Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/_wXO93-aeqDFEBVj4HSTUVUA4qg.roa
File: _wXO93-aeqDFEBVj4HSTUVUA4qg.roa (raw, json)
Hash identifier: BGWauWzx2X84S/Lx0peXyvNpJAaEw7Cpt12DIf6QOnU=
Subject key identifier: FF:05:CE:F7:7F:9A:7A:A0:C5:10:15:63:E0:74:93:51:55:00:E2:A8
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 01860D0C79D605369DA91FA4860CFE168B74
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/_wXO93-aeqDFEBVj4HSTUVUA4qg.roa
Signing time: Wed 01 Feb 2023 12:56:06 +0000
ROA not before: Wed 01 Feb 2023 12:56:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44889
IP address blocks: 185.79.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:0c:79:d6:05:36:9d:a9:1f:a4:86:0c:fe:16:8b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Feb 1 12:56:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff05cef77f9a7aa0c5101563e07493515500e2a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:07:ab:44:bd:5c:1a:e9:e7:17:13:1e:fe:98:
61:0e:c4:8a:f3:b3:12:4d:96:b0:ae:66:ba:ae:0d:
f9:13:5b:79:94:af:d5:dd:c0:af:2a:d6:cf:9c:6d:
5b:e9:a5:b4:9a:71:5a:1f:c4:db:d7:e2:45:2b:fb:
85:32:83:0b:3c:63:5e:ac:f4:69:9a:c5:12:79:ce:
2a:9d:05:40:eb:fc:1d:24:39:04:1c:61:b9:d2:c9:
d9:3b:ef:1d:d6:d2:cd:8d:4b:e7:05:66:12:63:d4:
0b:b1:be:67:e1:41:dd:ec:d9:62:a5:1b:f0:d9:fc:
ea:23:9f:d3:0e:09:c1:ba:07:70:69:dd:6c:ff:0f:
37:7f:bd:5c:87:77:9e:99:29:c0:69:81:d7:a6:0c:
a0:bf:60:6d:a2:f3:b4:43:6f:18:25:ea:98:9e:f3:
a0:8d:17:ab:c9:85:19:93:26:5c:07:cc:8c:f5:05:
cd:70:42:2b:fe:85:5d:5b:b4:f5:7f:f2:01:6d:da:
b3:6c:b1:b8:59:a4:ae:48:eb:be:b2:86:77:f1:9d:
2b:ea:b2:e6:0e:52:91:ef:b5:71:67:72:96:79:32:
d3:60:01:0a:04:a0:fa:a2:6b:0f:9d:29:fd:a5:f8:
1b:50:28:80:2b:cb:10:b2:e2:06:e5:af:d8:2d:2a:
b7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:05:CE:F7:7F:9A:7A:A0:C5:10:15:63:E0:74:93:51:55:00:E2:A8
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/_wXO93-aeqDFEBVj4HSTUVUA4qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.96.0/24
Signature Algorithm: sha256WithRSAEncryption
89:f6:3b:0d:6e:77:38:16:cd:3f:bd:f3:bc:c3:6b:06:19:d7:
70:d3:0d:93:82:06:7c:2c:5e:84:64:83:78:f6:3a:4e:c0:7b:
8b:42:e6:28:88:33:be:d5:ea:8f:53:ae:04:e2:8f:77:40:06:
d6:80:06:6f:8d:1c:2c:80:1c:ae:85:0d:06:d5:79:09:4f:23:
b9:e3:f0:bf:6c:70:0a:5d:d3:0c:83:cc:92:b8:a1:85:b4:73:
e0:de:ab:9a:0b:b1:f6:a8:ef:65:59:47:5d:d6:f8:d7:94:cf:
00:6b:86:22:7c:00:50:30:2c:da:ed:3f:39:32:d4:37:f6:9c:
a9:6d:9d:d6:b4:d0:63:99:9e:40:2a:02:ca:74:02:55:26:26:
34:66:2c:8e:32:c8:25:44:06:9e:0c:1e:c7:35:b9:78:ce:31:
5a:0e:44:e8:6c:f5:ef:36:54:07:63:b3:38:b9:fb:64:f6:a0:
de:58:5f:06:db:ef:e2:8f:2e:b8:17:73:e6:1e:4c:aa:7b:01:
ad:41:5c:88:3a:f4:ea:7c:0a:0b:ab:89:93:f7:43:f8:9b:1e:
60:c0:19:be:3e:4e:72:21:0c:22:45:b6:9a:93:a7:f2:1e:9a:
9d:6b:66:af:a5:32:83:fc:b2:c3:86:21:9a:35:4e:91:fb:8e:
01:cf:24:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYNDHnWBTadqR+khgz+Fot0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2UwNTFjYjgzMWQxOTg5NjA3YmI3NmMwYmM1NjkzZmY5
NDdiNTMwHhcNMjMwMjAxMTI1NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA1Y2VmNzdmOWE3YWEwYzUxMDE1NjNlMDc0OTM1MTU1MDBlMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigerRL1cGunnFxMe/phhDsSK87MS
TZawrma6rg35E1t5lK/V3cCvKtbPnG1b6aW0mnFaH8Tb1+JFK/uFMoMLPGNerPRp
msUSec4qnQVA6/wdJDkEHGG50snZO+8d1tLNjUvnBWYSY9QLsb5n4UHd7NlipRvw
2fzqI5/TDgnBugdwad1s/w83f71ch3eemSnAaYHXpgygv2BtovO0Q28YJeqYnvOg
jReryYUZkyZcB8yM9QXNcEIr/oVdW7T1f/IBbdqzbLG4WaSuSOu+soZ38Z0r6rLm
DlKR77VxZ3KWeTLTYAEKBKD6omsPnSn9pfgbUCiAK8sQsuIG5a/YLSq3jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8Fzvd/mnqgxRAVY+B0k1FVAOKoMB8GA1UdIwQY
MBaAFIE+BRy4MdGYlge7dsC8VpP/lHtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQt
ZjU3N2FhNDZkZTgzLzEvX3dYTzkzLWFlcURGRUJWajRIU1RVVlVBNHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQtZjU3N2FhNDZkZTgz
LzEvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU9gMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ9jsNbnc4Fs0/vfO8w2sGGddw0w2TggZ8LF6EZIN4
9jpOwHuLQuYoiDO+1eqPU64E4o93QAbWgAZvjRwsgByuhQ0G1XkJTyO54/C/bHAK
XdMMg8ySuKGFtHPg3quaC7H2qO9lWUdd1vjXlM8Aa4YifABQMCza7T85MtQ39pyp
bZ3WtNBjmZ5AKgLKdAJVJiY0ZiyOMsglRAaeDB7HNbl4zjFaDkTobPXvNlQHY7M4
uftk9qDeWF8G2+/ijy64F3PmHkyqewGtQVyIOvTqfAoLq4mT90P4mx5gwBm+Pk5y
IQwiRbaak6fyHpqda2avpTKD/LLDhiGaNU6R+44BzyR2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:50 2024 by rpki-client on console-fra.rpki-client.org