Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/vB13qgDz23gg1_3UuUJJQwUgTrE.roa
File: vB13qgDz23gg1_3UuUJJQwUgTrE.roa (raw, json)
Hash identifier: Keirk/h8BA2CKKq2q9aQ0EwHcqMaVebDlVyh+Ntlojs=
Subject key identifier: BC:1D:77:AA:00:F3:DB:78:20:D7:FD:D4:B9:42:49:43:05:20:4E:B1
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 018CC5DC159585D04C82D931BF11D087153C
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/vB13qgDz23gg1_3UuUJJQwUgTrE.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 193.5.1.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:15:95:85:d0:4c:82:d9:31:bf:11:d0:87:15:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc1d77aa00f3db7820d7fdd4b942494305204eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c0:e9:70:7e:4d:8d:b4:ab:ed:4f:b9:98:d6:
b9:bf:40:ba:96:10:33:ea:a7:6e:7d:4b:54:d3:ce:
d4:36:1d:f0:f3:e1:04:c9:b5:00:49:21:bd:a3:4c:
43:4d:51:bb:70:57:9a:32:fe:a7:2e:25:b4:1e:3e:
65:ce:d9:3c:14:ee:7c:a5:c8:ce:c0:6a:2f:c2:6b:
88:1d:ab:0d:5a:6d:95:80:8e:b5:ba:96:29:5d:30:
84:97:66:42:8b:f5:8d:ac:43:07:9d:a1:4c:93:46:
8c:d7:ee:81:6c:d3:89:ce:c3:c4:a7:3b:ec:92:3b:
e9:d5:b8:29:9f:cb:e6:14:e4:64:2d:d5:49:df:21:
df:62:81:18:f2:21:40:4c:12:04:2c:0b:76:44:f1:
85:1a:fe:14:c0:13:53:87:b6:35:8e:0a:e2:bf:17:
90:fc:4a:79:73:a6:47:3c:ce:47:01:34:12:0f:2b:
ad:06:a4:f9:ff:1f:ff:73:21:cd:85:29:cb:66:c9:
9a:a4:d2:e0:77:b5:29:a7:cd:64:73:c5:d4:6d:3a:
99:66:5d:88:41:8b:f9:06:33:bd:d9:78:29:11:f3:
2f:b6:7d:e1:1f:81:6b:1e:62:ce:a5:54:75:69:bd:
0a:21:0d:b5:96:57:c4:5e:f6:a1:fc:a4:0f:4f:c8:
c6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1D:77:AA:00:F3:DB:78:20:D7:FD:D4:B9:42:49:43:05:20:4E:B1
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/vB13qgDz23gg1_3UuUJJQwUgTrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.1.0/24
Signature Algorithm: sha256WithRSAEncryption
09:2a:a9:5d:cb:0c:f6:89:75:2f:71:c1:cc:d7:19:8d:2b:ea:
0a:b0:24:10:65:9a:6b:04:cc:48:4a:1d:48:fa:94:0a:e3:31:
0c:68:ab:7d:3f:67:3d:e4:9e:8b:93:f5:08:31:3f:3b:7a:e7:
3a:07:e4:20:a1:db:0d:c2:7a:59:c1:51:ed:55:5f:11:bd:8e:
40:97:10:6d:dd:b2:bb:eb:d9:4d:1f:ef:0b:1e:6e:03:83:66:
9c:38:40:36:85:9c:98:49:97:40:ce:44:5d:a8:80:41:7f:2f:
fd:54:d4:20:ae:5a:d2:3f:a5:e1:22:01:f0:a0:eb:fc:1e:1c:
9e:7e:f0:b4:76:67:96:5e:0b:c3:15:71:39:de:0c:ae:19:29:
c4:18:cf:b6:de:7e:c9:27:e3:c6:f4:14:12:1c:95:e9:4b:f1:
7b:b6:61:8c:b1:21:01:07:9e:8b:d1:87:72:5e:ef:5b:e4:92:
8c:82:0f:a3:ef:1b:9a:3b:98:b2:65:08:e7:cf:ba:94:de:e9:
f0:b8:9f:2d:49:cd:c1:e4:09:7f:bf:7e:04:12:ef:49:a8:86:
59:7e:48:48:47:04:a6:3f:5a:1d:fb:f0:6b:af:b4:95:92:32:
ee:e3:82:13:40:e4:06:e2:9d:28:78:b3:fc:09:5d:c6:e2:4b:
23:4d:50:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BWVhdBMgtkxvxHQhxU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFkNzdhYTAwZjNkYjc4MjBkN2ZkZDRiOTQyNDk0MzA1MjA0ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8DpcH5NjbSr7U+5mNa5v0C6lhAz
6qdufUtU087UNh3w8+EEybUASSG9o0xDTVG7cFeaMv6nLiW0Hj5lztk8FO58pcjO
wGovwmuIHasNWm2VgI61upYpXTCEl2ZCi/WNrEMHnaFMk0aM1+6BbNOJzsPEpzvs
kjvp1bgpn8vmFORkLdVJ3yHfYoEY8iFATBIELAt2RPGFGv4UwBNTh7Y1jgrivxeQ
/Ep5c6ZHPM5HATQSDyutBqT5/x//cyHNhSnLZsmapNLgd7Upp81kc8XUbTqZZl2I
QYv5BjO92XgpEfMvtn3hH4FrHmLOpVR1ab0KIQ21llfEXvah/KQPT8jGKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwdd6oA89t4INf91LlCSUMFIE6xMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvdkIxM3FnRHoyM2dnMV8zVXVVSkpRd1VnVHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQUBMA0G
CSqGSIb3DQEBCwUAA4IBAQAJKqldywz2iXUvccHM1xmNK+oKsCQQZZprBMxISh1I
+pQK4zEMaKt9P2c95J6Lk/UIMT87euc6B+QgodsNwnpZwVHtVV8RvY5AlxBt3bK7
69lNH+8LHm4Dg2acOEA2hZyYSZdAzkRdqIBBfy/9VNQgrlrSP6XhIgHwoOv8Hhye
fvC0dmeWXgvDFXE53gyuGSnEGM+23n7JJ+PG9BQSHJXpS/F7tmGMsSEBB56L0Ydy
Xu9b5JKMgg+j7xuaO5iyZQjnz7qU3unwuJ8tSc3B5Al/v34EEu9JqIZZfkhIRwSm
P1od+/Brr7SVkjLu44ITQOQG4p0oeLP8CV3G4ksjTVA0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:17 2024 by rpki-client on console-fra.rpki-client.org