Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/5MsbElhh92UHt9EcfE4h-QHqxmc.roa
File: 5MsbElhh92UHt9EcfE4h-QHqxmc.roa (raw, json)
Hash identifier: 08tflstSLQD5oqETdQAR7IaCNVAC+NGv8Z4ZT1Az8Ak=
Subject key identifier: E4:CB:1B:12:58:61:F7:65:07:B7:D1:1C:7C:4E:21:F9:01:EA:C6:67
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0185A24C8F2C315C8A7DD00094D690E5707B
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/5MsbElhh92UHt9EcfE4h-QHqxmc.roa
Signing time: Wed 11 Jan 2023 19:26:44 +0000
ROA not before: Wed 11 Jan 2023 19:26:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35479
IP address blocks: 194.93.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a2:4c:8f:2c:31:5c:8a:7d:d0:00:94:d6:90:e5:70:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 11 19:26:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4cb1b125861f76507b7d11c7c4e21f901eac667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:81:e1:ee:13:81:b9:e9:46:ef:86:c5:56:bd:
22:82:c4:4f:0b:75:80:60:ae:6a:23:96:e0:cc:7c:
57:09:d7:a9:e5:90:7c:19:a8:63:bf:27:31:f8:b6:
81:0b:42:c5:3c:70:47:f6:14:2f:7a:c5:d1:9c:97:
87:74:b2:60:7b:ed:2b:f7:28:a4:03:c0:d1:62:b9:
c8:6f:9f:d8:0e:7a:d2:75:fb:7f:13:f2:db:5b:0b:
3f:d8:4e:e7:d0:09:2a:84:ff:41:73:90:d6:61:28:
b0:a7:29:76:da:19:99:31:d6:59:6f:93:33:0a:0d:
ab:cb:65:53:db:1e:0f:00:ef:58:ad:c8:ce:98:a1:
3b:31:82:94:5d:d7:c1:50:0a:ea:e4:27:c1:f1:8d:
0f:bf:38:b9:a0:20:00:d2:27:53:17:69:a7:e7:27:
84:8d:a7:cb:66:4c:e2:32:c1:f8:17:40:ac:12:6e:
11:32:b1:f2:a5:93:42:7e:7e:97:81:8c:86:d0:7a:
b4:01:86:eb:68:41:49:e4:99:f2:1e:e4:79:d9:97:
17:ea:d0:d9:72:73:c3:b2:4b:d3:29:86:f6:df:f4:
47:f7:5d:d4:31:65:d2:82:b7:e0:37:99:2d:fe:61:
c0:43:38:21:60:96:da:50:1b:0b:9a:c4:3a:0f:dc:
26:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:CB:1B:12:58:61:F7:65:07:B7:D1:1C:7C:4E:21:F9:01:EA:C6:67
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/5MsbElhh92UHt9EcfE4h-QHqxmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.93.56.0/24
Signature Algorithm: sha256WithRSAEncryption
42:11:ce:5d:46:13:9e:17:98:12:de:1b:14:ca:f1:f6:0d:d5:
6f:20:b9:4a:4a:e7:95:2e:ff:5b:52:7b:55:d2:26:cf:a8:17:
fc:69:73:39:15:13:24:91:8d:bf:f2:37:0e:63:00:5a:2e:21:
b4:fd:57:0f:6b:ff:7c:02:fc:ea:fa:cd:c3:ea:07:52:37:67:
55:b9:12:1b:b4:8c:92:e0:d3:7f:b8:a6:f3:c4:4d:06:ea:bc:
2f:0a:9a:ba:e2:8b:f9:d3:b7:33:d5:21:3b:1b:ba:75:1e:ef:
c4:b4:6c:b2:8d:7b:f5:47:a8:7b:c1:94:1c:26:b5:dd:5b:28:
d4:54:55:bf:de:2f:55:73:a7:bd:22:e1:60:48:d8:f7:ba:be:
87:76:50:8c:2c:e8:a5:1f:21:e0:d1:40:0b:cb:46:c7:22:80:
00:3d:1d:3a:3b:ae:2d:14:87:ab:9f:69:23:e6:31:18:2f:c2:
5a:ff:7f:6a:a3:db:12:59:74:0a:45:de:c8:7c:a5:ef:46:21:
28:93:2a:2e:52:19:e4:14:8a:f0:51:af:97:57:0d:db:0b:ef:
79:3f:73:5b:7e:03:3c:0c:c9:75:f6:04:4b:f2:ba:f8:6e:87:
d0:fb:4e:12:76:e1:f2:70:23:b1:a8:d4:97:8b:44:6c:46:4f:
f3:97:8f:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWiTI8sMVyKfdAAlNaQ5XB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTExMTkyNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGNiMWIxMjU4NjFmNzY1MDdiN2QxMWM3YzRlMjFmOTAxZWFjNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYHh7hOBuelG74bFVr0igsRPC3WA
YK5qI5bgzHxXCdep5ZB8Gahjvycx+LaBC0LFPHBH9hQvesXRnJeHdLJge+0r9yik
A8DRYrnIb5/YDnrSdft/E/LbWws/2E7n0AkqhP9Bc5DWYSiwpyl22hmZMdZZb5Mz
Cg2ry2VT2x4PAO9YrcjOmKE7MYKUXdfBUArq5CfB8Y0Pvzi5oCAA0idTF2mn5yeE
jafLZkziMsH4F0CsEm4RMrHypZNCfn6XgYyG0Hq0AYbraEFJ5JnyHuR52ZcX6tDZ
cnPDskvTKYb23/RH913UMWXSgrfgN5kt/mHAQzghYJbaUBsLmsQ6D9wmVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTLGxJYYfdlB7fRHHxOIfkB6sZnMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvNU1zYkVsaGg5MlVIdDlFY2ZFNGgtUUhxeG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwl04MA0G
CSqGSIb3DQEBCwUAA4IBAQBCEc5dRhOeF5gS3hsUyvH2DdVvILlKSueVLv9bUntV
0ibPqBf8aXM5FRMkkY2/8jcOYwBaLiG0/VcPa/98Avzq+s3D6gdSN2dVuRIbtIyS
4NN/uKbzxE0G6rwvCpq64ov507cz1SE7G7p1Hu/EtGyyjXv1R6h7wZQcJrXdWyjU
VFW/3i9Vc6e9IuFgSNj3ur6HdlCMLOilHyHg0UALy0bHIoAAPR06O64tFIern2kj
5jEYL8Ja/39qo9sSWXQKRd7IfKXvRiEokyouUhnkFIrwUa+XVw3bC+95P3NbfgM8
DMl19gRL8rr4bofQ+04SduHycCOxqNSXi0RsRk/zl4/d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org