Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/0voiHLTcTvSTrnh7IzQnqM0MSMI.roa
File: 0voiHLTcTvSTrnh7IzQnqM0MSMI.roa (raw, json)
Hash identifier: OwF/+D6D+81VTZklX082h4OA6gHuGcGZicVGndr3aFw=
Subject key identifier: D2:FA:22:1C:B4:DC:4E:F4:93:AE:78:7B:23:34:27:A8:CD:0C:48:C2
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D562D9A99E0FF77D2A1B664EA1DC81
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/0voiHLTcTvSTrnh7IzQnqM0MSMI.roa
Signing time: Mon 02 Jan 2023 04:55:10 +0000
ROA not before: Mon 02 Jan 2023 04:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62394
IP address blocks: 194.169.87.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:62:d9:a9:9e:0f:f7:7d:2a:1b:66:4e:a1:dc:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2fa221cb4dc4ef493ae787b233427a8cd0c48c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:48:b1:b4:6f:d1:65:5f:23:09:30:19:f4:82:
4b:77:0c:0a:2d:15:17:54:e2:a9:de:0c:ce:8c:ae:
bd:d7:42:33:d9:a4:f1:3f:a0:08:81:56:e9:12:6a:
63:ff:60:12:2a:2f:0e:31:f3:13:b5:0f:67:4e:49:
6d:79:26:71:17:7d:66:6c:40:fa:db:ae:23:9c:18:
b8:1c:42:4c:d7:88:b3:14:0a:92:54:fa:01:52:f4:
6f:96:cd:89:1f:b5:e7:19:2b:40:24:43:4e:e1:5c:
92:4a:f4:39:64:d2:c5:00:88:9a:c6:8c:b2:4a:60:
7b:f7:d3:51:5c:82:28:b7:45:d1:81:a3:5c:b8:a6:
24:61:99:93:1c:84:33:1c:b6:72:88:a6:93:5d:8e:
05:f6:4c:01:50:68:1d:0d:eb:ea:06:0f:a1:ba:e5:
e4:73:5e:ba:fd:c1:68:7a:dc:60:61:3e:b6:15:fc:
e3:1a:d1:fe:b0:a0:bf:d1:42:be:35:01:aa:03:0b:
96:bc:e4:99:9a:71:0a:45:e3:05:b0:e1:9c:aa:5c:
1e:ec:53:13:ba:bb:bd:e7:d3:44:00:df:af:b6:4b:
84:e7:ca:f9:8a:de:59:22:f3:9a:ad:ab:36:27:19:
22:ff:1f:66:f9:36:76:f3:c5:5d:e2:38:89:62:01:
1b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FA:22:1C:B4:DC:4E:F4:93:AE:78:7B:23:34:27:A8:CD:0C:48:C2
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/0voiHLTcTvSTrnh7IzQnqM0MSMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.87.0/24
Signature Algorithm: sha256WithRSAEncryption
47:6a:b0:2b:39:27:d5:03:03:93:fc:55:7b:f6:ed:b0:8d:86:
cd:5d:6b:1b:59:55:40:ec:d5:e1:12:b5:b4:3d:f3:58:35:d2:
87:db:aa:85:89:59:18:26:14:15:fc:3a:02:32:cf:ba:87:d5:
b2:24:d9:a9:d5:de:1b:5b:8a:c8:e8:95:68:f2:f0:f9:d1:35:
1e:49:21:61:8b:8f:df:5a:30:e0:36:65:6d:50:23:31:cc:e8:
8a:0a:31:64:f8:71:fb:c3:39:83:f5:d7:75:9c:77:f9:36:15:
ba:6e:d1:3b:d9:13:7f:22:87:b4:44:97:66:26:9f:28:d8:3b:
09:59:56:8e:2f:ac:6c:b8:19:ec:22:c7:5d:e5:32:9c:ee:ac:
61:a7:4c:55:42:f9:af:2a:09:82:51:05:84:a9:e0:90:89:ee:
0d:63:0f:59:86:c6:d0:26:7e:a4:5c:fc:0e:5d:57:24:a1:66:
8b:6e:76:10:d4:35:eb:22:88:5a:fc:e5:a9:c0:8b:fa:10:c2:
5b:7f:5c:84:03:cc:e6:81:bd:63:df:a2:04:c4:58:c9:0d:e2:
ef:6c:bb:1c:22:1e:89:1e:6a:05:ec:4e:d4:1d:dc:20:b7:65:
be:c3:9e:db:2b:15:4f:7a:fc:64:30:a5:df:ce:7d:e5:7d:ef:
29:e4:04:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1WLZqZ4P930qG2ZOodyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZhMjIxY2I0ZGM0ZWY0OTNhZTc4N2IyMzM0MjdhOGNkMGM0OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEixtG/RZV8jCTAZ9IJLdwwKLRUX
VOKp3gzOjK6910Iz2aTxP6AIgVbpEmpj/2ASKi8OMfMTtQ9nTklteSZxF31mbED6
264jnBi4HEJM14izFAqSVPoBUvRvls2JH7XnGStAJENO4VySSvQ5ZNLFAIiaxoyy
SmB799NRXIIot0XRgaNcuKYkYZmTHIQzHLZyiKaTXY4F9kwBUGgdDevqBg+huuXk
c166/cFoetxgYT62FfzjGtH+sKC/0UK+NQGqAwuWvOSZmnEKReMFsOGcqlwe7FMT
uru959NEAN+vtkuE58r5it5ZIvOaras2Jxki/x9m+TZ288Vd4jiJYgEb+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNL6Ihy03E70k654eyM0J6jNDEjCMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvMHZvaUhMVGNUdlNUcm5oN0l6UW5xTTBNU01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqlXMA0G
CSqGSIb3DQEBCwUAA4IBAQBHarArOSfVAwOT/FV79u2wjYbNXWsbWVVA7NXhErW0
PfNYNdKH26qFiVkYJhQV/DoCMs+6h9WyJNmp1d4bW4rI6JVo8vD50TUeSSFhi4/f
WjDgNmVtUCMxzOiKCjFk+HH7wzmD9dd1nHf5NhW6btE72RN/Ioe0RJdmJp8o2DsJ
WVaOL6xsuBnsIsdd5TKc7qxhp0xVQvmvKgmCUQWEqeCQie4NYw9ZhsbQJn6kXPwO
XVckoWaLbnYQ1DXrIoha/OWpwIv6EMJbf1yEA8zmgb1j36IExFjJDeLvbLscIh6J
HmoF7E7UHdwgt2W+w57bKxVPevxkMKXfzn3lfe8p5AQQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org