Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/RSXMWjv20jwX_Fk1tEUm_uu-8IU.roa
File: RSXMWjv20jwX_Fk1tEUm_uu-8IU.roa (raw, json)
Hash identifier: gyI/ARgxxHUN+6HVPTO3y46qlzHRHefBmnusrlNV2Fc=
Subject key identifier: 45:25:CC:5A:3B:F6:D2:3C:17:FC:59:35:B4:45:26:FE:EB:BE:F0:85
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018E07A74DABA911B2FDEEE9612CDE8FF1BF
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/RSXMWjv20jwX_Fk1tEUm_uu-8IU.roa
Signing time: Mon 04 Mar 2024 04:09:48 +0000
ROA not before: Mon 04 Mar 2024 04:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205516
IP address blocks: 193.43.250.0/24 maxlen: 24
193.106.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:07:a7:4d:ab:a9:11:b2:fd:ee:e9:61:2c:de:8f:f1:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Mar 4 04:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4525cc5a3bf6d23c17fc5935b44526feebbef085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:97:1c:9a:1f:2e:01:7d:db:7a:ec:08:e7:e9:
cd:eb:76:0b:08:a4:a8:d4:c7:ce:52:9d:72:ba:38:
f7:7f:cb:ca:13:1c:bc:57:29:b4:c7:95:57:d4:fa:
12:4b:b6:57:fa:0b:e9:1d:a3:2f:62:e5:17:c1:0a:
60:40:00:d4:2a:d9:55:36:ea:74:a7:40:b4:1d:5a:
75:73:0d:51:d6:77:95:be:16:21:b6:9a:81:cc:31:
e8:e6:ca:0a:18:02:2e:7e:7c:65:a8:a1:57:43:83:
c4:c7:35:c0:31:fb:fd:ff:ee:8a:2d:39:06:73:3e:
ab:12:fb:1e:ed:a2:41:20:7a:4f:71:ea:75:62:24:
78:d6:d8:90:ea:57:f6:8e:a2:4b:b9:07:f1:54:58:
ae:e0:10:38:c6:f6:a9:64:6e:3e:06:6a:21:ad:bc:
4d:d5:da:2b:03:cb:2d:00:ed:9f:54:46:e5:7d:97:
fc:65:0b:71:80:5a:ed:b5:16:e7:86:c3:01:3c:b3:
39:9c:f8:2f:42:98:68:2c:2e:fd:70:4e:de:ae:eb:
a1:a3:72:9b:b2:a2:4b:f5:4f:02:03:24:10:c6:b2:
e4:c9:f3:d9:de:b1:da:1a:41:59:1e:2b:7e:50:52:
ce:5d:9f:74:1e:ac:ab:36:c4:89:b2:e8:11:d8:50:
db:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:25:CC:5A:3B:F6:D2:3C:17:FC:59:35:B4:45:26:FE:EB:BE:F0:85
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/RSXMWjv20jwX_Fk1tEUm_uu-8IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.250.0/24
193.106.99.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:88:83:96:77:9a:f5:ef:b0:df:69:c2:45:c8:8a:df:23:f0:
e8:c8:68:57:e9:69:a5:93:15:4a:bc:bf:44:9c:2f:2b:93:ae:
d7:4e:41:aa:2c:20:c2:7c:bc:52:0a:f1:64:f6:6f:7b:93:0c:
14:3f:8b:8b:71:70:c7:58:8f:bd:af:0d:bc:dd:dd:14:5e:08:
a2:ef:a9:d7:fc:b0:66:b8:1a:f8:e2:0a:40:34:94:9b:43:2f:
b0:d8:e7:f3:fb:35:2a:95:b9:88:19:1b:02:86:36:96:3b:ff:
e8:56:37:c1:04:15:96:08:2d:1e:c1:9c:48:77:9e:28:0e:e6:
8c:7a:50:34:05:a8:3b:71:91:df:6b:9e:65:80:e2:4a:be:ea:
2c:98:8a:a2:37:6e:8d:bb:06:35:bf:ad:d0:a5:c2:d3:20:68:
51:c8:1b:7f:d9:16:50:04:c5:8b:c5:61:84:dd:2c:e1:44:76:
f6:28:cf:b0:a8:f6:1c:53:5a:8d:bf:2f:30:11:86:48:60:0b:
87:16:27:8f:95:bd:0b:96:5e:ab:0a:ae:c4:b7:56:88:8b:a5:
ea:06:7d:34:68:fd:e8:1d:66:ea:64:4b:9c:f9:79:a5:d4:91:
bb:82:ab:9f:01:57:1e:49:4e:36:e2:fc:80:ff:df:76:9b:54:
d8:7c:29:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4Hp02rqRGy/e7pYSzej/G/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQwMzA0MDQwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTI1Y2M1YTNiZjZkMjNjMTdmYzU5MzViNDQ1MjZmZWViYmVmMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZccmh8uAX3beuwI5+nN63YLCKSo
1MfOUp1yujj3f8vKExy8Vym0x5VX1PoSS7ZX+gvpHaMvYuUXwQpgQADUKtlVNup0
p0C0HVp1cw1R1neVvhYhtpqBzDHo5soKGAIufnxlqKFXQ4PExzXAMfv9/+6KLTkG
cz6rEvse7aJBIHpPcep1YiR41tiQ6lf2jqJLuQfxVFiu4BA4xvapZG4+BmohrbxN
1dorA8stAO2fVEblfZf8ZQtxgFrttRbnhsMBPLM5nPgvQphoLC79cE7eruuho3Kb
sqJL9U8CAyQQxrLkyfPZ3rHaGkFZHit+UFLOXZ90HqyrNsSJsugR2FDb9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEUlzFo79tI8F/xZNbRFJv7rvvCFMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvUlNYTVdqdjIwandYX0ZrMXRFVW1fdXUtOElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSv6AwQA
wWpjMA0GCSqGSIb3DQEBCwUAA4IBAQDFiIOWd5r177DfacJFyIrfI/DoyGhX6Wml
kxVKvL9EnC8rk67XTkGqLCDCfLxSCvFk9m97kwwUP4uLcXDHWI+9rw283d0UXgii
76nX/LBmuBr44gpANJSbQy+w2Ofz+zUqlbmIGRsChjaWO//oVjfBBBWWCC0ewZxI
d54oDuaMelA0Bag7cZHfa55lgOJKvuosmIqiN26NuwY1v63QpcLTIGhRyBt/2RZQ
BMWLxWGE3SzhRHb2KM+wqPYcU1qNvy8wEYZIYAuHFiePlb0Lll6rCq7Et1aIi6Xq
Bn00aP3oHWbqZEuc+Xml1JG7gqufAVceSU424vyA/992m1TYfCno
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org