Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/D3Bi0KGN105EbQPiKVPHJEr8XIc.roa
File: D3Bi0KGN105EbQPiKVPHJEr8XIc.roa (raw, json)
Hash identifier: 9uxX3/xVceksCH3QKgH0znzl/GKvXKL5cjLU6BQ/oxc=
Subject key identifier: 0F:70:62:D0:A1:8D:D7:4E:44:6D:03:E2:29:53:C7:24:4A:FC:5C:87
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 067E6E04
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/D3Bi0KGN105EbQPiKVPHJEr8XIc.roa
Signing time: Fri 25 Mar 2022 18:32:16 +0000
ROA not before: Fri 25 Mar 2022 18:32:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35830
IP address blocks: 193.56.67.0/24 maxlen: 24
193.56.75.0/24 maxlen: 24
91.243.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108948996 (0x67e6e04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 25 18:32:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f7062d0a18dd74e446d03e22953c7244afc5c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8a:bc:f6:a7:5c:ce:c7:f2:95:a8:f9:8e:74:
3f:c2:80:3d:fc:2e:20:bb:1b:16:d3:05:28:8a:f9:
f3:14:de:b6:15:c1:0d:a3:ec:c9:8f:70:10:cf:20:
60:9d:00:bb:48:43:49:3e:db:78:f0:18:75:73:8a:
67:78:c9:8e:fd:d5:cd:b3:d2:d8:63:42:41:f9:ab:
04:82:45:82:a3:5b:e0:c1:3c:2a:5a:94:42:17:4a:
dd:c2:3e:66:56:68:c4:c8:a0:fd:31:fd:c8:1d:78:
e7:ed:cd:68:12:00:ac:ea:58:4a:ab:81:90:53:e5:
2e:24:8a:45:3e:1a:4d:60:ea:5a:84:64:cf:e5:50:
c3:2e:0b:a3:5d:b6:fc:51:cb:35:25:c9:d4:5a:58:
b8:e7:a7:f0:e8:31:7d:e7:1e:33:6d:9a:1e:9e:16:
87:eb:fb:dd:d8:4f:54:5c:cd:b9:e0:c2:58:1b:47:
c9:b2:d5:45:72:70:d0:7d:ec:74:53:89:9b:f0:21:
1c:a3:f1:f2:b4:e1:de:e7:fa:b3:c2:ec:83:4d:df:
82:56:7e:36:9c:b1:a0:e3:b8:88:9d:ce:a0:e7:9d:
2d:ee:fb:b4:f6:fb:27:f4:e1:80:06:fa:ff:14:cd:
c1:fb:8d:b0:01:02:8b:c9:ba:28:24:29:0b:00:a3:
69:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:70:62:D0:A1:8D:D7:4E:44:6D:03:E2:29:53:C7:24:4A:FC:5C:87
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/D3Bi0KGN105EbQPiKVPHJEr8XIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.190.0/24
193.56.67.0/24
193.56.75.0/24
Signature Algorithm: sha256WithRSAEncryption
56:48:ab:14:8f:cb:39:45:2f:e4:29:c8:51:dc:ed:46:cb:5c:
ef:86:28:3d:e7:c0:d9:93:ab:40:e1:b0:1e:d8:80:f6:ca:9d:
3f:2a:b5:27:f5:f0:7d:d0:76:f6:7a:a4:ba:29:c2:37:9e:f6:
87:8e:35:76:7d:7f:09:75:56:41:f8:13:99:a3:3b:4a:e2:c6:
3f:b9:60:c1:f9:19:dd:db:b1:bf:91:4a:d7:97:73:a7:4b:b4:
3e:37:db:ee:b1:bf:09:c2:a0:4c:65:25:45:80:95:fa:9a:ea:
c8:1e:bb:97:82:10:b8:b2:01:92:f7:79:a7:54:d4:fa:1c:11:
83:97:7a:cb:eb:44:4c:6c:5d:8a:6e:d6:cc:99:72:2b:41:ce:
18:a8:02:6f:60:7e:26:ce:2d:09:c8:51:4a:d3:b5:85:49:7d:
13:02:7a:76:4a:1b:d5:4c:54:13:01:d7:88:81:3b:99:12:52:
62:9d:6f:29:fa:37:f2:e3:ba:00:35:d9:b7:b0:ff:da:1b:44:
40:a0:bc:e6:a9:c2:a9:0f:86:62:90:d2:37:ed:ac:c3:80:d4:
43:63:13:00:22:96:79:3e:16:54:61:0b:86:4c:1f:cf:ef:31:
61:3c:d9:07:cf:15:d4:2d:28:00:e3:d0:f3:a9:8e:e6:d0:8a:
b4:08:8c:a4
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBn5uBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDMy
NTE4MzIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY3MDYyZDBhMThk
ZDc0ZTQ0NmQwM2UyMjk1M2M3MjQ0YWZjNWM4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGKvPanXM7H8pWo+Y50P8KAPfwuILsbFtMFKIr58xTethXB
DaPsyY9wEM8gYJ0Au0hDST7bePAYdXOKZ3jJjv3VzbPS2GNCQfmrBIJFgqNb4ME8
KlqUQhdK3cI+ZlZoxMig/TH9yB145+3NaBIArOpYSquBkFPlLiSKRT4aTWDqWoRk
z+VQwy4Lo122/FHLNSXJ1FpYuOen8OgxfeceM22aHp4Wh+v73dhPVFzNueDCWBtH
ybLVRXJw0H3sdFOJm/AhHKPx8rTh3uf6s8Lsg03fglZ+NpyxoOO4iJ3OoOedLe77
tPb7J/ThgAb6/xTNwfuNsAECi8m6KCQpCwCjad8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQPcGLQoY3XTkRtA+IpU8ckSvxchzAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L0QzQmkwS0dOMTA1RWJRUGlLVlBISkVyOFhJYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvzvgMEAME4QwMEAME4SzANBgkq
hkiG9w0BAQsFAAOCAQEAVkirFI/LOUUv5CnIUdztRstc74YoPefA2ZOrQOGwHtiA
9sqdPyq1J/XwfdB29nqkuinCN572h441dn1/CXVWQfgTmaM7SuLGP7lgwfkZ3dux
v5FK15dzp0u0Pjfb7rG/CcKgTGUlRYCV+prqyB67l4IQuLIBkvd5p1TU+hwRg5d6
y+tETGxdim7WzJlyK0HOGKgCb2B+Js4tCchRStO1hUl9EwJ6dkob1UxUEwHXiIE7
mRJSYp1vKfo38uO6ADXZt7D/2htEQKC85qnCqQ+GYpDSN+2sw4DUQ2MTACKWeT4W
VGELhkwfz+8xYTzZB88V1C0oAOPQ86mO5tCKtAiMpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org