D2:24:F8:58:FB:45:C0:FB:BE:BA:C5:C2:38:DC:72:A3:93:16
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 01BB23C7
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/qc3SJPhY-0XA-766xcI43HKjkxY.roa
Signing time: Sat 01 Jan 2022 05:52:47 +0000
ROA not before: Sat 01 Jan 2022 05:52:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47843
IP address blocks: 195.190.139.0/24 maxlen: 24
195.182.38.0/24 maxlen: 24
195.190.144.0/24 maxlen: 24
195.190.130.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29041607 (0x1bb23c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Jan 1 05:52:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9cdd224f858fb45c0fbbebac5c238dc72a39316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:67:f8:06:da:a5:e8:3d:ce:a2:23:ca:b4:bc:
de:15:99:c8:e9:ea:35:be:f2:48:a3:6e:35:f4:7e:
67:ad:aa:b5:ec:75:17:27:e0:7c:24:a2:f4:26:1f:
60:34:4c:50:17:f1:94:b2:0a:e5:ed:30:d5:fa:73:
94:c4:21:06:fe:40:82:6e:76:4c:11:c1:c6:15:f5:
b3:e6:1c:db:77:df:c2:52:76:bd:c8:83:e8:46:a7:
d5:bf:6a:c2:63:bc:c1:76:92:e4:65:ec:89:1c:43:
7a:44:cd:e3:77:ac:b3:c6:2f:f4:45:2e:22:0d:31:
c5:5e:53:05:d9:b1:94:e6:d7:fb:2c:d6:60:75:18:
4f:f1:fb:15:5b:4a:8a:07:62:8d:d7:0b:84:b7:48:
99:3f:2d:c1:6e:12:bc:f6:12:70:86:bb:9d:52:7d:
cc:e8:ff:c9:76:f3:dd:65:fe:55:80:95:97:fe:65:
67:42:be:af:a0:8a:80:14:6e:ff:10:c4:85:d7:f8:
74:4e:76:2c:ee:4e:d8:69:ad:c8:51:5d:2a:aa:e7:
2a:11:92:3c:4b:52:72:82:ad:4b:ba:7c:e3:f3:83:
7d:7a:52:e4:be:37:de:f8:d0:02:1d:30:83:89:2f:
38:fc:86:a0:48:12:b8:f8:d5:81:91:f3:e8:b5:1a:
4a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CD:D2:24:F8:58:FB:45:C0:FB:BE:BA:C5:C2:38:DC:72:A3:93:16
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/qc3SJPhY-0XA-766xcI43HKjkxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.38.0/24
195.190.130.0/24
195.190.139.0/24
195.190.144.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d5:5b:21:f3:35:36:32:06:38:3b:63:a2:10:55:b9:44:0f:
7f:1e:26:26:ec:cf:39:72:0f:75:a0:f5:a7:11:da:fe:5a:ad:
ca:73:40:77:4b:82:a7:23:4c:f1:d5:7e:4e:d7:dc:f0:c0:9d:
b2:ee:21:9c:e0:7d:cb:b4:71:83:a8:7c:fe:d1:54:e1:7c:7c:
3f:a9:a2:e7:c6:61:c0:fb:91:eb:6b:db:ff:77:9b:e1:dd:1d:
31:42:ad:e2:ed:c0:e6:2f:67:a8:54:0f:4d:a5:5d:a9:3e:c6:
33:81:00:1c:fe:94:76:04:5d:3c:fe:61:82:c1:ca:d6:b1:33:
0a:11:09:04:a6:51:69:e9:32:0b:01:98:79:6a:30:2f:a0:96:
68:75:83:8c:63:c6:af:e7:fd:42:57:62:d7:e1:28:d6:f7:3c:
32:8d:c6:89:7b:b5:a2:e3:50:49:22:4d:a0:4e:ab:21:83:ae:
a5:2f:56:3d:37:9b:3d:01:57:fe:c2:6a:7e:cc:81:dd:17:4f:
a6:9a:f2:cc:d5:87:fe:d1:f3:4e:ef:a1:5b:48:00:6b:00:08:
86:6a:77:cd:2a:7e:35:98:b6:71:4b:d5:aa:db:31:49:8b:c2:
bc:26:4d:d9:0f:50:c8:db:c0:96:22:9b:b6:9f:71:97:47:a3:
64:48:69:9f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAbsjxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDg0Njc0MTEzOTI2MzM4OGQ5ODRkYjFlOTdlMDMxNjY5YzY0ODZlMB4XDTIyMDEw
MTA1NTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTljZGQyMjRmODU4
ZmI0NWMwZmJiZWJhYzVjMjM4ZGM3MmEzOTMxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJn+Abapeg9zqIjyrS83hWZyOnqNb7ySKNuNfR+Z62qtex1
FyfgfCSi9CYfYDRMUBfxlLIK5e0w1fpzlMQhBv5Agm52TBHBxhX1s+Yc23ffwlJ2
vciD6Ean1b9qwmO8wXaS5GXsiRxDekTN43ess8Yv9EUuIg0xxV5TBdmxlObX+yzW
YHUYT/H7FVtKigdijdcLhLdImT8twW4SvPYScIa7nVJ9zOj/yXbz3WX+VYCVl/5l
Z0K+r6CKgBRu/xDEhdf4dE52LO5O2GmtyFFdKqrnKhGSPEtScoKtS7p84/ODfXpS
5L433vjQAh0wg4kvOPyGoEgSuPjVgZHz6LUaSiUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSpzdIk+Fj7RcD7vrrFwjjccqOTFjAfBgNVHSMEGDAWgBSUhGdBE5JjOI2Y
TbHpfgMWacZIbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xJUm5RUk9TWXppTm1FMng2WDRERm1uR1NHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYTQ5MTAyLTA2MTItNDdhMC04MTE3LWNiMTEyNTAwN2RmYi8x
L3FjM1NKUGhZLTBYQS03NjZ4Y0k0M0hLamt4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YTQ5MTAyLTA2MTItNDdhMC04MTE3LWNiMTEyNTAwN2RmYi8xL2xJUm5RUk9TWXpp
Tm1FMng2WDRERm1uR1NHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMO2JgMEAMO+ggMEAMO+iwMEAMO+
kDANBgkqhkiG9w0BAQsFAAOCAQEAVNVbIfM1NjIGODtjohBVuUQPfx4mJuzPOXIP
daD1pxHa/lqtynNAd0uCpyNM8dV+Ttfc8MCdsu4hnOB9y7Rxg6h8/tFU4Xx8P6mi
58ZhwPuR62vb/3eb4d0dMUKt4u3A5i9nqFQPTaVdqT7GM4EAHP6UdgRdPP5hgsHK
1rEzChEJBKZRaekyCwGYeWowL6CWaHWDjGPGr+f9Qldi1+Eo1vc8Mo3GiXu1ouNQ
SSJNoE6rIYOupS9WPTebPQFX/sJqfsyB3RdPppryzNWH/tHzTu+hW0gAawAIhmp3
zSp+NZi2cUvVqtsxSYvCvCZN2Q9QyNvAliKbtp9xl0ejZEhpnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:05 2024 by rpki-client on console-ams.rpki-client.org