Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_gRKWUa0FYbuuDNPqRX12ZAOFNI.roa
File: _gRKWUa0FYbuuDNPqRX12ZAOFNI.roa (raw, json)
Hash identifier: vYdGrDc+loXoRst61DxdD553r173hB/OAcPsf0ySjOE=
Subject key identifier: FE:04:4A:59:46:B4:15:86:EE:B8:33:4F:A9:15:F5:D9:90:0E:14:D2
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D54F4B5C6223BFE8BFC3C41953F5B5
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_gRKWUa0FYbuuDNPqRX12ZAOFNI.roa
Signing time: Mon 02 Jan 2023 04:55:05 +0000
ROA not before: Mon 02 Jan 2023 04:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12555
IP address blocks: 193.47.32.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:4f:4b:5c:62:23:bf:e8:bf:c3:c4:19:53:f5:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe044a5946b41586eeb8334fa915f5d9900e14d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:04:87:8a:78:d7:3d:c4:e5:e9:92:07:19:97:
92:5a:da:36:25:ff:fa:22:d5:1a:62:b2:bb:99:0c:
57:3e:1f:5b:ed:51:fb:80:8c:b5:05:ad:ac:1e:b4:
b1:08:ac:66:3b:b7:a0:50:fd:cf:f9:49:6b:04:e5:
9e:3c:5a:7c:85:f0:5b:a2:30:24:89:34:ee:dd:36:
b7:4f:b3:32:d9:7b:f0:7a:70:72:88:87:d5:67:99:
84:64:45:80:d4:5f:f6:12:46:4d:91:65:83:28:ae:
6e:ae:25:40:bc:0f:62:b5:c1:ad:8c:a2:36:e5:42:
46:34:0e:76:ef:7e:ea:bf:00:3b:74:5b:ea:cc:9a:
e1:19:b2:6e:38:79:8f:c8:51:b3:a4:2d:fd:59:02:
67:2a:64:8a:d9:c2:61:ed:e5:77:b2:11:ed:7a:01:
d5:3e:ba:52:88:75:8d:7e:a6:68:26:24:38:7d:5f:
36:9a:4c:d7:71:63:44:59:09:9b:1f:5f:a4:8c:26:
e2:a7:ef:2a:74:24:33:43:cc:b5:c9:fc:56:a1:18:
90:54:43:0d:b8:a1:db:78:b6:27:4a:bb:83:4f:b8:
ea:bb:77:e7:f2:35:eb:a9:a4:33:4e:a5:82:c7:54:
77:8f:5c:4c:7e:45:fb:c3:f9:1f:5b:ac:01:72:d0:
39:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:04:4A:59:46:B4:15:86:EE:B8:33:4F:A9:15:F5:D9:90:0E:14:D2
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_gRKWUa0FYbuuDNPqRX12ZAOFNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.32.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:28:bd:95:de:a8:58:d7:f6:1a:86:c4:da:7d:1a:82:65:d5:
7f:8e:c9:25:5c:43:bc:34:ca:9d:e7:8b:55:be:fe:69:03:28:
33:dd:d3:37:70:bd:1a:a8:f7:69:c5:fe:1c:c5:32:f9:74:14:
11:11:a9:c8:0c:23:3f:a4:63:6e:0b:6e:7e:95:7a:d5:e2:da:
c4:f6:09:e5:05:da:06:24:61:97:03:cc:6a:e8:d1:97:8c:ed:
67:82:76:be:ed:38:2f:90:63:58:77:44:b8:45:df:46:00:44:
85:ac:3d:e2:c3:f4:99:53:c5:b5:e0:53:a8:8c:52:4a:69:c2:
d5:b8:02:1f:5e:35:31:39:04:c0:71:44:dc:f6:01:83:5b:18:
e9:54:c2:31:b7:24:e7:3b:21:fc:4f:c6:60:99:4f:26:d2:89:
28:11:41:b2:25:e1:2d:9b:b2:d9:e6:c0:03:de:c8:ad:56:a7:
92:cd:b1:5b:2b:bb:72:9a:64:9b:08:c7:84:ed:7a:cc:72:9a:
f9:78:51:29:4b:9f:40:7a:92:ef:bb:37:93:7c:2e:5e:4a:62:
54:e5:35:43:45:e3:4b:33:e0:8e:39:7a:ec:22:69:fc:08:0e:
5f:91:7a:fe:fc:06:4b:95:73:19:6a:c5:ed:1a:4b:79:28:7e:
69:0d:1a:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1U9LXGIjv+i/w8QZU/W1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA0NGE1OTQ2YjQxNTg2ZWViODMzNGZhOTE1ZjVkOTkwMGUxNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngSHinjXPcTl6ZIHGZeSWto2Jf/6
ItUaYrK7mQxXPh9b7VH7gIy1Ba2sHrSxCKxmO7egUP3P+UlrBOWePFp8hfBbojAk
iTTu3Ta3T7My2XvwenByiIfVZ5mEZEWA1F/2EkZNkWWDKK5uriVAvA9itcGtjKI2
5UJGNA52737qvwA7dFvqzJrhGbJuOHmPyFGzpC39WQJnKmSK2cJh7eV3shHtegHV
PrpSiHWNfqZoJiQ4fV82mkzXcWNEWQmbH1+kjCbip+8qdCQzQ8y1yfxWoRiQVEMN
uKHbeLYnSruDT7jqu3fn8jXrqaQzTqWCx1R3j1xMfkX7w/kfW6wBctA5GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4ESllGtBWG7rgzT6kV9dmQDhTSMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvX2dSS1dVYTBGWWJ1dUROUHFSWDEyWkFPRk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS8gMA0G
CSqGSIb3DQEBCwUAA4IBAQCbKL2V3qhY1/YahsTafRqCZdV/jsklXEO8NMqd54tV
vv5pAygz3dM3cL0aqPdpxf4cxTL5dBQREanIDCM/pGNuC25+lXrV4trE9gnlBdoG
JGGXA8xq6NGXjO1ngna+7TgvkGNYd0S4Rd9GAESFrD3iw/SZU8W14FOojFJKacLV
uAIfXjUxOQTAcUTc9gGDWxjpVMIxtyTnOyH8T8ZgmU8m0okoEUGyJeEtm7LZ5sAD
3sitVqeSzbFbK7tymmSbCMeE7XrMcpr5eFEpS59AepLvuzeTfC5eSmJU5TVDReNL
M+COOXrsImn8CA5fkXr+/AZLlXMZasXtGkt5KH5pDRrW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org