Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/1-sqRAeTYLZDuuDEMRWFNEbsyMps.roa
File: 1-sqRAeTYLZDuuDEMRWFNEbsyMps.roa (raw, json)
Hash identifier: 3/Bmpczg0AuM5S5OrdH6kqTMGtOHUk5yXwBObtuFeRU=
Subject key identifier: FA:CA:91:01:E4:D8:2D:90:EE:B8:31:0C:45:61:4D:11:BB:32:32:9B
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 0AA9728D
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/1-sqRAeTYLZDuuDEMRWFNEbsyMps.roa
Signing time: Wed 20 Apr 2022 12:19:36 +0000
ROA not before: Wed 20 Apr 2022 12:19:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51248
IP address blocks: 192.145.98.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178877069 (0xaa9728d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Apr 20 12:19:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=faca9101e4d82d90eeb8310c45614d11bb32329b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6d:91:ae:77:64:1a:9f:24:63:f3:5d:9e:c9:
5d:f0:6c:e7:29:df:ea:6b:d4:3c:29:1f:aa:38:39:
a6:a8:1c:07:fc:f3:0b:83:93:7b:65:d3:19:12:b1:
01:65:df:24:c7:39:46:91:55:04:6a:b7:97:29:35:
16:5f:88:b3:0a:39:0b:48:33:1d:59:ff:e7:05:7c:
bd:8f:2f:51:1d:5f:c1:39:18:99:62:c2:ae:c2:18:
c7:7d:de:4a:4b:9b:8f:25:de:fd:fd:c6:4e:e8:af:
3d:42:80:ef:12:9b:e0:bf:de:75:46:36:23:ce:85:
44:97:66:d5:16:2c:a2:6d:c4:7b:99:57:29:e7:5e:
15:ae:da:ad:39:be:f8:f1:e0:ae:ab:76:dc:a8:bc:
0b:23:11:cd:f7:f2:57:a9:f9:bc:2b:d7:36:eb:93:
5e:f9:7c:65:69:be:3d:e6:53:80:3f:c7:1b:67:94:
46:c7:bc:ae:cc:2f:0b:95:63:b4:27:7c:a0:09:6e:
d2:2d:bf:10:e5:0b:cc:b4:d7:cf:91:d4:99:dd:4d:
5d:26:d3:83:7d:ee:32:2a:7b:84:fe:e2:07:e0:1f:
95:b6:05:89:b9:35:70:ba:06:fc:29:f3:da:21:ca:
0a:ce:da:e3:5b:db:56:47:a2:05:61:a7:53:74:3a:
57:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CA:91:01:E4:D8:2D:90:EE:B8:31:0C:45:61:4D:11:BB:32:32:9B
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/1-sqRAeTYLZDuuDEMRWFNEbsyMps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.98.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:90:54:86:69:52:48:08:40:41:8f:6e:5d:b0:0d:ed:22:0c:
99:ff:fd:c6:cf:be:30:b0:a3:c4:64:ff:1f:0f:2f:a6:8a:9d:
da:19:de:e3:d6:31:bd:10:59:69:4f:b0:ec:53:90:c7:96:03:
da:e5:32:e1:65:fd:1b:8c:f0:7e:01:13:ae:b1:6f:d3:19:cb:
94:66:32:ba:db:c4:46:f8:f9:1d:32:00:48:f2:dd:80:03:f2:
2e:7c:76:f0:b3:8b:98:64:32:23:1c:a6:8d:fd:49:99:50:41:
a4:1e:15:fa:31:79:70:a8:24:ea:9d:ce:90:e6:c9:bc:cd:2e:
5e:16:e5:fd:bc:fc:24:64:48:2b:07:ea:bd:d8:66:db:26:85:
9e:26:66:7b:bb:a4:a0:01:c4:58:96:b1:7e:e0:2c:26:a6:d8:
29:03:67:89:7d:09:71:07:cf:da:72:12:a7:ee:c6:42:5a:ae:
84:fc:65:fa:07:3c:c4:90:8f:44:e1:14:4b:59:83:70:c6:30:
31:07:03:ea:2f:9d:85:64:f6:12:2f:86:f8:7d:e9:c0:06:ca:
33:8b:18:c0:ff:13:70:8b:23:2c:8c:88:61:9b:11:d5:22:66:
85:ce:92:cf:72:25:6b:f7:05:76:33:66:83:a7:b7:c4:93:78:
04:67:4e:9c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECqlyjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODQwMWU1ODg5MGJmMjMwZGNhZTVkMDMwNTExOWZmMmMyYjhkNDMzMB4XDTIyMDQy
MDEyMTkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFjYTkxMDFlNGQ4
MmQ5MGVlYjgzMTBjNDU2MTRkMTFiYjMyMzI5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9tka53ZBqfJGPzXZ7JXfBs5ynf6mvUPCkfqjg5pqgcB/zz
C4OTe2XTGRKxAWXfJMc5RpFVBGq3lyk1Fl+Iswo5C0gzHVn/5wV8vY8vUR1fwTkY
mWLCrsIYx33eSkubjyXe/f3GTuivPUKA7xKb4L/edUY2I86FRJdm1RYsom3Ee5lX
KedeFa7arTm++PHgrqt23Ki8CyMRzffyV6n5vCvXNuuTXvl8ZWm+PeZTgD/HG2eU
Rse8rswvC5VjtCd8oAlu0i2/EOULzLTXz5HUmd1NXSbTg33uMip7hP7iB+AflbYF
ibk1cLoG/Cnz2iHKCs7a41vbVkeiBWGnU3Q6V+MCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6ypEB5NgtkO64MQxFYU0RuzIymzAfBgNVHSMEGDAWgBQ4QB5YiQvyMNyu
XQMFEZ/ywrjUMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09FQWVXSWtMOGpEY3JsMERCUkdmOHNLNDFETS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNjdkM2I4LWM0M2QtNDRiNy1hZmE2LThiOWNkZGI3MzQwOC8x
LzEtc3FSQWVUWUxaRHV1REVNUldGTkVic3lNcHMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY4
LzY3ZDNiOC1jNDNkLTQ0YjctYWZhNi04YjljZGRiNzM0MDgvMS9PRUFlV0lrTDhq
RGNybDBEQlJHZjhzSzQxRE0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAkWIwDQYJKoZIhvcNAQELBQAD
ggEBAEqQVIZpUkgIQEGPbl2wDe0iDJn//cbPvjCwo8Rk/x8PL6aKndoZ3uPWMb0Q
WWlPsOxTkMeWA9rlMuFl/RuM8H4BE66xb9MZy5RmMrrbxEb4+R0yAEjy3YAD8i58
dvCzi5hkMiMcpo39SZlQQaQeFfoxeXCoJOqdzpDmybzNLl4W5f28/CRkSCsH6r3Y
ZtsmhZ4mZnu7pKABxFiWsX7gLCam2CkDZ4l9CXEHz9pyEqfuxkJaroT8ZfoHPMSQ
j0ThFEtZg3DGMDEHA+ovnYVk9hIvhvh96cAGyjOLGMD/E3CLIyyMiGGbEdUiZoXO
ks9yJWv3BXYzZoOnt8STeARnTpw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:26 2024 by rpki-client on console-fra.rpki-client.org