Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3ySnumh7-VvcFkw44GctbvDWAac.roa
File: 3ySnumh7-VvcFkw44GctbvDWAac.roa (raw, json)
Hash identifier: NTopzCAZbKrU4vPR2s9YbgB97NNFmxVgE6JQC6pz6iQ=
Subject key identifier: DF:24:A7:BA:68:7B:F9:5B:DC:16:4C:38:E0:67:2D:6E:F0:D6:01:A7
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D54DEB15E1267086B3DA19436303E5
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3ySnumh7-VvcFkw44GctbvDWAac.roa
Signing time: Mon 02 Jan 2023 04:55:05 +0000
ROA not before: Mon 02 Jan 2023 04:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 193.148.61.0/24 maxlen: 24
193.148.63.0/24 maxlen: 24
194.32.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:4d:eb:15:e1:26:70:86:b3:da:19:43:63:03:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df24a7ba687bf95bdc164c38e0672d6ef0d601a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:53:0b:49:99:91:68:dd:b4:cb:20:80:55:e4:
04:e0:d8:36:88:73:4d:c1:fe:c8:8c:61:e8:2f:af:
50:27:c2:2b:c4:4e:dd:95:6a:34:bd:79:f3:71:3c:
28:25:53:c9:a3:cb:f1:75:90:2f:63:a2:e4:18:97:
1c:21:69:c4:45:a4:d0:52:99:b0:93:7f:8b:9a:92:
00:3c:88:5e:7f:58:48:32:ec:e5:50:cc:b2:fd:5b:
63:7f:67:18:b2:02:d7:19:8f:9c:f9:e3:cc:b4:2f:
55:fd:d7:65:76:f6:f8:59:5c:1f:1b:58:33:41:0a:
fa:88:13:b6:af:66:55:cc:a6:a0:0a:b7:bd:fd:d4:
99:6c:b1:b8:ee:a6:18:70:65:66:cc:6b:2f:6c:ce:
c8:b9:37:7d:e8:da:fb:29:30:0e:66:44:c6:87:a2:
2b:9d:08:ee:93:33:c3:30:7c:76:9c:37:4c:e5:a9:
74:0e:17:f5:00:4e:aa:fb:9e:a7:58:46:13:04:0c:
5f:bd:2a:bb:a9:aa:a7:e1:77:b0:93:51:4d:00:f6:
fc:34:fd:7d:ed:90:95:0d:62:fb:63:e9:9f:bd:8a:
3e:74:83:d7:af:3f:f4:db:87:07:4f:86:76:eb:cc:
03:05:0f:c5:54:a7:aa:3e:f0:2b:ba:99:52:bb:42:
c2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:24:A7:BA:68:7B:F9:5B:DC:16:4C:38:E0:67:2D:6E:F0:D6:01:A7
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3ySnumh7-VvcFkw44GctbvDWAac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.61.0/24
193.148.63.0/24
194.32.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:98:d0:8c:83:0b:e9:90:0b:dd:d5:6e:02:a8:25:af:56:1f:
3a:fb:c7:8d:3e:7c:06:e3:30:45:51:40:3e:c4:bf:2b:08:ce:
bf:11:07:83:ba:a6:ad:e8:c2:12:c1:2f:3c:60:07:35:37:ef:
53:17:01:70:01:55:ee:04:89:3e:76:43:19:5c:6b:c0:61:60:
b0:f6:f7:0e:e3:58:d5:4f:de:18:33:bb:61:07:28:eb:cb:60:
3e:57:30:c6:70:0d:84:a6:f5:c0:f3:bf:80:a2:12:15:d4:0e:
0e:85:49:d6:3d:dd:81:f1:90:25:27:a4:38:18:c9:09:98:8e:
1b:e2:f3:42:66:68:40:78:84:37:3e:4a:73:40:7c:b3:60:17:
4a:41:24:2b:e9:e1:81:6e:68:4e:97:1e:c4:2b:c1:5a:d4:87:
f1:97:2e:24:d7:e7:1b:61:00:2d:3d:34:b5:8f:0c:93:4f:0b:
07:d9:7d:75:86:0c:b4:61:f0:37:68:9e:37:45:7e:9a:38:7e:
9a:5e:ef:c6:6c:08:27:ba:71:00:69:f7:ca:dc:32:29:8b:c7:
5f:3f:f8:e4:27:db:48:e9:33:48:32:b8:cf:be:ff:f3:b2:fd:
d0:ab:ea:42:3c:cf:24:63:7e:44:ae:bc:8b:86:bc:52:74:69:
a6:65:97:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw1U3rFeEmcIaz2hlDYwPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjI0YTdiYTY4N2JmOTViZGMxNjRjMzhlMDY3MmQ2ZWYwZDYwMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFMLSZmRaN20yyCAVeQE4Ng2iHNN
wf7IjGHoL69QJ8IrxE7dlWo0vXnzcTwoJVPJo8vxdZAvY6LkGJccIWnERaTQUpmw
k3+LmpIAPIhef1hIMuzlUMyy/Vtjf2cYsgLXGY+c+ePMtC9V/ddldvb4WVwfG1gz
QQr6iBO2r2ZVzKagCre9/dSZbLG47qYYcGVmzGsvbM7IuTd96Nr7KTAOZkTGh6Ir
nQjukzPDMHx2nDdM5al0Dhf1AE6q+56nWEYTBAxfvSq7qaqn4Xewk1FNAPb8NP19
7ZCVDWL7Y+mfvYo+dIPXrz/024cHT4Z268wDBQ/FVKeqPvAruplSu0LCHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8kp7poe/lb3BZMOOBnLW7w1gGnMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvM3lTbnVtaDctVnZjRmt3NDRHY3RidkRXQWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwZQ9AwQA
wZQ/AwQAwiB/MA0GCSqGSIb3DQEBCwUAA4IBAQAcmNCMgwvpkAvd1W4CqCWvVh86
+8eNPnwG4zBFUUA+xL8rCM6/EQeDuqat6MISwS88YAc1N+9TFwFwAVXuBIk+dkMZ
XGvAYWCw9vcO41jVT94YM7thByjry2A+VzDGcA2EpvXA87+AohIV1A4OhUnWPd2B
8ZAlJ6Q4GMkJmI4b4vNCZmhAeIQ3PkpzQHyzYBdKQSQr6eGBbmhOlx7EK8Fa1Ifx
ly4k1+cbYQAtPTS1jwyTTwsH2X11hgy0YfA3aJ43RX6aOH6aXu/GbAgnunEAaffK
3DIpi8dfP/jkJ9tI6TNIMrjPvv/zsv3Qq+pCPM8kY35ErryLhrxSdGmmZZcs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org