Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/tTCW6kcmhyL5QlvNXudBt0K_m68.roa
File: tTCW6kcmhyL5QlvNXudBt0K_m68.roa (raw, json)
Hash identifier: 8p4arD7hh/esStMGMD2Hnwt6eVmzYdB0vTcrA81lWho=
Subject key identifier: B5:30:96:EA:47:26:87:22:F9:42:5B:CD:5E:E7:41:B7:42:BF:9B:AF
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05B2562F
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/tTCW6kcmhyL5QlvNXudBt0K_m68.roa
Signing time: Sat 01 Jan 2022 07:57:14 +0000
ROA not before: Sat 01 Jan 2022 07:57:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57371
IP address blocks: 194.169.84.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95573551 (0x5b2562f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b53096ea47268722f9425bcd5ee741b742bf9baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2c:e1:e4:95:85:22:6b:3a:de:75:94:af:be:
fe:57:f8:58:ea:1d:6c:e1:30:29:a5:1c:8c:26:cb:
c6:f8:a5:6c:78:cf:4b:c5:88:15:04:c3:d5:3f:ae:
45:36:15:10:6f:1b:1d:bf:c7:0f:67:b8:97:f4:ac:
91:e6:6a:5e:cc:3e:5d:2d:be:a6:d6:e1:8e:fb:d4:
62:3b:5f:df:bb:f2:7a:27:8c:c6:e7:75:31:1b:9c:
51:c7:ed:7f:73:be:07:ec:a9:02:3b:9c:6c:09:9e:
65:af:f9:60:85:b4:49:c0:f3:38:08:db:8c:f9:e4:
0c:66:88:db:75:07:ad:11:f8:05:7b:c0:b1:ce:8d:
16:61:7e:33:a0:3c:aa:ce:2a:17:69:24:32:e5:59:
51:c4:49:b4:30:2e:6f:32:ec:18:d6:35:a1:af:82:
58:2a:d3:ae:9b:e2:4a:cd:ec:cf:39:91:28:9b:32:
d8:bc:05:67:38:99:6d:1e:dd:1b:c7:2e:30:24:79:
5d:84:e9:f9:5a:0c:18:e0:e9:f4:a7:68:3e:1b:e1:
f9:a4:01:b5:8f:45:be:34:5c:5e:c0:82:a4:c3:eb:
ca:7e:66:f4:c6:47:ef:85:9e:72:e1:52:08:88:e4:
0e:ac:24:51:02:8d:9a:2a:21:28:64:15:ed:30:ca:
5c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:30:96:EA:47:26:87:22:F9:42:5B:CD:5E:E7:41:B7:42:BF:9B:AF
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/tTCW6kcmhyL5QlvNXudBt0K_m68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.84.0/23
Signature Algorithm: sha256WithRSAEncryption
01:e1:84:9c:90:ce:48:0a:c7:7d:7f:01:f1:ea:9c:33:aa:b3:
90:34:19:c5:71:07:6f:4d:4f:ad:8f:fc:d5:14:df:d0:74:9d:
4e:08:03:63:56:5b:2c:90:10:f7:65:a9:59:b2:4c:a1:4e:e0:
81:8b:e8:9c:98:54:9b:6a:bf:dd:26:43:74:35:82:9c:34:ac:
1d:92:66:a2:39:9c:3e:ec:c2:a1:29:27:3a:cb:3c:b8:e4:28:
8e:48:97:ef:78:49:28:87:1a:76:b5:d4:a9:4a:91:2a:d2:d7:
5f:c9:9e:61:0c:27:fe:1c:e0:36:56:81:63:78:20:04:b5:35:
4e:f2:02:2c:4d:e7:4a:49:37:69:c5:f6:f2:a2:ae:2a:77:35:
80:fa:e8:d6:8c:13:8a:86:4e:4f:a5:c8:2e:85:09:d0:3c:b5:
d7:83:c8:f8:45:15:fb:a9:05:79:4e:a0:1a:5b:d1:81:a1:b8:
e8:b3:3f:38:54:67:4d:d0:34:9a:70:58:9e:06:02:75:e3:5b:
8c:07:7f:79:6d:c5:31:24:fb:7c:19:ad:31:87:21:0b:5c:58:
bb:e2:f1:68:21:24:c7:b5:5c:7f:a7:30:78:fe:30:52:22:79:
56:6d:c4:3c:de:ba:65:dd:be:39:bc:12:a5:d8:97:1e:d8:22:
83:be:04:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbJWLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUzMDk2ZWE0NzI2
ODcyMmY5NDI1YmNkNWVlNzQxYjc0MmJmOWJhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJEs4eSVhSJrOt51lK++/lf4WOodbOEwKaUcjCbLxvilbHjP
S8WIFQTD1T+uRTYVEG8bHb/HD2e4l/SskeZqXsw+XS2+ptbhjvvUYjtf37vyeieM
xud1MRucUcftf3O+B+ypAjucbAmeZa/5YIW0ScDzOAjbjPnkDGaI23UHrRH4BXvA
sc6NFmF+M6A8qs4qF2kkMuVZUcRJtDAubzLsGNY1oa+CWCrTrpviSs3szzmRKJsy
2LwFZziZbR7dG8cuMCR5XYTp+VoMGODp9KdoPhvh+aQBtY9FvjRcXsCCpMPryn5m
9MZH74WecuFSCIjkDqwkUQKNmiohKGQV7TDKXJcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1MJbqRyaHIvlCW81e50G3Qr+brzAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L3RUQ1c2a2NtaHlMNVFsdk5YdWRCdDBLX202OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcKpVDANBgkqhkiG9w0BAQsFAAOC
AQEAAeGEnJDOSArHfX8B8eqcM6qzkDQZxXEHb01PrY/81RTf0HSdTggDY1ZbLJAQ
92WpWbJMoU7ggYvonJhUm2q/3SZDdDWCnDSsHZJmojmcPuzCoSknOss8uOQojkiX
73hJKIcadrXUqUqRKtLXX8meYQwn/hzgNlaBY3ggBLU1TvICLE3nSkk3acX28qKu
Knc1gPro1owTioZOT6XILoUJ0Dy114PI+EUV+6kFeU6gGlvRgaG46LM/OFRnTdA0
mnBYngYCdeNbjAd/eW3FMST7fBmtMYchC1xYu+LxaCEkx7Vcf6cweP4wUiJ5Vm3E
PN66Zd2+ObwSpdiXHtgig74Eew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org