Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_6OTdqPQ6hlrQTuPwuL9LAbfYqQ.roa
File: _6OTdqPQ6hlrQTuPwuL9LAbfYqQ.roa (raw, json)
Hash identifier: G8b427p+mMD/EX/iiuu6AvXhQ/NYCwjcyccCgmfU9nw=
Subject key identifier: FF:A3:93:76:A3:D0:EA:19:6B:41:3B:8F:C2:E2:FD:2C:06:DF:62:A4
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018964895AFDE1B2BB3BF56AB917C4E14740
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_6OTdqPQ6hlrQTuPwuL9LAbfYqQ.roa
Signing time: Mon 17 Jul 2023 15:47:50 +0000
ROA not before: Mon 17 Jul 2023 15:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 194.156.106.0/24 maxlen: 24
194.156.107.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
194.156.104.0/24 maxlen: 24
194.156.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:89:5a:fd:e1:b2:bb:3b:f5:6a:b9:17:c4:e1:47:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jul 17 15:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffa39376a3d0ea196b413b8fc2e2fd2c06df62a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6d:bd:bf:3e:3a:0d:49:24:89:57:7f:3b:7e:
2b:fa:85:e6:a3:7f:37:8d:11:53:a5:98:f9:1c:20:
11:4a:90:97:5c:38:79:ac:67:26:5f:e2:84:09:6e:
b7:72:ee:7a:22:a0:02:4f:2e:ab:40:b0:90:3c:51:
84:85:e9:4f:8e:62:8e:ec:c4:42:0d:e1:3e:42:7a:
99:29:1b:d7:db:44:79:75:47:4c:5e:bf:4d:81:b4:
15:e5:f3:9a:0e:15:78:94:82:3a:43:52:b4:2f:05:
ad:63:ed:e5:ef:06:85:9a:b4:61:5e:93:df:b6:bd:
67:f9:5e:04:77:81:ef:d0:af:79:66:03:f0:dc:d8:
12:77:6e:dd:84:81:e6:b0:c6:0a:b4:ec:7a:df:ba:
3b:dd:8b:c2:94:47:fc:e4:a6:89:ef:41:cc:b7:7e:
16:d2:a0:ea:39:0d:cd:65:d0:a8:ed:fc:00:f3:aa:
f2:b7:42:a7:0a:be:86:54:da:24:b2:1b:c5:b8:fc:
22:b5:51:bd:ff:9a:2a:f7:b6:b1:a6:f3:81:d3:50:
65:64:b2:2e:78:75:43:23:0e:61:86:3a:45:9a:54:
b2:bf:ab:55:04:da:ac:71:f3:9e:b1:8d:e2:6a:3c:
b9:e9:7b:10:e6:c6:1e:76:3e:e5:c7:6d:51:55:67:
96:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A3:93:76:A3:D0:EA:19:6B:41:3B:8F:C2:E2:FD:2C:06:DF:62:A4
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_6OTdqPQ6hlrQTuPwuL9LAbfYqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.106.0/24
194.156.104.0/22
Signature Algorithm: sha256WithRSAEncryption
94:70:f5:fb:07:26:e3:f0:5d:4a:dd:ca:87:73:b0:dc:8c:a3:
15:35:2a:ed:55:7c:43:8c:83:d1:41:b4:b0:a2:34:09:18:de:
e1:71:f1:a8:7a:12:7c:46:7b:81:72:54:2f:be:8d:9d:7d:66:
e4:92:0f:96:d4:f5:48:d3:2a:0b:fb:fb:13:3e:42:17:98:8c:
3f:a5:ab:01:bf:ea:b3:a5:d0:37:58:43:5a:0d:31:9c:1d:0c:
fe:96:19:62:2f:fb:bb:1e:cb:ce:18:bb:e5:25:f2:5d:bd:06:
0e:03:23:a1:17:39:87:05:b5:84:ec:d1:80:8e:f4:47:00:a9:
5f:fa:b7:24:30:e6:49:a2:97:3f:a4:8d:26:1b:33:73:15:21:
36:76:42:f9:fa:9b:b3:39:2d:c9:e4:f3:f6:11:71:05:f3:a1:
d7:ed:3d:af:a2:fe:b6:19:4e:56:65:8f:3e:23:38:eb:fb:56:
d7:9e:cd:3d:6a:31:1e:ac:8f:1e:2f:d9:70:af:bb:79:9b:22:
a3:93:05:03:7b:bb:77:e9:aa:8e:f0:83:53:c2:a0:46:5e:2b:
cd:bb:31:7f:39:01:3e:2c:e1:29:32:9a:73:e5:08:0e:76:c1:
92:94:a4:45:35:5e:a4:80:a0:3b:90:ba:e7:7d:13:4e:a3:62:
12:bc:f7:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlkiVr94bK7O/VquRfE4UdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNzE3MTU0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmEzOTM3NmEzZDBlYTE5NmI0MTNiOGZjMmUyZmQyYzA2ZGY2MmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApm29vz46DUkkiVd/O34r+oXmo383
jRFTpZj5HCARSpCXXDh5rGcmX+KECW63cu56IqACTy6rQLCQPFGEhelPjmKO7MRC
DeE+QnqZKRvX20R5dUdMXr9NgbQV5fOaDhV4lII6Q1K0LwWtY+3l7waFmrRhXpPf
tr1n+V4Ed4Hv0K95ZgPw3NgSd27dhIHmsMYKtOx637o73YvClEf85KaJ70HMt34W
0qDqOQ3NZdCo7fwA86ryt0KnCr6GVNokshvFuPwitVG9/5oq97axpvOB01BlZLIu
eHVDIw5hhjpFmlSyv6tVBNqscfOesY3iajy56XsQ5sYedj7lx21RVWeWjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP+jk3aj0OoZa0E7j8Li/SwG32KkMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvXzZPVGRxUFE2aGxyUVR1UHd1TDlMQWJmWXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwbtqAwQC
wpxoMA0GCSqGSIb3DQEBCwUAA4IBAQCUcPX7Bybj8F1K3cqHc7DcjKMVNSrtVXxD
jIPRQbSwojQJGN7hcfGoehJ8RnuBclQvvo2dfWbkkg+W1PVI0yoL+/sTPkIXmIw/
pasBv+qzpdA3WENaDTGcHQz+lhliL/u7HsvOGLvlJfJdvQYOAyOhFzmHBbWE7NGA
jvRHAKlf+rckMOZJopc/pI0mGzNzFSE2dkL5+puzOS3J5PP2EXEF86HX7T2vov62
GU5WZY8+Izjr+1bXns09ajEerI8eL9lwr7t5myKjkwUDe7t36aqO8INTwqBGXivN
uzF/OQE+LOEpMppz5QgOdsGSlKRFNV6kgKA7kLrnfRNOo2ISvPef
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org