Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/HpHAwRddMuC-iQif3jxelDeODf0.roa
File: HpHAwRddMuC-iQif3jxelDeODf0.roa (raw, json)
Hash identifier: 6ax31zv72GbpKQHMQgMqTzptSNsy0yh12qHncyMldoA=
Subject key identifier: 1E:91:C0:C1:17:5D:32:E0:BE:89:08:9F:DE:3C:5E:94:37:8E:0D:FD
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0189784DABE1CB8E8AEC3F585A70323F8B92
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/HpHAwRddMuC-iQif3jxelDeODf0.roa
Signing time: Fri 21 Jul 2023 11:55:03 +0000
ROA not before: Fri 21 Jul 2023 11:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 194.59.246.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:4d:ab:e1:cb:8e:8a:ec:3f:58:5a:70:32:3f:8b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jul 21 11:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e91c0c1175d32e0be89089fde3c5e94378e0dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7d:5f:a4:ce:90:97:ec:22:78:84:73:30:2b:
a4:9b:e9:5e:3c:4a:0f:fe:22:ad:c1:11:0e:52:53:
c2:09:ad:3b:65:8c:d3:d7:f5:55:1a:e1:e9:5b:10:
29:08:93:c8:29:70:99:de:dc:dd:c6:9f:76:a6:0c:
7c:1d:2c:b3:e2:3a:64:df:ed:51:64:ec:5a:5e:c7:
e3:11:97:25:98:1c:1c:21:21:88:64:96:e2:6a:6f:
be:51:68:4e:a1:ae:27:84:50:83:a6:99:11:07:48:
78:7b:c0:f2:98:3e:1b:26:74:dc:09:c2:5f:a2:65:
e5:2b:ec:72:b2:9f:03:c0:b5:5e:6e:cb:db:8e:df:
16:75:21:b0:d2:c1:dc:b1:33:1f:8b:4a:f2:18:c5:
f9:41:b9:55:7a:45:ff:f3:5f:5e:7e:d2:4e:ef:1e:
5a:ba:94:73:97:8c:b2:bd:39:91:18:91:c0:d3:d7:
cc:b1:27:e3:b9:bb:b6:fb:ab:a2:d7:aa:66:5b:a9:
bb:fb:aa:eb:51:b1:f8:6a:e9:d1:a5:b6:a3:dd:68:
e2:c2:b5:2f:f4:98:b4:dc:9e:ed:bc:f4:23:fc:c0:
8b:5c:b3:39:a4:16:c4:72:5f:e2:fb:33:a3:87:e6:
25:63:64:e9:6b:a9:69:64:a3:56:6b:38:a5:0a:47:
71:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:91:C0:C1:17:5D:32:E0:BE:89:08:9F:DE:3C:5E:94:37:8E:0D:FD
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/HpHAwRddMuC-iQif3jxelDeODf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.246.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:16:83:d1:bb:b5:9a:99:32:70:cb:8c:4c:88:0e:f4:22:43:
6a:de:43:71:62:bb:71:16:78:9e:34:42:56:15:68:dc:93:74:
b0:83:0a:60:7a:a3:6d:23:6f:cb:91:ce:84:05:99:b6:46:4c:
cb:75:a4:00:a7:b5:9f:03:83:50:ba:9b:40:9f:23:ee:05:89:
b0:58:26:b0:cc:9a:56:66:ba:5f:15:1f:3d:6e:bf:74:cb:1d:
77:2f:b1:8f:b9:f6:3e:7f:be:dd:7a:d1:23:9b:17:2e:ba:16:
cd:11:71:88:18:48:b0:e2:c7:d5:58:00:08:04:57:e4:4d:ff:
80:85:75:de:70:ae:15:d0:46:46:59:ad:58:65:ed:77:4d:7c:
a3:82:91:3d:65:da:64:84:2a:73:2c:86:00:7e:db:df:85:87:
d2:fb:e1:84:e9:ef:55:f0:f4:63:34:63:60:97:17:54:e3:af:
e8:7b:d3:b9:e0:10:ed:17:91:93:1c:5e:03:0c:0b:8d:df:1c:
b0:43:98:ab:a5:14:3e:a0:4b:df:d9:87:43:5c:6c:fc:15:fb:
ef:4e:2d:68:de:4c:62:3f:17:9d:2e:8f:d3:f7:bc:22:76:c8:
c6:ac:a2:cb:96:0f:3e:0f:22:65:05:7e:44:e0:f0:a6:e9:bc:
d5:36:a8:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl4Tavhy46K7D9YWnAyP4uSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNzIxMTE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTkxYzBjMTE3NWQzMmUwYmU4OTA4OWZkZTNjNWU5NDM3OGUwZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH1fpM6Ql+wieIRzMCukm+lePEoP
/iKtwREOUlPCCa07ZYzT1/VVGuHpWxApCJPIKXCZ3tzdxp92pgx8HSyz4jpk3+1R
ZOxaXsfjEZclmBwcISGIZJbiam++UWhOoa4nhFCDppkRB0h4e8DymD4bJnTcCcJf
omXlK+xysp8DwLVebsvbjt8WdSGw0sHcsTMfi0ryGMX5QblVekX/819eftJO7x5a
upRzl4yyvTmRGJHA09fMsSfjubu2+6ui16pmW6m7+6rrUbH4aunRpbaj3WjiwrUv
9Ji03J7tvPQj/MCLXLM5pBbEcl/i+zOjh+YlY2Tpa6lpZKNWazilCkdxywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6RwMEXXTLgvokIn948XpQ3jg39MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvSHBIQXdSZGRNdUMtaVFpZjNqeGVsRGVPRGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjv2MA0G
CSqGSIb3DQEBCwUAA4IBAQC0FoPRu7WamTJwy4xMiA70IkNq3kNxYrtxFnieNEJW
FWjck3SwgwpgeqNtI2/Lkc6EBZm2RkzLdaQAp7WfA4NQuptAnyPuBYmwWCawzJpW
ZrpfFR89br90yx13L7GPufY+f77detEjmxcuuhbNEXGIGEiw4sfVWAAIBFfkTf+A
hXXecK4V0EZGWa1YZe13TXyjgpE9ZdpkhCpzLIYAftvfhYfS++GE6e9V8PRjNGNg
lxdU46/oe9O54BDtF5GTHF4DDAuN3xywQ5irpRQ+oEvf2YdDXGz8FfvvTi1o3kxi
PxedLo/T97widsjGrKLLlg8+DyJlBX5E4PCm6bzVNqi2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org