Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/qhjdO94G9FLOUFfs34jR6yclypA.roa
File: qhjdO94G9FLOUFfs34jR6yclypA.roa (raw, json)
Hash identifier: jdcntZ8FyLfPROBCLS3R9Uxlu5A8N2qNjQro40WEXJo=
Subject key identifier: AA:18:DD:3B:DE:06:F4:52:CE:50:57:EC:DF:88:D1:EB:27:25:CA:90
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01859D54CEA054196A971215440DD33B14F7
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/qhjdO94G9FLOUFfs34jR6yclypA.roa
Signing time: Tue 10 Jan 2023 20:17:38 +0000
ROA not before: Tue 10 Jan 2023 20:17:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 194.15.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9d:54:ce:a0:54:19:6a:97:12:15:44:0d:d3:3b:14:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 10 20:17:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa18dd3bde06f452ce5057ecdf88d1eb2725ca90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f3:b9:08:15:70:35:95:85:5a:f6:ed:55:eb:
79:02:48:aa:33:35:28:19:f4:a0:cc:31:4a:a3:d0:
71:8f:14:f4:c6:c7:20:ed:f1:54:4a:16:38:d0:01:
2d:79:38:05:e4:c6:8d:aa:a9:cf:85:58:0f:16:f8:
86:28:71:30:d6:a9:bd:0b:f3:27:63:2c:cd:0e:a3:
ce:bb:78:95:5d:3d:fa:6b:d5:8e:4b:e4:63:8a:e1:
0d:fb:5b:8d:be:37:ac:74:7a:d0:a0:02:8e:c9:86:
94:7f:80:4a:ae:41:2e:a5:8e:e2:67:fa:98:69:81:
1e:1a:f2:14:6b:72:53:60:5c:13:7e:a7:1f:8f:cd:
96:e2:f1:fc:66:fd:9f:b3:79:f6:73:72:ba:d9:54:
36:72:2c:16:c9:27:b6:fc:f2:a6:c0:1e:12:88:f0:
4e:d0:85:2f:fd:5a:03:08:44:22:ad:0f:1b:8f:66:
f8:29:4c:49:0e:33:73:76:ee:80:c0:0b:2c:d8:8d:
8e:d1:25:89:68:de:ef:c4:5e:6e:e8:31:d4:7f:83:
45:bf:73:66:35:65:80:de:85:31:8e:59:16:81:3d:
85:20:57:33:27:e7:3d:98:f5:a7:b2:32:56:96:21:
29:d1:65:7b:dd:18:be:92:c5:91:e2:ce:a9:74:e2:
4a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:18:DD:3B:DE:06:F4:52:CE:50:57:EC:DF:88:D1:EB:27:25:CA:90
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/qhjdO94G9FLOUFfs34jR6yclypA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.154.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:33:28:77:14:93:4f:86:ad:ef:f2:5a:05:d6:fb:89:b5:b9:
c7:34:c7:83:cc:e0:19:2d:b1:d8:c5:95:14:c6:9c:53:1c:58:
8f:85:3d:0c:f0:31:15:ee:51:23:19:5e:ed:ea:d3:1c:55:93:
4c:d5:8c:87:31:5d:a4:15:ea:36:6b:e9:b3:09:02:63:95:7d:
dc:54:4f:f4:48:17:e1:4b:6c:6f:a4:d6:48:12:0a:9c:ff:d7:
66:72:21:c4:3f:31:39:eb:31:43:7e:68:db:d0:1b:b9:24:a5:
f6:05:3c:9c:73:31:3e:57:74:6b:88:02:1a:d2:50:0c:49:e6:
d4:3b:8d:e0:1e:89:87:2a:70:4b:b9:91:3f:fa:81:d8:0b:e0:
e5:6b:f4:bb:d1:fa:71:8d:98:37:c1:e6:e0:63:81:a6:6b:6b:
31:dd:a5:cb:8a:64:e3:39:b1:34:a1:ac:09:7a:36:6b:eb:1c:
01:55:47:92:9f:6e:f2:8c:d5:9e:31:85:90:67:53:03:57:5d:
ea:46:77:e8:1c:2f:f5:11:ac:8e:8b:f1:c6:3b:ee:2b:b3:1e:
2d:74:3d:ea:67:dc:73:c0:38:e5:4d:52:16:b8:d2:d6:b0:57:
0f:43:d2:f1:20:ae:06:f4:9a:a2:5e:3b:e7:04:43:88:d2:5c:
b3:ef:cc:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWdVM6gVBlqlxIVRA3TOxT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwMTEwMjAxNzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTE4ZGQzYmRlMDZmNDUyY2U1MDU3ZWNkZjg4ZDFlYjI3MjVjYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvO5CBVwNZWFWvbtVet5AkiqMzUo
GfSgzDFKo9BxjxT0xscg7fFUShY40AEteTgF5MaNqqnPhVgPFviGKHEw1qm9C/Mn
YyzNDqPOu3iVXT36a9WOS+RjiuEN+1uNvjesdHrQoAKOyYaUf4BKrkEupY7iZ/qY
aYEeGvIUa3JTYFwTfqcfj82W4vH8Zv2fs3n2c3K62VQ2ciwWySe2/PKmwB4SiPBO
0IUv/VoDCEQirQ8bj2b4KUxJDjNzdu6AwAss2I2O0SWJaN7vxF5u6DHUf4NFv3Nm
NWWA3oUxjlkWgT2FIFczJ+c9mPWnsjJWliEp0WV73Ri+ksWR4s6pdOJKawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKoY3TveBvRSzlBX7N+I0esnJcqQMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvcWhqZE85NEc5RkxPVUZmczM0alI2eWNseXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg+aMA0G
CSqGSIb3DQEBCwUAA4IBAQCfMyh3FJNPhq3v8loF1vuJtbnHNMeDzOAZLbHYxZUU
xpxTHFiPhT0M8DEV7lEjGV7t6tMcVZNM1YyHMV2kFeo2a+mzCQJjlX3cVE/0SBfh
S2xvpNZIEgqc/9dmciHEPzE56zFDfmjb0Bu5JKX2BTycczE+V3RriAIa0lAMSebU
O43gHomHKnBLuZE/+oHYC+Dla/S70fpxjZg3webgY4Gma2sx3aXLimTjObE0oawJ
ejZr6xwBVUeSn27yjNWeMYWQZ1MDV13qRnfoHC/1EayOi/HGO+4rsx4tdD3qZ9xz
wDjlTVIWuNLWsFcPQ9LxIK4G9JqiXjvnBEOI0lyz78wl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org