Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/7b1ef8-a377-4e59-a55c-19b2fbeaea4c/1/PWuHhI8U0wLjSt_CDv6_vJG9-J8.roa
File: PWuHhI8U0wLjSt_CDv6_vJG9-J8.roa (raw, json)
Hash identifier: c7jxg6zz70qyyZD6Md+cttiL4ARO0F1bpyUSJkVJ0pw=
Subject key identifier: 3D:6B:87:84:8F:14:D3:02:E3:4A:DF:C2:0E:FE:BF:BC:91:BD:F8:9F
Certificate issuer: /CN=283dc03f2c2e73903a503e77accf7d3c752be971
Certificate serial: 018CC26D58A2C00D1C83AF0D26A036D1984E
Authority key identifier: 28:3D:C0:3F:2C:2E:73:90:3A:50:3E:77:AC:CF:7D:3C:75:2B:E9:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KD3APywuc5A6UD53rM99PHUr6XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/7b1ef8-a377-4e59-a55c-19b2fbeaea4c/1/PWuHhI8U0wLjSt_CDv6_vJG9-J8.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30742
IP address blocks: 193.176.72.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:58:a2:c0:0d:1c:83:af:0d:26:a0:36:d1:98:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283dc03f2c2e73903a503e77accf7d3c752be971
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d6b87848f14d302e34adfc20efebfbc91bdf89f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b8:81:b0:02:2d:ec:e2:9d:48:d8:16:74:f4:
04:f4:12:2e:b3:8a:e0:bd:22:b6:46:c4:a1:4d:dc:
5e:ae:60:a8:48:a0:ff:70:d8:79:98:e8:ed:be:c4:
86:06:97:27:22:45:45:56:71:b3:ce:07:54:34:5f:
f3:82:b9:49:67:82:8e:d6:60:d3:59:73:8a:24:f4:
7f:61:85:4a:20:93:42:e0:cb:85:a4:79:a5:a6:56:
ed:0d:dd:74:2d:60:e9:b2:d7:13:73:1c:c3:84:8a:
fa:0f:12:3b:f8:1a:7d:0b:a0:e7:31:f8:b2:45:b2:
86:ab:4d:46:67:e2:ac:94:93:bc:b3:7b:db:05:e8:
ea:40:a3:22:08:c9:ab:22:75:50:37:84:e7:b3:a5:
e2:0c:28:df:58:74:08:38:8e:49:27:8a:44:6c:5d:
79:23:2e:c2:f2:63:14:07:60:44:20:34:b4:71:37:
b7:14:e7:d2:ef:b1:b3:10:cb:91:98:5a:84:53:20:
07:05:f4:05:b8:d6:86:d5:f4:34:ed:35:c2:a2:64:
0e:da:fd:73:34:18:75:77:bd:e9:24:eb:9e:d6:13:
cf:b3:6e:0f:fb:2d:6e:47:98:e5:13:7f:31:bf:05:
cc:b0:ce:7c:07:d0:8f:bf:82:87:81:e8:ce:7f:b0:
58:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6B:87:84:8F:14:D3:02:E3:4A:DF:C2:0E:FE:BF:BC:91:BD:F8:9F
X509v3 Authority Key Identifier:
keyid:28:3D:C0:3F:2C:2E:73:90:3A:50:3E:77:AC:CF:7D:3C:75:2B:E9:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KD3APywuc5A6UD53rM99PHUr6XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/7b1ef8-a377-4e59-a55c-19b2fbeaea4c/1/PWuHhI8U0wLjSt_CDv6_vJG9-J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/7b1ef8-a377-4e59-a55c-19b2fbeaea4c/1/KD3APywuc5A6UD53rM99PHUr6XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.72.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:43:0a:e4:8b:0a:2c:92:0e:9b:f7:15:dd:b8:bd:b3:2c:1d:
