Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/70b715-a4f7-48d4-9cca-6d07546f7a5a/1/8aawdESDDx9lUwml9s63xvG5B0E.roa
File: 8aawdESDDx9lUwml9s63xvG5B0E.roa (raw, json)
Hash identifier: N15DBrEqQjhgU3660kkqggculKOyiYrqwfg8QuuE08U=
Subject key identifier: F1:A6:B0:74:44:83:0F:1F:65:53:09:A5:F6:CE:B7:C6:F1:B9:07:41
Certificate issuer: /CN=8f29cd1ead038e85bd9d332cc18ac309e0620c51
Certificate serial: 04B6FA9B
Authority key identifier: 8F:29:CD:1E:AD:03:8E:85:BD:9D:33:2C:C1:8A:C3:09:E0:62:0C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jynNHq0DjoW9nTMswYrDCeBiDFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/70b715-a4f7-48d4-9cca-6d07546f7a5a/1/8aawdESDDx9lUwml9s63xvG5B0E.roa
Signing time: Sat 01 Jan 2022 13:56:15 +0000
ROA not before: Sat 01 Jan 2022 13:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197171
IP address blocks: 195.246.124.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79100571 (0x4b6fa9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f29cd1ead038e85bd9d332cc18ac309e0620c51
Validity
Not Before: Jan 1 13:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1a6b07444830f1f655309a5f6ceb7c6f1b90741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ee:19:a3:e4:34:39:ce:d0:85:0c:40:da:9b:
0e:3b:fe:7c:b6:35:95:2a:00:b9:1a:ad:6e:b0:a5:
82:b3:b3:e1:c9:e3:cf:56:f8:4b:ee:10:c3:81:1e:
94:a3:f6:0d:f9:a1:31:a7:02:c6:ba:5a:69:01:8a:
de:46:06:3e:fc:74:99:fa:aa:34:e1:2c:e3:aa:3b:
11:4a:44:5e:52:8e:fb:df:36:d5:6d:ed:3d:db:bd:
55:c2:02:7a:f3:30:1a:3b:b1:d3:ac:2d:5b:31:4e:
56:84:da:fb:b5:ca:34:32:d5:76:c4:ff:1b:a4:74:
c4:af:ee:5a:bd:0d:59:d4:1b:75:d6:20:9f:f5:32:
4b:76:5c:89:ee:b4:ce:d5:5e:0e:72:23:a0:4c:a4:
ee:a9:5e:6c:21:ed:92:c9:80:f7:d1:cd:d5:fd:2c:
e4:d6:1e:bd:99:01:4a:da:ed:4c:22:94:44:83:34:
65:fb:e7:07:b2:88:ac:25:8c:1b:8c:75:d5:c6:b0:
1d:22:73:ca:a3:cc:c1:2b:04:77:b8:59:7d:0f:e2:
7c:c5:34:dd:11:62:45:3c:8a:33:58:45:16:89:20:
be:28:f0:16:e0:33:91:68:41:a5:c0:76:21:ad:be:
1c:a3:4d:d9:ea:79:97:33:39:d4:93:b2:c3:0f:0f:
67:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A6:B0:74:44:83:0F:1F:65:53:09:A5:F6:CE:B7:C6:F1:B9:07:41
X509v3 Authority Key Identifier:
keyid:8F:29:CD:1E:AD:03:8E:85:BD:9D:33:2C:C1:8A:C3:09:E0:62:0C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jynNHq0DjoW9nTMswYrDCeBiDFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/70b715-a4f7-48d4-9cca-6d07546f7a5a/1/8aawdESDDx9lUwml9s63xvG5B0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/70b715-a4f7-48d4-9cca-6d07546f7a5a/1/jynNHq0DjoW9nTMswYrDCeBiDFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.124.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:23:da:cf:fd:6f:3f:f4:6c:95:17:e4:e8:4e:67:63:93:b0:
