Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/SuaxwsuMmVhryfYHU_sYjXQRT38.roa
File: SuaxwsuMmVhryfYHU_sYjXQRT38.roa (raw, json)
Hash identifier: ZHMKkW8v9Pc2lJ7ltgEozRKP0SPS18RKw/TO9rJPHn0=
Subject key identifier: 4A:E6:B1:C2:CB:8C:99:58:6B:C9:F6:07:53:FB:18:8D:74:11:4F:7F
Certificate issuer: /CN=6c5e330cfa26fd44d4294fcdbddfbd89510c6a48
Certificate serial: 013E5A
Authority key identifier: 6C:5E:33:0C:FA:26:FD:44:D4:29:4F:CD:BD:DF:BD:89:51:0C:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF4zDPom_UTUKU_Nvd-9iVEMakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/SuaxwsuMmVhryfYHU_sYjXQRT38.roa
Signing time: Tue 24 May 2022 12:28:09 +0000
ROA not before: Tue 24 May 2022 12:28:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57964
IP address blocks: 193.93.142.0/23 maxlen: 27
2001:67c:830::/48 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81498 (0x13e5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e330cfa26fd44d4294fcdbddfbd89510c6a48
Validity
Not Before: May 24 12:28:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ae6b1c2cb8c99586bc9f60753fb188d74114f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:79:cf:44:bf:4a:dd:33:ec:5f:36:96:e5:69:
55:ce:5a:d6:3d:67:9b:16:69:92:0e:c4:b0:f8:e4:
27:88:b4:53:3b:fa:05:71:6c:25:f9:f7:cc:3e:9b:
d1:ca:32:86:53:3f:16:2d:58:e5:a8:ce:11:cb:bf:
53:44:cb:9d:c8:a9:06:1e:07:e3:ca:89:a6:ad:a8:
80:5f:97:06:2f:32:88:e0:9a:c6:15:4c:76:5e:8d:
66:4a:bf:46:4f:47:2d:5b:77:52:61:ba:d3:e5:c2:
05:27:f1:b2:3f:42:54:46:d3:b1:b1:06:84:07:4b:
d0:59:ff:12:17:ad:95:08:ab:fa:17:69:c7:f0:39:
db:71:f2:2a:cf:b2:42:51:39:2e:73:ca:7b:d8:f7:
f8:e7:57:af:36:5d:23:89:24:94:9a:70:f7:b1:2c:
7d:bb:d7:9b:97:97:e9:b8:49:e8:c8:8c:84:38:46:
ca:3a:60:b0:67:db:22:83:4e:08:20:4e:ed:1e:6f:
01:aa:e2:8d:b7:3b:ba:5e:01:fe:5b:39:9b:b7:7c:
93:6f:72:a4:4a:87:2b:4c:50:63:91:85:cb:26:72:
b6:d2:19:68:e0:24:06:87:a5:c3:b2:e0:33:91:21:
7c:f9:64:28:2b:dc:c5:38:86:bb:18:8a:7a:80:46:
7f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E6:B1:C2:CB:8C:99:58:6B:C9:F6:07:53:FB:18:8D:74:11:4F:7F
X509v3 Authority Key Identifier:
keyid:6C:5E:33:0C:FA:26:FD:44:D4:29:4F:CD:BD:DF:BD:89:51:0C:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF4zDPom_UTUKU_Nvd-9iVEMakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/SuaxwsuMmVhryfYHU_sYjXQRT38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/bF4zDPom_UTUKU_Nvd-9iVEMakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.142.0/23
IPv6:
2001:67c:830::/48
Signature Algorithm: sha256WithRSAEncryption
