Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ff63d8-feca-43cd-904d-72b32d951953/1/96IgKqLFtSsVuWyrfxIKMRHE9So.roa
File: 96IgKqLFtSsVuWyrfxIKMRHE9So.roa (raw, json)
Hash identifier: dyopa5gAUjHpCl0fXL14qdlVBEL3CDdxbi2fqwxBH0c=
Subject key identifier: F7:A2:20:2A:A2:C5:B5:2B:15:B9:6C:AB:7F:12:0A:31:11:C4:F5:2A
Certificate issuer: /CN=d481a627017d1a06cedd0b48e4fc6fcff586dd94
Certificate serial: 01857169A5B57E652DD127E1669CD94F9268
Authority key identifier: D4:81:A6:27:01:7D:1A:06:CE:DD:0B:48:E4:FC:6F:CF:F5:86:DD:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IGmJwF9GgbO3QtI5Pxvz_WG3ZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/ff63d8-feca-43cd-904d-72b32d951953/1/96IgKqLFtSsVuWyrfxIKMRHE9So.roa
Signing time: Mon 02 Jan 2023 07:37:07 +0000
ROA not before: Mon 02 Jan 2023 07:37:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57152
IP address blocks: 93.180.132.0/24 maxlen: 24
93.180.133.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:a5:b5:7e:65:2d:d1:27:e1:66:9c:d9:4f:92:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d481a627017d1a06cedd0b48e4fc6fcff586dd94
Validity
Not Before: Jan 2 07:37:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7a2202aa2c5b52b15b96cab7f120a3111c4f52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:01:15:a0:94:74:7a:20:89:48:ca:fc:3e:
df:f5:77:aa:7e:da:b0:6b:46:96:a5:c7:83:0a:fb:
b0:a4:d2:84:ce:05:a5:e3:af:a1:29:36:89:17:dc:
2c:51:b6:11:73:cc:50:2d:b1:06:27:c5:65:83:aa:
ea:c0:66:69:a6:14:6e:cb:a5:ee:a8:e3:3e:89:81:
03:00:49:48:fc:9f:97:8a:14:0d:d0:f9:2b:b0:a4:
52:73:93:44:0a:fa:51:80:8c:21:3d:8b:c6:41:54:
ae:ac:e2:53:14:df:cc:8c:b2:98:c4:65:7e:80:9f:
6d:a8:71:8c:71:bc:0f:2b:7a:2c:fc:1d:cb:95:3d:
89:ae:4a:76:66:80:e3:b2:64:91:b4:1e:b3:36:f3:
4a:8b:a6:ac:cc:1b:6f:80:2c:86:b3:5f:06:5a:7b:
a8:fa:66:91:07:eb:dc:4d:4d:e8:64:20:9d:a6:09:
0d:28:2b:35:f3:49:aa:7b:64:15:e2:fd:86:fe:54:
c4:d1:91:7f:fe:70:a8:3a:f9:35:f4:e5:70:f9:95:
b0:16:79:47:82:dc:27:72:e7:ce:7b:78:83:88:99:
6c:cc:df:76:bf:9a:9b:4a:aa:32:81:83:2a:63:75:
37:30:fb:1c:a4:01:b3:f1:f9:fc:0e:a3:4c:20:d2:
8c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A2:20:2A:A2:C5:B5:2B:15:B9:6C:AB:7F:12:0A:31:11:C4:F5:2A
X509v3 Authority Key Identifier:
keyid:D4:81:A6:27:01:7D:1A:06:CE:DD:0B:48:E4:FC:6F:CF:F5:86:DD:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IGmJwF9GgbO3QtI5Pxvz_WG3ZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ff63d8-feca-43cd-904d-72b32d951953/1/96IgKqLFtSsVuWyrfxIKMRHE9So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ff63d8-feca-43cd-904d-72b32d951953/1/1IGmJwF9GgbO3QtI5Pxvz_WG3ZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.132.0/23
