Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pd79rVkzaBHr9CR7gmwTccVPlvY.roa
File: pd79rVkzaBHr9CR7gmwTccVPlvY.roa (raw, json)
Hash identifier: SpclU3mP1MzF879uBWRJbTNU5DsKyMnDoPGFVUJ/heg=
Subject key identifier: A5:DE:FD:AD:59:33:68:11:EB:F4:24:7B:82:6C:13:71:C5:4F:96:F6
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A1BEFE
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pd79rVkzaBHr9CR7gmwTccVPlvY.roa
Signing time: Sat 01 Jan 2022 07:57:04 +0000
ROA not before: Sat 01 Jan 2022 07:57:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 193.148.61.0/24 maxlen: 24
193.148.63.0/24 maxlen: 24
194.32.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94486270 (0x5a1befe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5defdad59336811ebf4247b826c1371c54f96f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:42:2b:e7:ac:a2:65:1c:93:cd:92:8c:f4:c3:
d0:81:e3:e3:9d:e6:4e:97:ae:ae:92:82:30:f5:01:
62:9a:90:98:17:2a:24:20:3b:df:c5:7c:69:89:9d:
c2:43:7a:49:7b:07:84:68:0a:1f:6e:5e:fd:95:cf:
46:df:a6:75:c7:2f:90:34:82:c3:19:fe:d6:d1:e3:
38:75:3c:6c:47:36:a2:44:4e:b4:bf:3b:b5:72:fe:
a7:d2:d3:4e:36:52:d6:32:48:39:af:0c:f4:c2:b5:
93:05:83:f1:e6:be:e7:17:b4:40:5f:81:a9:8f:63:
cc:d1:13:95:90:ce:cf:8d:ba:09:0d:6a:26:97:44:
32:e6:ad:8d:8b:a8:21:f7:a9:04:3f:ce:d9:b0:bc:
f9:06:e6:6c:a1:d7:78:e0:2e:53:fd:09:55:7a:a4:
ca:72:e5:0f:95:a3:b2:26:fe:f0:64:8d:65:b3:b9:
a2:7d:ef:bf:a9:4b:3b:b8:03:49:19:90:44:dc:e9:
15:93:ce:8e:39:61:c8:65:59:50:36:bb:4d:e3:53:
d5:59:3d:21:ce:a1:85:96:f1:15:96:ae:85:dd:3f:
21:f3:b5:a4:0e:53:41:d1:10:ff:ec:1c:e3:f6:38:
21:14:91:9e:ef:03:0e:98:6e:1b:25:bb:57:b9:c6:
cc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DE:FD:AD:59:33:68:11:EB:F4:24:7B:82:6C:13:71:C5:4F:96:F6
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pd79rVkzaBHr9CR7gmwTccVPlvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.61.0/24
193.148.63.0/24
194.32.127.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:38:28:4f:87:71:13:03:c2:02:60:b3:d9:97:b1:5b:6f:dc:
a4:aa:8b:ab:6d:4a:2b:98:c0:5a:29:50:99:c5:07:73:e1:29:
20:06:cb:6a:5d:29:dd:36:fb:08:c7:a2:b2:71:0a:25:82:23:
20:70:12:df:5a:6b:95:b8:90:ef:64:dc:04:aa:5c:83:93:10:
42:f5:2a:46:f0:b4:6b:e4:cc:bd:e2:be:a4:a0:05:61:7c:1c:
45:6d:9c:b5:fe:c2:ec:d7:15:e5:f1:a1:a9:87:f2:65:0e:a6:
bf:20:2b:5b:75:b5:4b:c0:a9:ac:4c:a7:7e:80:d9:65:80:79:
e0:9a:80:07:07:c4:2b:8b:3c:bf:94:a5:ae:b0:22:67:3c:65:
8f:07:9a:81:11:21:de:a9:ff:30:f2:25:85:0a:c7:9c:ec:80:
5e:47:4e:15:98:0a:e7:f6:b0:c2:f4:a5:45:09:7a:2f:3f:da:
7d:fb:ef:3f:6e:0c:f0:c3:4d:08:2a:9b:fc:3c:f8:33:69:ae:
29:16:6c:32:02:a1:3d:28:43:2a:ca:e1:f6:78:af:6e:c7:ab:
40:9f:6a:12:d1:ec:62:79:25:fc:dc:30:d2:78:53:11:b5:85:
6b:7f:c6:b4:0c:99:27:c9:37:9b:59:5b:49:72:03:4a:6a:3c:
8a:42:b4:96
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBaG+/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVkZWZkYWQ1OTMz
NjgxMWViZjQyNDdiODI2YzEzNzFjNTRmOTZmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNCK+esomUck82SjPTD0IHj453mTpeurpKCMPUBYpqQmBcq
JCA738V8aYmdwkN6SXsHhGgKH25e/ZXPRt+mdccvkDSCwxn+1tHjOHU8bEc2okRO
tL87tXL+p9LTTjZS1jJIOa8M9MK1kwWD8ea+5xe0QF+BqY9jzNETlZDOz426CQ1q
JpdEMuatjYuoIfepBD/O2bC8+QbmbKHXeOAuU/0JVXqkynLlD5Wjsib+8GSNZbO5
on3vv6lLO7gDSRmQRNzpFZPOjjlhyGVZUDa7TeNT1Vk9Ic6hhZbxFZauhd0/IfO1
pA5TQdEQ/+wc4/Y4IRSRnu8DDphuGyW7V7nGzHcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSl3v2tWTNoEev0JHuCbBNxxU+W9jAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L3BkNzlyVmt6YUJIcjlDUjdnbXdUY2NWUGx2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMGUPQMEAMGUPwMEAMIgfzANBgkq
hkiG9w0BAQsFAAOCAQEAujgoT4dxEwPCAmCz2ZexW2/cpKqLq21KK5jAWilQmcUH
c+EpIAbLal0p3Tb7CMeisnEKJYIjIHAS31prlbiQ72TcBKpcg5MQQvUqRvC0a+TM
veK+pKAFYXwcRW2ctf7C7NcV5fGhqYfyZQ6mvyArW3W1S8CprEynfoDZZYB54JqA
BwfEK4s8v5SlrrAiZzxljweagREh3qn/MPIlhQrHnOyAXkdOFZgK5/awwvSlRQl6
Lz/affvvP24M8MNNCCqb/Dz4M2muKRZsMgKhPShDKsrh9nivbserQJ9qEtHsYnkl
/Nww0nhTEbWFa3/GtAyZJ8k3m1lbSXIDSmo8ikK0lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org