Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SjyUDO9RvoNCl5J8_PgaXtidbQ4.roa
File: SjyUDO9RvoNCl5J8_PgaXtidbQ4.roa (raw, json)
Hash identifier: hWlOA0/zid2LXOTb7i4BRo/7c04OdlBsRF1GTohIz/o=
Subject key identifier: 4A:3C:94:0C:EF:51:BE:83:42:97:92:7C:FC:F8:1A:5E:D8:9D:6D:0E
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0186B8D5BDCB5DA6725B0DAC5010B717F895
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SjyUDO9RvoNCl5J8_PgaXtidbQ4.roa
Signing time: Mon 06 Mar 2023 21:31:00 +0000
ROA not before: Mon 06 Mar 2023 21:31:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.148.62.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:d5:bd:cb:5d:a6:72:5b:0d:ac:50:10:b7:17:f8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 6 21:31:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a3c940cef51be834297927cfcf81a5ed89d6d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:62:f4:07:b4:38:68:07:de:09:12:96:43:34:
b1:35:7e:ae:7d:68:57:b3:fe:df:e6:ed:73:33:57:
29:46:d2:3e:e5:03:54:5b:72:6d:b0:ab:17:10:3b:
89:53:16:f9:88:77:6f:b3:9a:81:77:d7:8f:2c:98:
25:d8:7e:a3:58:a9:75:11:c1:56:12:95:08:48:e5:
22:c2:56:d7:1c:d7:52:99:6e:ae:43:34:d5:63:7c:
a0:4a:53:8e:53:e1:45:b3:a8:ca:36:64:be:e7:89:
34:ab:1a:90:36:9b:e1:00:44:4e:ed:bf:78:07:a3:
57:e2:df:25:8b:66:3e:e7:05:a7:4b:f2:a9:d6:aa:
df:33:7d:83:2f:fb:d4:73:6a:20:57:16:18:35:3f:
eb:34:ca:7a:32:c0:71:5d:ca:0f:c5:9b:ab:46:98:
d1:7d:b9:f5:3e:66:05:21:e0:71:89:7a:e4:d9:2c:
db:5b:ab:3b:b0:62:6d:8f:22:50:64:19:89:93:12:
57:09:84:47:0f:d5:61:82:fe:ff:d4:51:47:61:fc:
29:0c:04:01:c5:81:db:5e:a9:04:dd:00:14:d4:ef:
7c:4f:9b:5d:5f:55:93:ec:08:99:a5:9a:de:7c:e5:
d0:37:96:01:67:42:03:0e:26:4a:67:77:14:31:9e:
64:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3C:94:0C:EF:51:BE:83:42:97:92:7C:FC:F8:1A:5E:D8:9D:6D:0E
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SjyUDO9RvoNCl5J8_PgaXtidbQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.62.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:6a:f4:b0:a8:47:34:e3:8b:34:a1:1d:22:bc:01:37:0a:5c:
0e:eb:3d:eb:23:24:dc:ab:82:8b:b2:df:05:b9:3e:f1:d6:72:
d9:aa:51:36:36:d6:ef:3d:53:62:25:eb:ec:c0:ee:3a:6a:d7:
b2:93:8e:b7:27:70:56:cd:1b:20:1f:1d:f0:8b:80:e8:ff:5d:
3e:5e:eb:b3:53:c7:c3:24:5c:b8:a2:b0:5b:74:a0:76:05:9d:
54:eb:31:d2:e7:7e:aa:88:c4:5d:ed:f2:4b:80:e2:32:c2:64:
97:4a:8f:01:52:72:ec:4d:04:ab:dd:27:9f:b3:8e:39:e9:d2:
ab:8f:22:2e:1f:ca:92:da:ea:d8:6b:f4:51:19:db:ae:72:54:
85:40:60:eb:a2:ab:21:6e:93:8a:fa:35:56:d1:ee:1c:1f:36:
76:91:dd:ed:9a:1f:5b:c7:27:81:80:2b:98:61:7c:58:9b:5f:
ae:6a:bf:6c:68:34:6b:b4:65:1b:b6:e1:be:74:5d:b7:70:fd:
d7:62:88:71:9a:0c:5f:e1:78:d9:1b:99:13:c4:64:29:db:bc:
18:26:cc:8f:78:e3:99:63:f5:17:34:5b:9e:14:1c:b6:5a:50:
b3:ad:87:8c:10:42:9c:69:ae:e9:a6:17:06:b4:e6:d8:8a:58:
4a:43:3a:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa41b3LXaZyWw2sUBC3F/iVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMzA2MjEzMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTNjOTQwY2VmNTFiZTgzNDI5NzkyN2NmY2Y4MWE1ZWQ4OWQ2ZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGL0B7Q4aAfeCRKWQzSxNX6ufWhX
s/7f5u1zM1cpRtI+5QNUW3JtsKsXEDuJUxb5iHdvs5qBd9ePLJgl2H6jWKl1EcFW
EpUISOUiwlbXHNdSmW6uQzTVY3ygSlOOU+FFs6jKNmS+54k0qxqQNpvhAERO7b94
B6NX4t8li2Y+5wWnS/Kp1qrfM32DL/vUc2ogVxYYNT/rNMp6MsBxXcoPxZurRpjR
fbn1PmYFIeBxiXrk2SzbW6s7sGJtjyJQZBmJkxJXCYRHD9Vhgv7/1FFHYfwpDAQB
xYHbXqkE3QAU1O98T5tdX1WT7AiZpZrefOXQN5YBZ0IDDiZKZ3cUMZ5kUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEo8lAzvUb6DQpeSfPz4Gl7YnW0OMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvU2p5VURPOVJ2b05DbDVKOF9QZ2FYdGlkYlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwZQ+MA0G
CSqGSIb3DQEBCwUAA4IBAQBfavSwqEc044s0oR0ivAE3ClwO6z3rIyTcq4KLst8F
uT7x1nLZqlE2NtbvPVNiJevswO46ateyk463J3BWzRsgHx3wi4Do/10+XuuzU8fD
JFy4orBbdKB2BZ1U6zHS536qiMRd7fJLgOIywmSXSo8BUnLsTQSr3Sefs4456dKr
jyIuH8qS2urYa/RRGduuclSFQGDroqshbpOK+jVW0e4cHzZ2kd3tmh9bxyeBgCuY
YXxYm1+uar9saDRrtGUbtuG+dF23cP3XYohxmgxf4XjZG5kTxGQp27wYJsyPeOOZ
Y/UXNFueFBy2WlCzrYeMEEKcaa7pphcGtObYilhKQzql
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org