14:cd:e7:84:71:22:e8:03:53:ff:39:af:69:b2:71:25:70:3c:
24:ad:2f:0e:3c:20:30:f7:1e:dd:27:c8:e6:70:d8:40:08:51:
a4:62:25:a3:5f:99:0b:21:d0:a2:61:ce:c8:92:b8:e9:b1:fc:
f4:c0:61:d2:5b:6f:10:dc:a4:6e:18:22:1d:3d:66:f3:53:73:
ca:12:36:1e:4f:58:25:ba:07:bd:3d:bf:fc:2d:fd:dc:c7:6c:
8b:f3:d5:01:55:2a:c9:ee:a3:40:36:63:87:0e:ad:89:30:ef:
5e:96:25:e1:0d:e0:0d:df:25:4f:41:f7:2d:21:02:9c:e7:2e:
90:4d:43:96:9d:54:bf:18:06:f6:a1:6a:42:eb:50:17:77:6b:
f8:35:db:55:0d:bc:22:3d:32:b4:25:07:1c:07:15:55:8c:8d:
5f:8f:df:a4:68:66:a1:25:25:92:5e:6c:ab:5b:a7:e0:94:21:
ba:39:46:7f:bb:08:78:57:3d:08:44:66:8a:d8:be:ab:e4:da:
29:ca:bd:78:5a:23:61:53:2a:b8:20:dc:8f:20:c9:a2:6c:cb:
8d:2e:59:24:e6:04:bf:da:4e:2e:02:a0:ff:b8:84:9b:8c:8b:
19:38:b0:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbViiwA0cg68NJqA20ZhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4M2RjMDNmMmMyZTczOTAzYTUwM2U3N2FjY2Y3ZDNjNzUy
YmU5NzEwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDZiODc4NDhmMTRkMzAyZTM0YWRmYzIwZWZlYmZiYzkxYmRmODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLiBsAIt7OKdSNgWdPQE9BIus4rg
vSK2RsShTdxermCoSKD/cNh5mOjtvsSGBpcnIkVFVnGzzgdUNF/zgrlJZ4KO1mDT
WXOKJPR/YYVKIJNC4MuFpHmlplbtDd10LWDpstcTcxzDhIr6DxI7+Bp9C6DnMfiy
RbKGq01GZ+KslJO8s3vbBejqQKMiCMmrInVQN4Tns6XiDCjfWHQIOI5JJ4pEbF15
Iy7C8mMUB2BEIDS0cTe3FOfS77GzEMuRmFqEUyAHBfQFuNaG1fQ07TXComQO2v1z
NBh1d73pJOue1hPPs24P+y1uR5jlE38xvwXMsM58B9CPv4KHgejOf7BYAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1rh4SPFNMC40rfwg7+v7yRvfifMB8GA1UdIwQY
MBaAFCg9wD8sLnOQOlA+d6zPfTx1K+lxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0QzQVB5d3VjNUE2VUQ1M3JNOTlQSFVyNlhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC83YjFlZjgtYTM3Ny00ZTU5LWE1NWMt
MTliMmZiZWFlYTRjLzEvUFd1SGhJOFUwd0xqU3RfQ0R2Nl92Skc5LUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC83YjFlZjgtYTM3Ny00ZTU5LWE1NWMtMTliMmZiZWFlYTRj
LzEvS0QzQVB5d3VjNUE2VUQ1M3JNOTlQSFVyNlhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwbBIMA0G
CSqGSIb3DQEBCwUAA4IBAQC4Qwrkiwoskg6b9xXduL2zLB0UzeeEcSLoA1P/Oa9p
snElcDwkrS8OPCAw9x7dJ8jmcNhACFGkYiWjX5kLIdCiYc7Ikrjpsfz0wGHSW28Q
3KRuGCIdPWbzU3PKEjYeT1gluge9Pb/8Lf3cx2yL89UBVSrJ7qNANmOHDq2JMO9e
liXhDeAN3yVPQfctIQKc5y6QTUOWnVS/GAb2oWpC61AXd2v4NdtVDbwiPTK0JQcc
BxVVjI1fj9+kaGahJSWSXmyrW6fglCG6OUZ/uwh4Vz0IRGaK2L6r5Nopyr14WiNh
Uyq4INyPIMmibMuNLlkk5gS/2k4uAqD/uISbjIsZOLCs
-----END CERTIFICATE-----
Generated at Fri Nov 1 14:34:50 2024 by rpki-client on console-fra.rpki-client.org