Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/BrVYtGtrOzHgqWhqdYswIQVZRxk.roa
File: BrVYtGtrOzHgqWhqdYswIQVZRxk.roa (raw, json)
Hash identifier: qh2drbcACv5l30JxhHgIds+ETu2+Ldb85LNIHEUhvyY=
Subject key identifier: 06:B5:58:B4:6B:6B:3B:31:E0:A9:68:6A:75:8B:30:21:05:59:47:19
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01853FD9E2C6EC29DA6C56D9A3D6EB63901D
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/BrVYtGtrOzHgqWhqdYswIQVZRxk.roa
Signing time: Fri 23 Dec 2022 16:38:42 +0000
ROA not before: Fri 23 Dec 2022 16:38:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14576
IP address blocks: 193.56.64.0/24 maxlen: 24
193.56.66.0/24 maxlen: 24
193.56.65.0/24 maxlen: 24
193.56.74.0/24 maxlen: 24
193.56.73.0/24 maxlen: 24
193.56.72.0/24 maxlen: 24
213.166.76.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:d9:e2:c6:ec:29:da:6c:56:d9:a3:d6:eb:63:90:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Dec 23 16:38:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06b558b46b6b3b31e0a9686a758b302105594719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:54:4c:44:b7:a3:05:cb:43:27:88:84:04:
92:b8:d6:2f:2e:6c:88:d7:4f:aa:b4:10:bc:49:ec:
49:60:90:57:19:f9:6d:3d:05:78:d0:c6:f8:5e:1d:
08:74:56:62:d5:b6:bc:79:a2:be:75:60:b8:5e:27:
e0:2c:33:09:70:77:6c:4d:74:57:53:eb:f2:f1:19:
a5:3d:23:47:f3:a4:de:b8:91:d5:5f:06:87:4a:39:
62:a7:2c:e1:b8:39:fa:7b:0f:e9:04:30:1e:c7:66:
db:1c:6a:e9:57:47:a6:6f:22:f8:00:cd:d4:a5:3e:
5a:44:b3:4a:59:72:4a:77:4b:97:d8:9c:71:18:af:
bf:a8:e1:7e:8e:3b:00:e2:a9:b7:ab:89:6c:4b:88:
1c:2c:ce:a3:03:8c:48:6d:e7:65:b0:2e:d2:3a:54:
f5:51:77:3f:5b:9a:e6:31:59:cf:0d:79:55:2b:f2:
73:fa:22:3b:5f:94:56:04:e1:d1:6e:4c:6a:7c:cd:
35:dd:b7:c9:ea:ac:81:11:2c:5d:1b:89:f8:4d:25:
0b:89:29:32:a5:c2:a2:85:09:71:c9:3e:cc:05:13:
00:e8:95:bb:a4:bd:12:05:b0:83:e5:7d:7d:26:07:
0c:67:c0:d6:fa:d6:53:5c:67:f8:0b:c9:63:c3:b0:
0a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B5:58:B4:6B:6B:3B:31:E0:A9:68:6A:75:8B:30:21:05:59:47:19
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/BrVYtGtrOzHgqWhqdYswIQVZRxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.64.0-193.56.66.255
193.56.72.0-193.56.74.255
213.166.76.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:23:cf:6d:16:99:3b:32:18:00:05:06:4e:3b:9d:11:3a:8b:
43:d6:62:5d:39:46:55:8c:fb:53:2f:50:da:bb:c3:1a:03:1c:
fe:23:e1:e6:cb:43:e6:45:c1:c6:fa:0d:a4:1c:79:a4:30:4f:
52:68:6b:e7:b4:12:c5:e3:01:8d:52:86:7c:80:e5:f8:af:5a:
e7:6f:9d:9a:77:ea:03:c4:f5:2d:0e:dd:98:69:42:4e:6c:1c:
f5:c7:29:56:22:b5:51:8b:7f:19:95:05:53:dd:69:56:8d:d1:
d3:b9:97:88:f3:79:a0:4c:64:9f:82:cb:51:8a:fe:15:b3:1f:
c8:18:61:41:4c:2a:67:08:25:bb:fe:fb:69:08:53:e5:7f:44:
bd:d2:05:54:0c:78:ec:de:c2:ab:41:8f:00:8d:b0:7f:cc:8d:
36:e0:5b:5a:55:1d:57:da:c9:df:03:8a:0f:fe:98:45:f3:a3:
2d:40:b1:21:40:c2:d0:2f:55:0f:72:15:df:c4:f7:0b:7d:e4:
65:8f:a4:8c:ff:83:97:37:ae:f0:5b:1b:fd:ca:05:ce:06:8a:
73:e8:53:49:1d:74:f4:4f:54:53:5b:24:0c:60:20:9c:5e:0a:
c6:99:bf:25:e3:7f:42:be:48:1c:0c:de:a4:c6:66:61:2e:77:
be:31:8f:cb
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYU/2eLG7CnabFbZo9brY5AdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIxMjIzMTYzODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI1NThiNDZiNmIzYjMxZTBhOTY4NmE3NThiMzAyMTA1NTk0NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9xUTES3owXLQyeIhASSuNYvLmyI
10+qtBC8SexJYJBXGfltPQV40Mb4Xh0IdFZi1ba8eaK+dWC4XifgLDMJcHdsTXRX
U+vy8RmlPSNH86TeuJHVXwaHSjlipyzhuDn6ew/pBDAex2bbHGrpV0embyL4AM3U
pT5aRLNKWXJKd0uX2JxxGK+/qOF+jjsA4qm3q4lsS4gcLM6jA4xIbedlsC7SOlT1
UXc/W5rmMVnPDXlVK/Jz+iI7X5RWBOHRbkxqfM013bfJ6qyBESxdG4n4TSULiSky
pcKihQlxyT7MBRMA6JW7pL0SBbCD5X19JgcMZ8DW+tZTXGf4C8ljw7AKTQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAa1WLRrazsx4KloanWLMCEFWUcZMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvQnJWWXRHdHJPekhncVdocWRZc3dJUVZaUnhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAbBOEAD
BADBOEIwDAMEA8E4SAMEAME4SgMEAtWmTDANBgkqhkiG9w0BAQsFAAOCAQEALCPP
bRaZOzIYAAUGTjudETqLQ9ZiXTlGVYz7Uy9Q2rvDGgMc/iPh5stD5kXBxvoNpBx5
pDBPUmhr57QSxeMBjVKGfIDl+K9a52+dmnfqA8T1LQ7dmGlCTmwc9ccpViK1UYt/
GZUFU91pVo3R07mXiPN5oExkn4LLUYr+FbMfyBhhQUwqZwglu/77aQhT5X9EvdIF
VAx47N7Cq0GPAI2wf8yNNuBbWlUdV9rJ3wOKD/6YRfOjLUCxIUDC0C9VD3IV38T3
C33kZY+kjP+Dlzeu8Fsb/coFzgaKc+hTSR109E9UU1skDGAgnF4Kxpm/JeN/Qr5I
HAzepMZmYS53vjGPyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org