Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/taE8fLd_M4phkhZp_ylWtCf5Nug.roa
File: taE8fLd_M4phkhZp_ylWtCf5Nug.roa (raw, json)
Hash identifier: GCxSbb8SxIbj5OBW4xexD+ong8lgQY+76qNpIBAQr8M=
Subject key identifier: B5:A1:3C:7C:B7:7F:33:8A:61:92:16:69:FF:29:56:B4:27:F9:36:E8
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 018964895B897F0B02F4B377CA92893FDD93
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/taE8fLd_M4phkhZp_ylWtCf5Nug.roa
Signing time: Mon 17 Jul 2023 15:47:50 +0000
ROA not before: Mon 17 Jul 2023 15:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 193.5.28.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:89:5b:89:7f:0b:02:f4:b3:77:ca:92:89:3f:dd:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jul 17 15:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5a13c7cb77f338a61921669ff2956b427f936e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:56:5d:d0:b8:a8:8e:f1:4f:2a:a1:22:5a:fe:
de:49:d9:78:9b:c6:65:88:33:79:cf:c6:bb:c7:31:
16:c4:b7:a3:fe:16:57:0b:3b:fb:da:72:b6:80:1e:
fa:a4:2b:5c:6c:f8:bd:de:8f:59:4f:1a:66:30:71:
eb:2a:13:54:64:4f:ba:d5:cf:77:70:00:bf:12:0d:
ba:a4:e7:ff:24:c8:6d:b9:5b:5f:ad:09:14:e8:93:
99:2c:40:4a:fd:64:c6:b7:ac:27:46:d1:5a:4a:fc:
b7:6c:77:31:d3:91:6d:cb:f5:ac:89:29:8c:3c:1d:
ad:18:5c:1b:a7:f3:44:5f:c4:0c:94:06:f2:f9:f5:
8c:6e:c1:31:27:45:54:08:cc:a6:d3:1d:ee:26:d8:
71:72:bd:5f:a2:bf:ab:2c:c1:bc:b1:96:f9:4d:64:
61:fd:11:2a:3b:4f:c3:97:03:42:d2:09:25:9d:47:
89:ac:14:e1:37:bc:e5:92:f7:aa:1f:29:6e:5c:3d:
4c:73:23:30:48:93:84:8e:b8:51:85:17:ae:93:72:
7b:a4:84:20:2e:8b:e8:9c:45:84:62:44:43:5a:a2:
42:3e:78:83:35:bb:bd:b1:16:ad:97:05:72:f0:9e:
2d:ae:1f:92:9d:31:c6:5f:a3:3d:07:dd:90:5a:e8:
47:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A1:3C:7C:B7:7F:33:8A:61:92:16:69:FF:29:56:B4:27:F9:36:E8
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/taE8fLd_M4phkhZp_ylWtCf5Nug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.28.0/24
Signature Algorithm: sha256WithRSAEncryption
67:0d:7d:50:94:e9:96:05:0a:51:eb:4b:60:49:6a:51:12:7c:
10:dc:6d:47:9f:53:92:b9:1d:40:3c:99:e7:c2:20:8c:0c:39:
75:d3:6c:95:59:2a:95:1b:af:d1:75:1b:42:4c:7d:c0:88:f8:
b5:97:6b:06:94:f9:9b:49:5f:39:2b:8c:b4:48:3c:df:17:de:
c1:7d:3b:e1:8e:c1:5a:b8:61:16:bd:38:e0:29:6a:f2:8d:6d:
25:e8:a8:77:ad:ca:f0:31:7d:64:f5:3b:8d:32:46:56:7a:75:
a8:85:ce:a5:01:27:51:9f:fa:50:8b:3f:de:6f:5c:af:ee:8b:
ee:0e:8e:66:9e:3e:d7:c7:de:bc:f2:37:65:4e:19:86:ef:9f:
7e:23:40:93:1c:88:f3:d5:89:56:a1:4a:c1:e6:ef:94:fd:7f:
c7:58:8e:62:14:4c:d3:15:b4:5b:02:9b:68:7b:2e:00:c2:6a:
8a:13:8d:50:e2:ff:13:08:d3:77:fe:5b:23:72:59:a7:8e:1d:
87:08:7d:d7:eb:e3:00:bb:7e:a0:c5:be:c1:70:af:87:e3:29:
00:2a:72:4a:b2:b2:44:ba:ca:33:1b:e1:af:8b:e3:b0:44:e3:
ec:e4:17:0b:64:c7:0d:b6:a3:01:24:15:9a:6b:a2:81:fe:42:
fc:2d:90:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkiVuJfwsC9LN3ypKJP92TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjMwNzE3MTU0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWExM2M3Y2I3N2YzMzhhNjE5MjE2NjlmZjI5NTZiNDI3ZjkzNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVZd0LiojvFPKqEiWv7eSdl4m8Zl
iDN5z8a7xzEWxLej/hZXCzv72nK2gB76pCtcbPi93o9ZTxpmMHHrKhNUZE+61c93
cAC/Eg26pOf/JMhtuVtfrQkU6JOZLEBK/WTGt6wnRtFaSvy3bHcx05Fty/WsiSmM
PB2tGFwbp/NEX8QMlAby+fWMbsExJ0VUCMym0x3uJthxcr1for+rLMG8sZb5TWRh
/REqO0/DlwNC0gklnUeJrBThN7zlkveqHyluXD1McyMwSJOEjrhRhReuk3J7pIQg
LovonEWEYkRDWqJCPniDNbu9sRatlwVy8J4trh+SnTHGX6M9B92QWuhHYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWhPHy3fzOKYZIWaf8pVrQn+TboMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvdGFFOGZMZF9NNHBoa2hacF95bFd0Q2Y1TnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQUcMA0G
CSqGSIb3DQEBCwUAA4IBAQBnDX1QlOmWBQpR60tgSWpREnwQ3G1Hn1OSuR1APJnn
wiCMDDl102yVWSqVG6/RdRtCTH3AiPi1l2sGlPmbSV85K4y0SDzfF97BfTvhjsFa
uGEWvTjgKWryjW0l6Kh3rcrwMX1k9TuNMkZWenWohc6lASdRn/pQiz/eb1yv7ovu
Do5mnj7Xx9688jdlThmG759+I0CTHIjz1YlWoUrB5u+U/X/HWI5iFEzTFbRbApto
ey4AwmqKE41Q4v8TCNN3/lsjclmnjh2HCH3X6+MAu36gxb7BcK+H4ykAKnJKsrJE
usozG+Gvi+OwROPs5BcLZMcNtqMBJBWaa6KB/kL8LZCm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:17 2024 by rpki-client on console-fra.rpki-client.org