Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/gQXoaDbp-l1Yj9CUOMBLZUzwGbw.roa
File: gQXoaDbp-l1Yj9CUOMBLZUzwGbw.roa (raw, json)
Hash identifier: lVG15Gywdhug3oAnjf1HiAVmLaPYJHzGRJGtB80n/go=
Subject key identifier: 81:05:E8:68:36:E9:FA:5D:58:8F:D0:94:38:C0:4B:65:4C:F0:19:BC
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 062F791D
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/gQXoaDbp-l1Yj9CUOMBLZUzwGbw.roa
Signing time: Fri 18 Feb 2022 21:02:04 +0000
ROA not before: Fri 18 Feb 2022 21:02:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 193.56.64.0/24 maxlen: 24
193.56.66.0/24 maxlen: 24
193.56.65.0/24 maxlen: 24
193.56.74.0/24 maxlen: 24
193.56.73.0/24 maxlen: 24
193.56.72.0/24 maxlen: 24
213.166.76.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103774493 (0x62f791d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 18 21:02:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8105e86836e9fa5d588fd09438c04b654cf019bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8f:e0:85:ee:ad:17:f2:c2:5f:2c:10:c5:5f:
68:b3:81:06:e8:f7:5c:91:08:68:cc:74:d7:74:99:
3b:12:d8:36:2a:38:78:a1:fb:e5:10:ed:ce:85:c6:
d1:66:7c:68:01:5b:36:8e:a3:f6:de:2e:f8:b4:b4:
35:de:8b:af:1e:c9:b8:e4:7e:45:d8:b8:3d:d3:5b:
30:85:10:fd:ef:51:69:a1:9e:1b:91:f8:45:12:b2:
b9:91:c8:56:6d:14:78:f5:cc:4a:cc:bb:ba:f9:d3:
83:f6:5f:eb:7e:55:5f:47:88:44:3a:b9:b2:25:84:
02:6f:dc:2e:9b:53:8c:29:54:4d:6f:bb:a0:8b:04:
6e:64:f7:97:12:66:5b:c8:fc:4d:4f:e9:45:0a:9a:
d9:fb:a9:bf:db:86:f8:b4:97:c4:bb:d2:87:e2:e2:
78:a9:dc:47:92:ec:58:db:24:95:93:6f:35:53:c2:
e2:bb:7c:8d:27:af:78:e2:67:2d:6c:a4:c0:fd:fe:
cf:4e:ff:2a:4c:ce:a1:92:39:96:3a:91:1b:1b:82:
cb:ae:95:6a:41:b2:f2:b8:a5:30:5d:21:57:9f:96:
3e:5a:30:fb:9f:58:16:3d:82:b6:c4:82:4e:bf:39:
12:c6:a6:03:6b:2b:57:c3:53:fe:b2:6f:6c:28:37:
60:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:05:E8:68:36:E9:FA:5D:58:8F:D0:94:38:C0:4B:65:4C:F0:19:BC
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/gQXoaDbp-l1Yj9CUOMBLZUzwGbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.64.0-193.56.66.255
193.56.72.0-193.56.74.255
213.166.76.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:a8:b0:a8:f8:e1:1b:f9:59:17:10:2a:5e:64:0b:50:73:f5:
5a:3b:56:b5:83:65:37:c1:c8:ca:26:87:ad:c8:e7:89:e8:c1:
b3:9b:45:f9:8f:5b:94:3b:ec:25:8c:13:30:07:e6:86:17:98:
ba:c4:3b:b9:d1:bc:d4:6f:0f:1f:b8:94:db:c6:68:18:8b:91:
43:6a:24:de:d9:37:07:08:0d:b3:60:32:89:7a:52:f2:4c:b8:
67:84:2b:25:75:99:13:4a:16:6c:56:a8:a0:a6:19:21:7b:bd:
35:74:bd:88:cb:2a:d1:3b:ba:32:a9:2a:49:32:d8:86:d3:7b:
18:6d:e3:f8:e6:90:65:aa:e8:66:a7:0a:f5:a4:e3:eb:d7:6d:
e8:3c:30:e7:0d:03:7e:45:96:38:b3:34:63:a6:f4:f8:f4:c5:
53:f3:ba:08:d9:0c:db:39:1a:61:6a:c9:5b:53:71:a5:ea:2e:
ce:bf:22:b4:33:f7:b2:8f:d5:ad:2a:32:a5:16:5e:a3:08:95:
f2:9a:67:cb:a8:c7:1c:08:75:71:8d:3b:34:e7:1c:04:0e:2a:
8b:83:20:f3:78:78:ce:aa:9d:b7:01:91:0b:b4:7e:82:4e:39:
36:4f:a8:f6:b2:05:f4:db:bd:8f:4d:1a:74:90:cb:28:57:84:
0e:8f:34:f0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBi95HTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDIx
ODIxMDIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODEwNWU4NjgzNmU5
ZmE1ZDU4OGZkMDk0MzhjMDRiNjU0Y2YwMTliYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6P4IXurRfywl8sEMVfaLOBBuj3XJEIaMx013SZOxLYNio4
eKH75RDtzoXG0WZ8aAFbNo6j9t4u+LS0Nd6Lrx7JuOR+Rdi4PdNbMIUQ/e9RaaGe
G5H4RRKyuZHIVm0UePXMSsy7uvnTg/Zf635VX0eIRDq5siWEAm/cLptTjClUTW+7
oIsEbmT3lxJmW8j8TU/pRQqa2fupv9uG+LSXxLvSh+LieKncR5LsWNsklZNvNVPC
4rt8jSeveOJnLWykwP3+z07/KkzOoZI5ljqRGxuCy66VakGy8rilMF0hV5+WPlow
+59YFj2CtsSCTr85EsamA2srV8NT/rJvbCg3YFECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSBBehoNun6XViP0JQ4wEtlTPAZvDAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L2dRWG9hRGJwLWwxWWo5Q1VPTUJMWlV6d0didy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIjAMAwQGwThAAwQAwThCMAwDBAPBOEgD
BADBOEoDBALVpkwwDQYJKoZIhvcNAQELBQADggEBAI2osKj44Rv5WRcQKl5kC1Bz
9Vo7VrWDZTfByMomh63I54nowbObRfmPW5Q77CWMEzAH5oYXmLrEO7nRvNRvDx+4
lNvGaBiLkUNqJN7ZNwcIDbNgMol6UvJMuGeEKyV1mRNKFmxWqKCmGSF7vTV0vYjL
KtE7ujKpKkky2IbTexht4/jmkGWq6GanCvWk4+vXbeg8MOcNA35FljizNGOm9Pj0
xVPzugjZDNs5GmFqyVtTcaXqLs6/IrQz97KP1a0qMqUWXqMIlfKaZ8uoxxwIdXGN
OzTnHAQOKouDIPN4eM6qnbcBkQu0foJOOTZPqPayBfTbvY9NGnSQyyhXhA6PNPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org