Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/b5OZIXwMqbWcR0LfW_YnW2IMQ1U.roa
File: b5OZIXwMqbWcR0LfW_YnW2IMQ1U.roa (raw, json)
Hash identifier: jZwWf4ajLAzau3lATA7A0BUCG+P00vJKqcFL0YgCfpI=
Subject key identifier: 6F:93:99:21:7C:0C:A9:B5:9C:47:42:DF:5B:F6:27:5B:62:0C:43:55
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01878F32222DE9768A083F1A9912726E3FB4
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/b5OZIXwMqbWcR0LfW_YnW2IMQ1U.roa
Signing time: Mon 17 Apr 2023 12:30:39 +0000
ROA not before: Mon 17 Apr 2023 12:30:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 193.148.61.0/24 maxlen: 24
193.148.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:32:22:2d:e9:76:8a:08:3f:1a:99:12:72:6e:3f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Apr 17 12:30:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f9399217c0ca9b59c4742df5bf6275b620c4355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:43:b2:5d:b2:14:90:ae:9f:2f:2e:5d:da:91:
68:bc:0a:83:5d:2d:31:ca:a8:38:03:89:74:12:ef:
7a:23:26:e7:75:07:f5:83:4f:c7:0e:98:95:7d:e6:
ef:3d:78:20:32:2b:c9:c9:3e:90:d1:56:70:40:0a:
e2:27:ed:17:b8:18:f9:7a:cc:6a:1f:82:f0:cc:6f:
fb:af:8c:ee:e2:29:41:18:45:21:1d:22:dd:a9:47:
55:51:f9:a3:70:46:aa:64:90:69:54:82:4a:f7:72:
d9:4e:66:48:45:b7:39:f9:c2:59:0b:ba:45:25:73:
b2:3e:9d:51:8c:a7:aa:f4:af:1b:8e:18:ea:b1:73:
1b:3c:8f:a6:4e:ab:72:06:20:01:9c:c1:30:8a:3f:
f1:b0:66:2c:02:9c:f0:7b:34:3e:76:48:d2:25:ea:
41:5a:a0:31:0f:75:2b:e8:bb:da:7f:f9:ea:6c:97:
9c:1d:3b:6e:d4:87:cc:1c:ae:0a:6b:0c:6d:25:0e:
1f:14:1e:9c:77:05:17:c6:7a:5d:ef:b1:d4:88:78:
f5:f8:9b:7c:ff:d3:bc:11:52:45:b1:94:20:90:ea:
de:9b:05:42:96:e9:26:bc:96:3d:0d:e7:f1:fd:ce:
d4:02:49:93:b0:29:99:ff:b5:34:fc:47:ea:ed:a6:
14:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:93:99:21:7C:0C:A9:B5:9C:47:42:DF:5B:F6:27:5B:62:0C:43:55
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/b5OZIXwMqbWcR0LfW_YnW2IMQ1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.61.0/24
193.148.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:8a:62:4f:eb:e0:84:8e:5d:58:5d:5a:ba:d2:32:5f:51:c9:
b3:ad:92:d2:9f:b1:60:d3:ca:25:1b:3d:c7:68:b3:93:ae:36:
fa:cb:ca:e3:82:39:de:55:02:52:5d:d7:a3:7c:ed:84:6d:f0:
59:94:27:f0:b8:5a:37:36:6d:cc:98:d4:8f:be:e6:67:d8:fd:
43:4e:f2:e8:20:e7:6c:1b:38:c0:31:34:0f:04:5e:58:6d:6f:
44:2c:82:f4:45:6e:db:20:db:c8:f3:66:18:88:55:64:b3:a9:
ba:f4:5a:fa:30:25:04:f2:b9:f7:ca:d8:f3:13:f3:4c:14:22:
20:09:3f:19:44:7f:d2:8f:d6:08:d1:5c:2b:14:25:c4:3b:34:
bd:b2:be:0f:99:e3:de:12:5b:75:02:99:15:da:a5:df:ed:e9:
65:d4:7c:14:cf:64:8c:75:59:c4:86:fd:f6:20:00:7d:27:de:
1f:2b:4c:f9:0c:45:cf:21:51:14:1d:64:4a:26:19:3d:9e:63:
1e:b9:f8:6f:d0:5f:5b:ba:8a:1b:0e:33:ef:3d:a9:ba:c3:e0:
6c:1b:90:1a:79:87:35:43:91:5c:2b:03:b2:93:23:96:de:5b:
bf:c8:34:ff:be:e1:c9:25:0d:7c:62:06:83:a0:ed:99:0f:8c:
e5:bb:4c:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYePMiIt6XaKCD8amRJybj+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNDE3MTIzMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjkzOTkyMTdjMGNhOWI1OWM0NzQyZGY1YmY2Mjc1YjYyMGM0MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEOyXbIUkK6fLy5d2pFovAqDXS0x
yqg4A4l0Eu96IybndQf1g0/HDpiVfebvPXggMivJyT6Q0VZwQAriJ+0XuBj5esxq
H4LwzG/7r4zu4ilBGEUhHSLdqUdVUfmjcEaqZJBpVIJK93LZTmZIRbc5+cJZC7pF
JXOyPp1RjKeq9K8bjhjqsXMbPI+mTqtyBiABnMEwij/xsGYsApzwezQ+dkjSJepB
WqAxD3Ur6Lvaf/nqbJecHTtu1IfMHK4KawxtJQ4fFB6cdwUXxnpd77HUiHj1+Jt8
/9O8EVJFsZQgkOremwVClukmvJY9Defx/c7UAkmTsCmZ/7U0/Efq7aYU1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG+TmSF8DKm1nEdC31v2J1tiDENVMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvYjVPWklYd01xYldjUjBMZldfWW5XMklNUTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwZQ9AwQA
wZQ/MA0GCSqGSIb3DQEBCwUAA4IBAQBLimJP6+CEjl1YXVq60jJfUcmzrZLSn7Fg
08olGz3HaLOTrjb6y8rjgjneVQJSXdejfO2EbfBZlCfwuFo3Nm3MmNSPvuZn2P1D
TvLoIOdsGzjAMTQPBF5YbW9ELIL0RW7bINvI82YYiFVks6m69Fr6MCUE8rn3ytjz
E/NMFCIgCT8ZRH/Sj9YI0VwrFCXEOzS9sr4PmePeElt1ApkV2qXf7ell1HwUz2SM
dVnEhv32IAB9J94fK0z5DEXPIVEUHWRKJhk9nmMeufhv0F9buoobDjPvPam6w+Bs
G5AaeYc1Q5FcKwOykyOW3lu/yDT/vuHJJQ18YgaDoO2ZD4zlu0y4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-fra.rpki-client.org