Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/unjZk3ROtVTYObrsWzY3DShjNAE.roa
File: unjZk3ROtVTYObrsWzY3DShjNAE.roa (raw, json)
Hash identifier: 8MZ5/RoumYIaNLjUdaG5jH9R3sQD/LPMosOLM86R7/U=
Subject key identifier: BA:78:D9:93:74:4E:B5:54:D8:39:BA:EC:5B:36:37:0D:28:63:34:01
Certificate issuer: /CN=6c5e330cfa26fd44d4294fcdbddfbd89510c6a48
Certificate serial: 01856C0127652C70D814E77EE160D3643554
Authority key identifier: 6C:5E:33:0C:FA:26:FD:44:D4:29:4F:CD:BD:DF:BD:89:51:0C:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF4zDPom_UTUKU_Nvd-9iVEMakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/unjZk3ROtVTYObrsWzY3DShjNAE.roa
Signing time: Sun 01 Jan 2023 06:24:52 +0000
ROA not before: Sun 01 Jan 2023 06:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57964
IP address blocks: 193.93.142.0/23 maxlen: 27
2001:67c:830::/48 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:27:65:2c:70:d8:14:e7:7e:e1:60:d3:64:35:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e330cfa26fd44d4294fcdbddfbd89510c6a48
Validity
Not Before: Jan 1 06:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba78d993744eb554d839baec5b36370d28633401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2e:16:29:44:67:1f:37:d4:c3:7e:9e:e8:2a:
14:ea:c6:d5:5f:80:f7:aa:80:b9:b5:c7:ea:14:63:
cc:e4:21:5b:9d:66:3c:65:89:13:b5:3d:16:c8:a9:
10:f3:b7:d0:58:0a:3e:9f:f0:6c:3a:9d:81:4f:26:
12:db:65:34:b2:eb:23:34:75:6f:2b:52:89:1d:b0:
75:70:5c:c7:22:1c:d4:da:25:09:fd:b1:6d:44:fc:
9f:7c:6f:a1:62:bb:0c:f5:50:f7:0c:4b:d2:b8:fc:
46:68:66:8c:c5:9e:f4:b4:34:92:7f:12:ac:74:1f:
d4:bd:49:04:05:5c:3a:27:19:65:e8:58:58:a5:fb:
1a:c6:19:73:4a:7e:db:73:6d:a4:60:3c:ef:17:50:
ac:95:f7:59:eb:9b:31:c9:3e:e7:a9:ce:7a:3f:d1:
72:33:d2:d6:7f:32:67:8f:06:ab:cf:b1:74:22:da:
85:69:d5:48:67:44:09:ff:72:2a:f4:7a:93:92:e2:
40:12:a8:8d:89:71:46:6a:a1:bd:64:59:7d:84:e5:
10:5a:15:16:22:12:10:40:f7:a0:d5:1d:f2:50:c7:
dc:6a:f2:ba:13:bc:a2:90:36:1c:e7:13:35:4a:5e:
28:4c:45:34:af:83:29:38:f6:b7:14:0e:5e:70:75:
ca:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:78:D9:93:74:4E:B5:54:D8:39:BA:EC:5B:36:37:0D:28:63:34:01
X509v3 Authority Key Identifier:
keyid:6C:5E:33:0C:FA:26:FD:44:D4:29:4F:CD:BD:DF:BD:89:51:0C:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF4zDPom_UTUKU_Nvd-9iVEMakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/unjZk3ROtVTYObrsWzY3DShjNAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8eabcd-e6e9-4f43-ba6c-da2312b65a50/1/bF4zDPom_UTUKU_Nvd-9iVEMakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.142.0/23
IPv6:
