Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/06o_vsHVPMY4J2UfRraXSYA1QtA.roa
File: 06o_vsHVPMY4J2UfRraXSYA1QtA.roa (raw, json)
Hash identifier: hB6ERSNPRv3CnRoY4tLwhfx5agBlcBkQV1b7jdp2ls8=
Subject key identifier: D3:AA:3F:BE:C1:D5:3C:C6:38:27:65:1F:46:B6:97:49:80:35:42:D0
Certificate issuer: /CN=6c5e330cfa26fd44d4294fcdbddfbd89510c6a48
Certificate serial: 01877E6D40742D7D88586DD6029BEF6E5783
Authority key identifier: 6C:5E:33:0C:FA:26:FD:44:D4:29:4F:CD:BD:DF:BD:89:51:0C:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF4zDPom_UTUKU_Nvd-9iVEMakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/06o_vsHVPMY4J2UfRraXSYA1QtA.roa
Signing time: Fri 14 Apr 2023 06:21:41 +0000
ROA not before: Fri 14 Apr 2023 06:21:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6718
IP address blocks: 193.93.142.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7e:6d:40:74:2d:7d:88:58:6d:d6:02:9b:ef:6e:57:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e330cfa26fd44d4294fcdbddfbd89510c6a48
Validity
Not Before: Apr 14 06:21:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3aa3fbec1d53cc63827651f46b69749803542d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e6:7b:3f:70:fa:a7:67:99:01:12:a9:7d:d1:
2f:c7:d2:d6:5f:7b:fa:58:82:09:74:58:77:c1:24:
be:3f:c3:33:f0:25:26:08:57:a6:40:bb:8b:e3:86:
21:04:99:7c:0c:69:4a:15:27:64:67:06:9c:aa:a1:
79:f3:7e:00:88:08:0c:8e:92:6b:92:c9:54:f6:41:
68:5f:4c:d6:e2:ea:39:d8:1f:53:5f:4e:8c:bb:43:
16:7c:a1:a2:a4:c1:4c:63:79:76:5c:a8:d7:33:81:
b2:50:85:7c:eb:54:56:4f:b2:6f:f2:57:6a:91:0c:
19:cb:5f:d2:a0:c8:54:ad:91:ad:db:49:1e:15:4e:
c5:43:bb:cb:d9:40:84:3f:4b:7f:dc:27:37:f3:dd:
57:98:ce:92:64:c2:ad:71:60:3b:45:e8:de:8b:87:
53:f1:0c:63:31:30:2b:e9:f5:f6:aa:35:2d:56:11:
28:02:e5:e8:3d:10:d5:ea:f4:34:34:00:ab:b3:28:
ba:52:e0:74:1e:2a:df:59:7c:a4:73:c9:da:c0:eb:
db:b3:b3:be:d0:0f:af:22:33:ee:84:a5:5d:11:81:
a8:c9:24:54:82:e2:11:d4:36:9c:99:06:38:ba:44:
92:bf:c2:4e:28:8f:c3:0c:c8:92:99:41:0c:1c:51:
cc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:AA:3F:BE:C1:D5:3C:C6:38:27:65:1F:46:B6:97:49:80:35:42:D0
X509v3 Authority Key Identifier:
keyid:6C:5E:33:0C:FA:26:FD:44:D4:29:4F:CD:BD:DF:BD:89:51:0C:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF4zDPom_UTUKU_Nvd-9iVEMakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/06o_vsHVPMY4J2UfRraXSYA1QtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/bF4zDPom_UTUKU_Nvd-9iVEMakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.142.0/23