4f:aa:71:ba:e3:c1:82:f5:00:79:9d:de:80:e6:30:8c:61:d8:
d3:26:31:13:f0:e7:81:ba:75:26:d7:f1:e6:4f:a1:2e:5f:91:
19:1c:5c:d0:d4:5f:50:3d:b5:bb:15:da:3a:80:38:2b:e8:b9:
48:fc:67:9c:ee:cd:6c:f9:56:06:18:5c:69:f6:e2:fe:92:7a:
4e:6d:82:94:ad:ec:bd:7e:be:ae:0a:11:79:72:1a:d9:87:e0:
5a:b8:93:9f:c5:0d:89:8d:84:26:8b:5e:2f:e0:37:80:4d:ff:
fe:36:d1:45:2a:8e:09:6a:11:56:d7:6f:8f:7a:82:80:d3:74:
d1:f3:c5:7d:b8:4f:da:43:1e:b1:86:02:f6:40:82:f9:80:15:
60:48:31:e8:00:81:13:1e:a9:c7:dd:cf:39:47:d6:1f:5b:01:
6d:0f:65:b8:49:63:80:b2:06:48:45:d3:ac:dd:61:5f:6f:23:
7f:9b:63:b5:76:66:0b:30:77:5c:2b:e0:14:db:cc:6c:c5:ac:
5d:f0:12:9f:59:05:26:93:0d:45:fa:9b:13:9f:2b:9f:37:ca:
90:8e:68:17:6f:c6:38:32:e7:be:0f:c3:bd:1c:33:81:77:9b:
06:75:e7:6a:64:32:b0:d3:9c:71:23:be:4d:7b:51:f3:25:8f:
64:39:34:b1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIDAT5aMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZj
NWUzMzBjZmEyNmZkNDRkNDI5NGZjZGJkZGZiZDg5NTEwYzZhNDgwHhcNMjIwNTI0
MTIyODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0YWU2YjFjMmNiOGM5
OTU4NmJjOWY2MDc1M2ZiMTg4ZDc0MTE0ZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyXnPRL9K3TPsXzaW5WlVzlrWPWebFmmSDsSw+OQniLRTO/oF
cWwl+ffMPpvRyjKGUz8WLVjlqM4Ry79TRMudyKkGHgfjyommraiAX5cGLzKI4JrG
FUx2Xo1mSr9GT0ctW3dSYbrT5cIFJ/GyP0JURtOxsQaEB0vQWf8SF62VCKv6F2nH
8DnbcfIqz7JCUTkuc8p72Pf451evNl0jiSSUmnD3sSx9u9ebl5fpuEnoyIyEOEbK
OmCwZ9sig04IIE7tHm8BquKNtzu6XgH+Wzmbt3yTb3KkSocrTFBjkYXLJnK20hlo
4CQGh6XDsuAzkSF8+WQoK9zFOIa7GIp6gEZ/bwIDAQABo4ICGjCCAhYwHQYDVR0O
BBYEFErmscLLjJlYa8n2B1P7GI10EU9/MB8GA1UdIwQYMBaAFGxeMwz6Jv1E1ClP
zb3fvYlRDGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YkY0ekRQb21fVVRVS1VfTnZkLTlpVkVNYWtnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Mi84ZWFiY2QtZTZlOS00ZjQzLWJhNmMtZGEyMzEyYjY1YTUwLzEv
U3VheHdzdU1tVmhyeWZZSFVfc1lqWFFSVDM4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84
ZWFiY2QtZTZlOS00ZjQzLWJhNmMtZGEyMzEyYjY1YTUwLzEvYkY0ekRQb21fVVRV
S1VfTnZkLTlpVkVNYWtnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAG
CCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwV2OMA8EAgACMAkDBwAgAQZ8CDAw
DQYJKoZIhvcNAQELBQADggEBAE+qcbrjwYL1AHmd3oDmMIxh2NMmMRPw54G6dSbX
8eZPoS5fkRkcXNDUX1A9tbsV2jqAOCvouUj8Z5zuzWz5VgYYXGn24v6Sek5tgpSt
7L1+vq4KEXlyGtmH4Fq4k5/FDYmNhCaLXi/gN4BN//420UUqjglqEVbXb496goDT
dNHzxX24T9pDHrGGAvZAgvmAFWBIMegAgRMeqcfdzzlH1h9bAW0PZbhJY4CyBkhF
06zdYV9vI3+bY7V2Zgswd1wr4BTbzGzFrF3wEp9ZBSaTDUX6mxOfK583ypCOaBdv
xjgy574Pw70cM4F3mwZ152pkMrDTnHEjvk17UfMlj2Q5NLE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:07 2025 by rpki-client