Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/4mFbjFJQ70xeIWOZKiYxUwHKAS4.roa
File: 4mFbjFJQ70xeIWOZKiYxUwHKAS4.roa (raw, json)
Hash identifier: w/MCJBrminoPLY/qOlERow4mJiXd6+MRbDOZ5EsFf1k=
Subject key identifier: E2:61:5B:8C:52:50:EF:4C:5E:21:63:99:2A:26:31:53:01:CA:01:2E
Certificate issuer: /CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Certificate serial: 01856C1CAA60F30628CD135E2A9F97060416
Authority key identifier: 97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/4mFbjFJQ70xeIWOZKiYxUwHKAS4.roa
Signing time: Sun 01 Jan 2023 06:54:55 +0000
ROA not before: Sun 01 Jan 2023 06:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 195.54.166.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:aa:60:f3:06:28:cd:13:5e:2a:9f:97:06:04:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Validity
Not Before: Jan 1 06:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2615b8c5250ef4c5e2163992a26315301ca012e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2c:6b:c8:5b:f2:65:e1:40:ac:89:b8:e2:bb:
f4:7a:9d:07:f5:95:5f:29:3c:02:1a:e6:7e:9f:70:
97:48:9e:29:eb:44:b8:d7:5d:b6:5f:a4:f0:99:3a:
7f:68:3f:6a:b1:11:db:41:e2:df:6d:33:2b:d1:36:
a3:1c:00:11:40:2d:f0:e8:b9:15:73:8e:fc:73:ed:
c4:a8:51:dd:e3:53:d9:fc:51:00:65:e0:70:c2:4d:
04:89:57:da:0d:8f:55:36:25:88:5a:0d:39:87:c8:
c9:92:e4:51:c8:0d:c3:d2:9f:7e:bf:fd:24:25:0c:
e6:7c:1e:c0:72:96:0b:01:67:d7:93:b7:97:dd:d9:
40:23:e7:e8:21:25:5e:38:d7:62:cb:71:38:95:44:
87:7a:37:d3:1a:86:4a:99:e1:16:f1:6e:73:f5:7f:
5f:29:1c:26:1c:2b:46:4a:ab:0c:cd:26:65:c5:d5:
58:3d:a8:f2:da:b4:f0:92:76:73:83:07:1d:99:e0:
d1:b2:b5:0b:d9:65:6a:e3:b0:e4:d1:90:25:76:e8:
99:24:dd:92:68:a2:78:bd:77:3f:94:7a:ce:eb:14:
98:d9:93:09:87:bc:7a:f4:2c:08:a3:61:bf:62:23:
e9:8c:7b:cd:a6:91:3e:5c:de:5b:c8:98:30:77:cc:
b5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:61:5B:8C:52:50:EF:4C:5E:21:63:99:2A:26:31:53:01:CA:01:2E
X509v3 Authority Key Identifier:
keyid:97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/4mFbjFJQ70xeIWOZKiYxUwHKAS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/l-vxSo5U8S3YskU1PfaD4YKglsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.54.166.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:aa:16:8b:13:f3:41:2a:16:35:f1:87:5f:da:54:47:95:41:
5b:41:de:00:65:74:d1:8d:cc:69:df:d4:46:ed:ac:5a:f7:ef:
47:2b:9b:92:f9:11:fe:45:19:a8:c6:0a:41:65:aa:3b:13:f5:
44:79:b8:c3:fe:49:40:b7:cf:f1:00:97:63:b5:b2:26:7f:34:
3c:97:6f:a4:93:f5:9e:27:a6:89:fc:fe:ba:f6:ff:5f:2b:0f:
6f:e9:51:da:00:d7:60:08:a6:14:d0:8c:35:72:8b:48:58:e2:
c4:be:98:15:a8:9c:55:15:a7:b3:f9:9a:c7:9f:fb:2e:2c:4c:
9e:f9:03:b1:0a:2e:6b:cf:b0:94:4d:94:05:16:e1:29:95:83:
c3:24:62:e0:90:ef:c9:4e:a8:4e:69:ae:30:43:af:7a:59:81:
ee:d2:1f:5d:db:df:d0:85:50:68:af:45:b3:dd:70:22:bc:c7:
d3:7e:10:7a:a8:dd:6a:b8:eb:46:cb:72:51:6b:0d:d1:0a:a6:
af:3a:99:f2:a7:88:42:5e:41:4d:5e:85:eb:b1:e5:63:6b:66:
b4:99:cd:25:91:a2:61:7e:66:e1:19:a5:10:f5:42:4a:98:01:
ed:c3:5e:bc:e3:20:48:f9:d7:08:4d:4e:40:0b:80:bc:52:bd:
7a:f8:5e:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHKpg8wYozRNeKp+XBgQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZWJmMTRhOGU1NGYxMmRkOGIyNDUzNTNkZjY4M2UxODJh
MDk2YzUwHhcNMjMwMTAxMDY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjYxNWI4YzUyNTBlZjRjNWUyMTYzOTkyYTI2MzE1MzAxY2EwMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSxryFvyZeFArIm44rv0ep0H9ZVf
KTwCGuZ+n3CXSJ4p60S41122X6TwmTp/aD9qsRHbQeLfbTMr0TajHAARQC3w6LkV
c478c+3EqFHd41PZ/FEAZeBwwk0EiVfaDY9VNiWIWg05h8jJkuRRyA3D0p9+v/0k
JQzmfB7AcpYLAWfXk7eX3dlAI+foISVeONdiy3E4lUSHejfTGoZKmeEW8W5z9X9f
KRwmHCtGSqsMzSZlxdVYPajy2rTwknZzgwcdmeDRsrUL2WVq47Dk0ZAlduiZJN2S
aKJ4vXc/lHrO6xSY2ZMJh7x69CwIo2G/YiPpjHvNppE+XN5byJgwd8y1AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOJhW4xSUO9MXiFjmSomMVMBygEuMB8GA1UdIwQY
MBaAFJfr8UqOVPEt2LJFNT32g+GCoJbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUt
MjQwOWFhZDA4MWQyLzEvNG1GYmpGSlE3MHhlSVdPWktpWXhVd0hLQVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUtMjQwOWFhZDA4MWQy
LzEvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzamMA0G
CSqGSIb3DQEBCwUAA4IBAQA6qhaLE/NBKhY18Ydf2lRHlUFbQd4AZXTRjcxp39RG
7axa9+9HK5uS+RH+RRmoxgpBZao7E/VEebjD/klAt8/xAJdjtbImfzQ8l2+kk/We
J6aJ/P669v9fKw9v6VHaANdgCKYU0Iw1cotIWOLEvpgVqJxVFaez+ZrHn/suLEye
+QOxCi5rz7CUTZQFFuEplYPDJGLgkO/JTqhOaa4wQ696WYHu0h9d29/QhVBor0Wz
3XAivMfTfhB6qN1quOtGy3JRaw3RCqavOpnyp4hCXkFNXoXrseVja2a0mc0lkaJh
fmbhGaUQ9UJKmAHtw1684yBI+dcITU5AC4C8Ur16+F5K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:54 2024 by rpki-client on console-fra.rpki-client.org