05:20:b5:05:55:43:6d:d3:49:1c:74:d5:e7:a2:c1:b3:a2:79:
5c:d0:ad:24:b7:28:48:3b:d3:63:60:8a:5a:8e:12:7c:3f:a3:
91:15:e3:b8:75:f4:07:f0:a1:47:06:8c:a4:f0:81:0f:3a:a7:
5d:3d:a7:f7:0f:37:10:25:2d:1c:44:61:b2:8f:69:01:3e:83:
90:16:1c:45:97:88:92:9e:85:a6:0a:53:f4:39:0d:51:bc:bf:
73:70:e6:7d:fa:3e:78:f1:1e:26:92:fa:de:37:f9:cf:7d:40:
73:25:78:52:c4:be:95:00:65:67:a6:28:67:e8:63:1f:37:93:
7a:1e:ee:ed:66:4a:ad:c5:ef:c3:f3:6b:12:61:0e:b2:79:c3:
fe:66:57:34:91:9b:0c:fe:4f:16:2f:2a:bc:ec:6b:eb:a8:d5:
c6:4f:17:70:8e:55:c1:56:c6:b2:20:06:cc:70:32:dc:ae:56:
06:df:5f:c1:b2:7a:bb:d9:14:ac:70:14:3f:51:6e:95:0c:59:
af:ff:22:ef:b9:f1:a0:7e:16:22:a6:55:21:63:a3:ab:bf:a7:
82:0d:21:7b:8b:b8:19:4c:aa:d8:e6:26:5c:da:4f:a7:4e:16:
62:17:9f:da
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBLb6mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjI5Y2QxZWFkMDM4ZTg1YmQ5ZDMzMmNjMThhYzMwOWUwNjIwYzUxMB4XDTIyMDEw
MTEzNTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFhNmIwNzQ0NDgz
MGYxZjY1NTMwOWE1ZjZjZWI3YzZmMWI5MDc0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIjuGaPkNDnO0IUMQNqbDjv+fLY1lSoAuRqtbrClgrOz4cnj
z1b4S+4Qw4EelKP2DfmhMacCxrpaaQGK3kYGPvx0mfqqNOEs46o7EUpEXlKO+982
1W3tPdu9VcICevMwGjux06wtWzFOVoTa+7XKNDLVdsT/G6R0xK/uWr0NWdQbddYg
n/UyS3Zcie60ztVeDnIjoEyk7qlebCHtksmA99HN1f0s5NYevZkBStrtTCKURIM0
ZfvnB7KIrCWMG4x11cawHSJzyqPMwSsEd7hZfQ/ifMU03RFiRTyKM1hFFokgvijw
FuAzkWhBpcB2Ia2+HKNN2ep5lzM51JOyww8PZykCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTxprB0RIMPH2VTCaX2zrfG8bkHQTAfBgNVHSMEGDAWgBSPKc0erQOOhb2d
MyzBisMJ4GIMUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p5bk5IcTBEam9XOW5UTXN3WXJEQ2VCaURGRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvNzBiNzE1LWE0ZjctNDhkNC05Y2NhLTZkMDc1NDZmN2E1YS8x
LzhhYXdkRVNERHg5bFV3bWw5czYzeHZHNUIwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
NzBiNzE1LWE0ZjctNDhkNC05Y2NhLTZkMDc1NDZmN2E1YS8xL2p5bk5IcTBEam9X
OW5UTXN3WXJEQ2VCaURGRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcP2fDANBgkqhkiG9w0BAQsFAAOC
AQEALCPaz/1vP/RslRfk6E5nY5OwBSC1BVVDbdNJHHTV56LBs6J5XNCtJLcoSDvT
Y2CKWo4SfD+jkRXjuHX0B/ChRwaMpPCBDzqnXT2n9w83ECUtHERhso9pAT6DkBYc
RZeIkp6FpgpT9DkNUby/c3Dmffo+ePEeJpL63jf5z31AcyV4UsS+lQBlZ6YoZ+hj
HzeTeh7u7WZKrcXvw/NrEmEOsnnD/mZXNJGbDP5PFi8qvOxr66jVxk8XcI5VwVbG
siAGzHAy3K5WBt9fwbJ6u9kUrHAUP1FulQxZr/8i77nxoH4WIqZVIWOjq7+ngg0h
e4u4GUyq2OYmXNpPp04WYhef2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:02 2024 by rpki-client on console-fra.rpki-client.org