Signature Algorithm: sha256WithRSAEncryption
03:cd:c8:1e:83:62:23:59:5b:25:b6:53:11:3f:c3:66:a9:a9:
81:55:0d:b8:63:3e:dc:42:ed:d4:db:63:67:b1:6b:41:1a:83:
78:9c:2e:ef:97:35:c9:32:ed:23:ec:e8:0f:f1:82:c5:ea:44:
7a:da:f5:4d:db:4b:02:a5:aa:da:35:91:b1:84:96:f4:72:1b:
08:94:b8:e0:04:44:27:aa:48:8d:f1:f7:41:60:74:72:7e:bb:
dc:a9:e5:2d:df:08:d1:07:eb:c1:53:5d:0b:54:70:e7:49:76:
f4:ff:8b:30:e1:7f:78:31:d1:bb:b9:ba:3c:c2:43:92:e0:b4:
28:19:e9:51:06:06:29:0d:82:07:9c:a5:c3:f1:ef:e7:10:59:
7b:2f:f1:38:0b:4b:f5:b5:f3:99:6e:97:4d:00:ec:be:63:b4:
75:c2:fe:6f:98:d5:d8:d0:05:0d:99:59:d7:b4:78:6f:2e:ce:
ca:b5:df:89:75:bf:5b:4d:fd:39:09:e6:52:fa:30:12:1e:b8:
77:fe:d5:b7:00:6a:23:9f:46:66:bd:30:fd:41:53:a3:2e:8e:
41:7a:3e:0e:f5:51:b3:73:a1:bc:1a:61:b9:99:de:bc:3e:a7:
af:7a:62:af:bb:c9:e0:c4:d4:86:d9:c1:98:16:fa:65:94:bc:
77:9c:bd:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxaaW1fmUt0SfhZpzZT5JoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODFhNjI3MDE3ZDFhMDZjZWRkMGI0OGU0ZmM2ZmNmZjU4
NmRkOTQwHhcNMjMwMTAyMDczNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2EyMjAyYWEyYzViNTJiMTViOTZjYWI3ZjEyMGEzMTExYzRmNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFcBFaCUdHogiUjK/D7f9Xeqftqw
a0aWpceDCvuwpNKEzgWl46+hKTaJF9wsUbYRc8xQLbEGJ8Vlg6rqwGZpphRuy6Xu
qOM+iYEDAElI/J+XihQN0PkrsKRSc5NECvpRgIwhPYvGQVSurOJTFN/MjLKYxGV+
gJ9tqHGMcbwPK3os/B3LlT2Jrkp2ZoDjsmSRtB6zNvNKi6aszBtvgCyGs18GWnuo
+maRB+vcTU3oZCCdpgkNKCs180mqe2QV4v2G/lTE0ZF//nCoOvk19OVw+ZWwFnlH
gtwncufOe3iDiJlszN92v5qbSqoygYMqY3U3MPscpAGz8fn8DqNMINKMQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPeiICqixbUrFblsq38SCjERxPUqMB8GA1UdIwQY
MBaAFNSBpicBfRoGzt0LSOT8b8/1ht2UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlHbUp3RjlHZ2JPM1F0STVQeHZ6X1dHM1pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZjYzZDgtZmVjYS00M2NkLTkwNGQt
NzJiMzJkOTUxOTUzLzEvOTZJZ0txTEZ0U3NWdVd5cmZ4SUtNUkhFOVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZjYzZDgtZmVjYS00M2NkLTkwNGQtNzJiMzJkOTUxOTUz
LzEvMUlHbUp3RjlHZ2JPM1F0STVQeHZ6X1dHM1pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXbSEMA0G
CSqGSIb3DQEBCwUAA4IBAQADzcgeg2IjWVsltlMRP8NmqamBVQ24Yz7cQu3U22Nn
sWtBGoN4nC7vlzXJMu0j7OgP8YLF6kR62vVN20sCparaNZGxhJb0chsIlLjgBEQn
qkiN8fdBYHRyfrvcqeUt3wjRB+vBU10LVHDnSXb0/4sw4X94MdG7ubo8wkOS4LQo
GelRBgYpDYIHnKXD8e/nEFl7L/E4C0v1tfOZbpdNAOy+Y7R1wv5vmNXY0AUNmVnX
tHhvLs7Ktd+Jdb9bTf05CeZS+jASHrh3/tW3AGojn0ZmvTD9QVOjLo5Bej4O9VGz
c6G8GmG5md68PqevemKvu8ngxNSG2cGYFvpllLx3nL0n
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:34 2023 by rpki-client on console-ams.rpki-client.org