Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/HsInyY2BH88DJyC39u9UCTqHeGs.roa
File: HsInyY2BH88DJyC39u9UCTqHeGs.roa (raw, json)
Hash identifier: wnYFKo0vsIVrCYBkig1h/MuTLV970BjyjVhz3KsUlfE=
Subject key identifier: 1E:C2:27:C9:8D:81:1F:CF:03:27:20:B7:F6:EF:54:09:3A:87:78:6B
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 03552034
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/HsInyY2BH88DJyC39u9UCTqHeGs.roa
Signing time: Wed 22 Jun 2022 05:29:45 +0000
ROA not before: Wed 22 Jun 2022 05:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 194.15.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55910452 (0x3552034)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jun 22 05:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ec227c98d811fcf032720b7f6ef54093a87786b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:98:ae:12:12:2f:89:bd:60:f1:1b:0a:01:cc:
ee:1b:6d:73:c9:c1:e5:0d:a4:70:ea:9d:d7:60:d4:
f9:f7:5b:23:d9:f1:52:52:ae:de:cf:73:59:9d:26:
61:5e:61:a6:15:15:0e:c7:c2:42:83:59:8e:00:90:
5b:1c:36:9f:07:9e:7f:51:09:db:9b:ef:a4:5b:9c:
4b:00:5d:e5:90:aa:66:6f:59:ec:a6:b3:f4:0b:1f:
32:85:5c:8f:68:7d:15:37:ac:79:54:04:b5:29:7d:
21:0b:b7:f8:91:94:5c:07:aa:db:bd:de:a2:66:16:
18:99:8f:74:5a:5b:96:f1:ef:45:bf:a4:33:7f:ac:
f2:d2:eb:da:a6:1b:bf:ca:f7:37:42:b7:31:ab:81:
dd:99:db:4a:4c:a9:5d:ac:26:f2:ab:11:c3:5c:3e:
4c:ad:d8:f9:1d:9b:a0:e4:88:b9:6d:0e:84:d2:d1:
9c:b1:eb:6f:95:48:ce:65:81:08:73:14:a4:9b:3b:
e9:09:0c:00:28:a2:f1:4d:df:86:c5:dd:1d:ac:49:
78:29:83:c0:16:09:8c:21:59:1e:2d:c6:7a:a0:01:
44:62:b8:25:36:6e:c7:08:64:3f:cd:6d:16:97:39:
37:15:85:d6:07:64:5b:cd:21:f8:75:59:da:c2:c7:
45:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C2:27:C9:8D:81:1F:CF:03:27:20:B7:F6:EF:54:09:3A:87:78:6B
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/HsInyY2BH88DJyC39u9UCTqHeGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.155.0/24
Signature Algorithm: sha256WithRSAEncryption
06:16:16:c5:b4:ec:c1:e1:89:8d:00:e8:af:41:c6:25:86:10:
64:f6:b4:4a:9e:f4:ea:4e:62:53:a4:e4:b2:8e:9f:65:2b:75:
32:8b:a1:4f:45:7b:78:40:3e:8e:8e:27:c1:23:c3:25:a6:0d:
de:a7:1d:f4:15:f1:fc:5e:8d:2f:0c:a0:5d:ed:1d:da:9c:a5:
aa:ac:d0:3c:03:c3:99:34:1a:27:d6:6f:46:ad:7a:17:c8:a1:
1b:59:a7:0c:8a:ed:3b:da:09:06:80:fd:03:21:f1:5e:a4:20:
b3:15:d6:10:e3:6c:12:b0:fa:22:56:6d:f5:25:70:7f:18:56:
bc:fa:69:6d:ed:ce:36:82:3a:69:34:ca:03:a2:b9:ea:04:97:
89:16:12:b8:62:91:11:24:55:a6:fc:b3:89:e1:c6:bf:2f:ca:
71:91:e7:fe:a5:0e:de:2f:10:39:e7:0b:de:37:4e:fd:00:74:
dc:43:e3:f1:d7:96:53:30:a9:b4:79:c6:68:2a:c6:8e:31:04:
5f:d8:16:75:d6:b4:65:e4:b6:e3:b6:c9:51:54:38:c6:2f:70:
c0:68:da:42:8b:df:e4:37:11:e0:ac:72:30:5d:9e:18:03:44:
8c:f3:f6:68:81:85:0f:43:5f:d8:c8:3a:a9:9f:da:0e:48:b5:
11:86:85:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1UgNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRlZDk0MmU1Yzc0MmU3N2JmYjliZWI5NTRmODcyNTM0ZjUyODQ4MB4XDTIyMDYy
MjA1Mjk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVjMjI3Yzk4ZDgx
MWZjZjAzMjcyMGI3ZjZlZjU0MDkzYTg3Nzg2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+YrhISL4m9YPEbCgHM7httc8nB5Q2kcOqd12DU+fdbI9nx
UlKu3s9zWZ0mYV5hphUVDsfCQoNZjgCQWxw2nweef1EJ25vvpFucSwBd5ZCqZm9Z
7Kaz9AsfMoVcj2h9FTeseVQEtSl9IQu3+JGUXAeq273eomYWGJmPdFpblvHvRb+k
M3+s8tLr2qYbv8r3N0K3MauB3ZnbSkypXawm8qsRw1w+TK3Y+R2boOSIuW0OhNLR
nLHrb5VIzmWBCHMUpJs76QkMACii8U3fhsXdHaxJeCmDwBYJjCFZHi3GeqABRGK4
JTZuxwhkP81tFpc5NxWF1gdkW80h+HVZ2sLHRWECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQewifJjYEfzwMnILf271QJOod4azAfBgNVHSMEGDAWgBQ8TtlC5cdC53v7
m+uVT4clNPUoSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8x
L0hzSW55WTJCSDg4REp5QzM5dTlVQ1RxSGVHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8xL1BFN1pRdVhIUXVk
Ny01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIPmzANBgkqhkiG9w0BAQsFAAOC
AQEABhYWxbTsweGJjQDor0HGJYYQZPa0Sp706k5iU6Tkso6fZSt1MouhT0V7eEA+
jo4nwSPDJaYN3qcd9BXx/F6NLwygXe0d2pylqqzQPAPDmTQaJ9ZvRq16F8ihG1mn
DIrtO9oJBoD9AyHxXqQgsxXWEONsErD6IlZt9SVwfxhWvPppbe3ONoI6aTTKA6K5
6gSXiRYSuGKRESRVpvyzieHGvy/KcZHn/qUO3i8QOecL3jdO/QB03EPj8deWUzCp
tHnGaCrGjjEEX9gWdda0ZeS247bJUVQ4xi9wwGjaQovf5DcR4KxyMF2eGANEjPP2
aIGFD0Nf2Mg6qZ/aDki1EYaFyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org