Signature Algorithm: sha256WithRSAEncryption
95:c1:81:d3:55:68:b3:e9:4e:14:bd:ad:63:f9:e0:41:de:90:
79:b5:d6:2a:9d:bd:e8:bc:af:ca:88:b0:01:04:9a:e8:aa:42:
cf:e0:65:25:ca:bc:e6:87:c9:71:ee:11:81:d6:3a:51:ed:62:
31:ce:54:e1:28:b7:3b:48:03:35:11:a9:13:22:5b:71:e1:11:
ed:d4:c0:10:56:e2:68:68:e8:a1:14:fb:c7:ef:9b:37:54:f1:
eb:f5:62:9c:3f:26:d0:41:e2:b6:0b:c7:51:d5:a5:30:f4:d2:
12:4a:f7:98:45:69:0c:53:02:bd:82:5a:c0:b4:ce:08:2c:ad:
ca:c1:6e:ee:df:b7:83:d0:cd:d2:63:e7:ef:ef:d1:9c:33:c8:
54:87:5a:5a:e2:77:cd:f1:d9:ae:99:44:c6:ee:5c:51:d8:6e:
8c:8b:b4:d6:ff:b8:86:10:96:37:4b:5b:56:91:f2:51:c8:a2:
0f:3b:02:68:64:44:87:75:15:0b:f4:4c:84:56:55:90:bd:ef:
9c:9f:1a:3a:45:c9:9d:43:e1:1f:bf:56:49:29:f6:2e:6d:b5:
76:73:ad:f3:75:bb:e7:22:0f:13:37:06:f9:a3:5e:c2:a3:b3:
83:6d:8c:74:b7:65:d7:12:16:57:15:94:d4:18:0b:e6:f6:ec:
81:0a:0e:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd+bUB0LX2IWG3WApvvbleDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWUzMzBjZmEyNmZkNDRkNDI5NGZjZGJkZGZiZDg5NTEw
YzZhNDgwHhcNMjMwNDE0MDYyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2FhM2ZiZWMxZDUzY2M2MzgyNzY1MWY0NmI2OTc0OTgwMzU0MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouZ7P3D6p2eZARKpfdEvx9LWX3v6
WIIJdFh3wSS+P8Mz8CUmCFemQLuL44YhBJl8DGlKFSdkZwacqqF5834AiAgMjpJr
kslU9kFoX0zW4uo52B9TX06Mu0MWfKGipMFMY3l2XKjXM4GyUIV861RWT7Jv8ldq
kQwZy1/SoMhUrZGt20keFU7FQ7vL2UCEP0t/3Cc3891XmM6SZMKtcWA7Rejei4dT
8QxjMTAr6fX2qjUtVhEoAuXoPRDV6vQ0NACrsyi6UuB0HirfWXykc8nawOvbs7O+
0A+vIjPuhKVdEYGoySRUguIR1DacmQY4ukSSv8JOKI/DDMiSmUEMHFHMUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOqP77B1TzGOCdlH0a2l0mANULQMB8GA1UdIwQY
MBaAFGxeMwz6Jv1E1ClPzb3fvYlRDGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY0ekRQb21fVVRVS1VfTnZkLTlpVkVNYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84ZWFiY2QtZTZlOS00ZjQzLWJhNmMt
ZGEyMzEyYjY1YTUwLzEvMDZvX3ZzSFZQTVk0SjJVZlJyYVhTWUExUXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84ZWFiY2QtZTZlOS00ZjQzLWJhNmMtZGEyMzEyYjY1YTUw
LzEvYkY0ekRQb21fVVRVS1VfTnZkLTlpVkVNYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwV2OMA0G
CSqGSIb3DQEBCwUAA4IBAQCVwYHTVWiz6U4Uva1j+eBB3pB5tdYqnb3ovK/KiLAB
BJroqkLP4GUlyrzmh8lx7hGB1jpR7WIxzlThKLc7SAM1EakTIltx4RHt1MAQVuJo
aOihFPvH75s3VPHr9WKcPybQQeK2C8dR1aUw9NISSveYRWkMUwK9glrAtM4ILK3K
wW7u37eD0M3SY+fv79GcM8hUh1pa4nfN8dmumUTG7lxR2G6Mi7TW/7iGEJY3S1tW
kfJRyKIPOwJoZESHdRUL9EyEVlWQve+cnxo6RcmdQ+Efv1ZJKfYubbV2c63zdbvn
Ig8TNwb5o17Co7ODbYx0t2XXEhZXFZTUGAvm9uyBCg7g
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:41 2025 by rpki-client