2001:67c:830::/48
Signature Algorithm: sha256WithRSAEncryption
9c:6d:e9:f9:fe:37:f0:e8:19:f5:0d:b4:e3:c1:21:8e:b6:7d:
ac:8b:b2:1c:e5:a2:e1:f5:8a:38:9d:ab:ba:c2:d9:dc:c1:c9:
bb:2c:9c:d5:c9:11:cd:3e:79:70:48:7d:ba:13:57:15:b1:2e:
50:73:27:6d:16:20:65:ae:c6:c5:eb:ed:41:6b:b8:27:2e:2b:
5f:b8:38:5f:a1:ab:26:2c:28:44:2f:af:2c:4a:b9:f9:14:42:
0e:46:52:44:d3:73:14:19:f5:bc:78:8a:86:01:8f:37:78:e7:
46:f9:66:5b:3e:56:82:b5:cb:a1:bb:04:2b:45:12:ee:c1:3b:
8f:dc:ad:0e:3c:88:95:0b:00:bf:7f:9f:cb:98:57:8e:c2:9e:
bc:ed:1f:e1:96:b8:da:2c:a7:c5:ba:43:dc:ee:b2:45:2a:97:
bf:ef:2c:a3:a6:9f:3e:e8:27:38:b7:6b:14:a3:2a:d7:cb:24:
d5:7b:97:7a:83:3c:7c:a9:08:87:6c:e3:17:08:b7:25:08:b1:
95:09:3e:5c:01:97:f4:56:e1:fe:db:c5:b3:54:45:c0:7b:38:
0a:af:b0:1e:46:75:d3:4e:c9:3e:d2:f8:45:33:99:1a:98:06:
08:8a:59:f3:76:f9:cb:7a:14:90:4f:25:4a:e9:80:d9:1e:2a:
c3:ab:f6:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsASdlLHDYFOd+4WDTZDVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWUzMzBjZmEyNmZkNDRkNDI5NGZjZGJkZGZiZDg5NTEw
YzZhNDgwHhcNMjMwMTAxMDYyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc4ZDk5Mzc0NGViNTU0ZDgzOWJhZWM1YjM2MzcwZDI4NjMzNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi4WKURnHzfUw36e6CoU6sbVX4D3
qoC5tcfqFGPM5CFbnWY8ZYkTtT0WyKkQ87fQWAo+n/BsOp2BTyYS22U0susjNHVv
K1KJHbB1cFzHIhzU2iUJ/bFtRPyffG+hYrsM9VD3DEvSuPxGaGaMxZ70tDSSfxKs
dB/UvUkEBVw6Jxll6FhYpfsaxhlzSn7bc22kYDzvF1CslfdZ65sxyT7nqc56P9Fy
M9LWfzJnjwarz7F0ItqFadVIZ0QJ/3Iq9HqTkuJAEqiNiXFGaqG9ZFl9hOUQWhUW
IhIQQPeg1R3yUMfcavK6E7yikDYc5xM1Sl4oTEU0r4MpOPa3FA5ecHXKQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLp42ZN0TrVU2Dm67Fs2Nw0oYzQBMB8GA1UdIwQY
MBaAFGxeMwz6Jv1E1ClPzb3fvYlRDGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY0ekRQb21fVVRVS1VfTnZkLTlpVkVNYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84ZWFiY2QtZTZlOS00ZjQzLWJhNmMt
ZGEyMzEyYjY1YTUwLzEvdW5qWmszUk90VlRZT2Jyc1d6WTNEU2hqTkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84ZWFiY2QtZTZlOS00ZjQzLWJhNmMtZGEyMzEyYjY1YTUw
LzEvYkY0ekRQb21fVVRVS1VfTnZkLTlpVkVNYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwV2OMA8E
AgACMAkDBwAgAQZ8CDAwDQYJKoZIhvcNAQELBQADggEBAJxt6fn+N/DoGfUNtOPB
IY62fayLshzlouH1ijidq7rC2dzBybssnNXJEc0+eXBIfboTVxWxLlBzJ20WIGWu
xsXr7UFruCcuK1+4OF+hqyYsKEQvryxKufkUQg5GUkTTcxQZ9bx4ioYBjzd450b5
Zls+VoK1y6G7BCtFEu7BO4/crQ48iJULAL9/n8uYV47CnrztH+GWuNosp8W6Q9zu
skUql7/vLKOmnz7oJzi3axSjKtfLJNV7l3qDPHypCIds4xcItyUIsZUJPlwBl/RW
4f7bxbNURcB7OAqvsB5GddNOyT7S+EUzmRqYBgiKWfN2+ct6FJBPJUrpgNkeKsOr
9sk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:08 2025 by rpki-client