Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/KeCxLo9UUuLVhf_Mwjcse1N3y_g.roa
File: KeCxLo9UUuLVhf_Mwjcse1N3y_g.roa (raw, json)
Hash identifier: dkEE8m9ZHCZGn9k6+i619h5aqlQ333f/XIOCmAVS3RI=
Subject key identifier: 29:E0:B1:2E:8F:54:52:E2:D5:85:FF:CC:C2:37:2C:7B:53:77:CB:F8
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D55E123921ECC69F74E223FE4FDB60
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/KeCxLo9UUuLVhf_Mwjcse1N3y_g.roa
Signing time: Mon 02 Jan 2023 04:55:09 +0000
ROA not before: Mon 02 Jan 2023 04:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57371
IP address blocks: 194.169.84.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:5e:12:39:21:ec:c6:9f:74:e2:23:fe:4f:db:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29e0b12e8f5452e2d585ffccc2372c7b5377cbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bc:74:26:47:d4:bc:48:4e:18:88:56:24:18:
8e:2e:e9:a6:aa:b0:37:23:06:fc:fc:10:a0:fa:b0:
b8:4e:a8:92:15:3b:b9:1d:d3:a7:30:1e:fb:c1:b8:
00:55:cb:f5:e1:bd:dc:8b:da:15:4b:46:b8:6b:61:
e9:14:7d:72:d3:03:17:59:c8:9b:44:bf:e6:b1:f4:
90:70:07:b2:09:b1:c5:a5:67:b5:e8:c6:7d:42:be:
86:6b:a1:bb:22:42:a4:be:1c:6b:5c:6c:75:af:ba:
29:4e:b8:83:58:9f:7d:95:11:09:94:49:84:0b:98:
00:7d:69:2d:e8:ee:72:2f:9f:71:ad:d1:79:ed:2e:
e3:2f:88:1c:bc:b2:a5:40:b7:c2:d7:6b:e1:a5:61:
49:35:1d:dd:a7:a9:33:e1:53:ae:ed:06:dd:a8:be:
d1:a6:f4:dd:05:00:3a:6a:d6:3e:bc:95:fd:a4:19:
98:d2:5a:e7:5b:1b:f4:9f:06:00:10:19:48:c5:3e:
c1:fa:3b:b4:96:4b:d6:19:40:c1:eb:97:7c:a8:c6:
5e:79:a4:86:77:11:39:e1:52:b1:60:87:16:87:ee:
61:5b:b5:5f:1e:32:cf:f7:c7:ea:9a:8c:75:b9:f8:
52:05:af:d1:95:7e:7b:7f:fe:33:c2:44:e4:c1:10:
29:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E0:B1:2E:8F:54:52:E2:D5:85:FF:CC:C2:37:2C:7B:53:77:CB:F8
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/KeCxLo9UUuLVhf_Mwjcse1N3y_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.84.0/23
Signature Algorithm: sha256WithRSAEncryption
63:09:3e:9a:58:eb:d0:a3:9c:de:af:8c:ca:67:1a:a3:15:8d:
09:8d:18:e8:63:ef:2b:e3:34:65:df:f5:96:fc:5e:d5:56:fa:
a1:86:75:da:7c:ec:04:86:2f:d9:e1:24:bb:3a:b4:85:23:d6:
75:c6:d8:d0:41:71:93:4f:52:01:6e:4a:ab:34:8f:ca:ea:7a:
22:8f:44:2b:98:52:79:48:03:70:52:93:54:e8:f5:90:ac:8c:
5e:de:87:b5:a1:5a:68:8a:8c:1a:a2:cb:a0:10:e4:bd:4e:c7:
19:0b:a9:d9:08:e7:7a:0f:3c:1b:10:ed:05:f6:12:47:8a:f5:
37:d0:92:8f:fb:cc:35:39:d9:d0:0b:b0:71:fc:e8:94:8b:51:
4e:c4:e4:fd:b9:a2:3d:95:09:1c:57:80:ae:f2:72:c5:d8:f3:
2a:84:00:5e:05:0a:8e:f3:d3:8e:99:30:b7:ae:82:05:be:fd:
1e:06:ac:9c:cd:f5:fe:6b:2e:77:52:39:62:1b:7b:0c:9c:cf:
58:40:3c:19:7c:65:66:1e:47:c9:4d:df:e3:3d:1c:b3:7f:5b:
ed:b1:4b:51:00:87:56:67:2a:86:da:ab:27:14:7f:f4:8a:52:
95:7a:af:3d:c8:3d:de:b9:4f:fc:47:58:0d:5e:dc:b7:af:1b:
67:e8:63:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1V4SOSHsxp904iP+T9tgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWUwYjEyZThmNTQ1MmUyZDU4NWZmY2NjMjM3MmM3YjUzNzdjYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrx0JkfUvEhOGIhWJBiOLummqrA3
Iwb8/BCg+rC4TqiSFTu5HdOnMB77wbgAVcv14b3ci9oVS0a4a2HpFH1y0wMXWcib
RL/msfSQcAeyCbHFpWe16MZ9Qr6Ga6G7IkKkvhxrXGx1r7opTriDWJ99lREJlEmE
C5gAfWkt6O5yL59xrdF57S7jL4gcvLKlQLfC12vhpWFJNR3dp6kz4VOu7QbdqL7R
pvTdBQA6atY+vJX9pBmY0lrnWxv0nwYAEBlIxT7B+ju0lkvWGUDB65d8qMZeeaSG
dxE54VKxYIcWh+5hW7VfHjLP98fqmox1ufhSBa/RlX57f/4zwkTkwRApjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCngsS6PVFLi1YX/zMI3LHtTd8v4MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvS2VDeExvOVVVdUxWaGZfTXdqY3NlMU4zeV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwqlUMA0G
CSqGSIb3DQEBCwUAA4IBAQBjCT6aWOvQo5zer4zKZxqjFY0JjRjoY+8r4zRl3/WW
/F7VVvqhhnXafOwEhi/Z4SS7OrSFI9Z1xtjQQXGTT1IBbkqrNI/K6noij0QrmFJ5
SANwUpNU6PWQrIxe3oe1oVpoiowaosugEOS9TscZC6nZCOd6DzwbEO0F9hJHivU3
0JKP+8w1OdnQC7Bx/OiUi1FOxOT9uaI9lQkcV4Cu8nLF2PMqhABeBQqO89OOmTC3
roIFvv0eBqyczfX+ay53UjliG3sMnM9YQDwZfGVmHkfJTd/jPRyzf1vtsUtRAIdW
ZyqG2qsnFH/0ilKVeq89yD3euU/8R1gNXty3rxtn6GPB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org