Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/TD7MMNHD3RiBiDh4788JK0lrcfY.roa
File: TD7MMNHD3RiBiDh4788JK0lrcfY.roa (raw, json)
Hash identifier: xt4m/EmA6Flie9FoHtTwbjTYWAlq74fXIMdinu8pQU8=
Subject key identifier: 4C:3E:CC:30:D1:C3:DD:18:81:88:38:78:EF:CF:09:2B:49:6B:71:F6
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 01857246F3CB7D74142F6606EEE929BFF2EE
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/TD7MMNHD3RiBiDh4788JK0lrcfY.roa
Signing time: Mon 02 Jan 2023 11:38:50 +0000
ROA not before: Mon 02 Jan 2023 11:38:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213220
IP address blocks: 192.145.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:f3:cb:7d:74:14:2f:66:06:ee:e9:29:bf:f2:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Jan 2 11:38:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c3ecc30d1c3dd1881883878efcf092b496b71f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:a0:37:a1:31:dd:ac:65:b1:81:65:22:f6:
ff:67:6b:0a:50:90:0e:5a:26:18:2c:99:0b:34:fc:
d7:4e:50:28:a0:97:4b:54:c1:49:ee:0a:46:8b:4a:
6a:23:76:81:bd:7d:17:8f:6f:93:46:c5:2d:30:66:
ca:a7:3e:e6:98:66:53:f3:02:43:d8:ea:58:a7:14:
8e:b8:62:ca:e7:72:43:00:4e:6d:2a:4d:ce:15:08:
b3:eb:16:6a:8a:cf:0f:ad:85:8f:d9:f9:25:17:a2:
04:70:f1:e0:be:ed:5c:67:6e:a0:2c:d6:af:88:aa:
d8:bc:a1:e9:ee:03:6a:10:a6:67:9b:57:0d:80:38:
ac:5f:27:74:19:47:0c:bf:b5:95:d6:04:ea:8f:b7:
df:e9:43:53:1f:fa:5f:e5:00:ce:4c:d0:86:bc:3e:
b7:f1:16:96:10:71:a1:08:5a:dd:c6:d4:9f:77:53:
9f:64:f3:b6:71:1a:3d:f0:76:31:7d:bc:b4:a9:7a:
25:64:8b:8e:48:af:85:10:ed:ec:c0:05:71:2c:c8:
ae:a7:cf:71:13:dd:56:a8:d8:dd:12:27:b6:e5:9b:
40:68:40:db:ea:23:1d:d2:bd:9d:f8:a6:b9:96:3d:
4d:de:89:5d:84:fb:c3:b6:be:1f:47:68:fd:0f:65:
e0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3E:CC:30:D1:C3:DD:18:81:88:38:78:EF:CF:09:2B:49:6B:71:F6
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/TD7MMNHD3RiBiDh4788JK0lrcfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.97.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:a4:0f:4b:aa:56:d8:89:1e:a5:d2:d7:c0:db:0d:ec:f0:c1:
45:9e:bf:c6:e1:46:01:5a:47:4d:74:79:6b:5f:33:37:09:36:
70:41:46:81:12:19:7f:f1:1e:38:4b:1c:58:67:fb:19:73:91:
e9:76:19:9f:b9:08:b3:26:68:d5:48:46:d8:0d:4f:0f:fc:02:
6c:c2:89:03:51:3a:5a:59:3d:db:83:4f:7f:9c:d3:4a:38:c9:
3f:a0:68:04:a9:1b:6d:55:fa:e0:26:aa:ae:8f:20:a6:c1:9e:
51:82:6c:9f:aa:b5:40:4e:d1:6e:86:fe:b5:1d:a0:0d:5c:1d:
ac:68:cf:d8:8e:94:58:57:46:35:ee:fd:30:ec:b2:d2:d8:88:
55:b1:23:a2:62:b0:48:b8:74:b7:e0:30:b7:67:bb:e6:c4:da:
26:db:3d:b6:6d:58:e7:e9:76:20:b7:9b:cc:70:ed:c4:fc:b5:
a8:f5:9a:41:dc:7a:d3:b2:af:ed:e2:10:24:dc:34:3c:b1:bc:
29:b4:5f:a4:cc:53:a8:8d:a3:cb:ac:a2:4c:c6:87:1b:7d:14:
d3:a0:a6:5d:3d:8c:0f:4a:87:47:e6:d3:df:65:4e:88:a7:8a:
b6:08:df:10:25:05:52:cc:20:64:65:22:5a:8b:49:27:05:30:
3f:92:6d:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRvPLfXQUL2YG7ukpv/LuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDAxZTU4ODkwYmYyMzBkY2FlNWQwMzA1MTE5ZmYyYzJi
OGQ0MzMwHhcNMjMwMTAyMTEzODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzNlY2MzMGQxYzNkZDE4ODE4ODM4NzhlZmNmMDkyYjQ5NmI3MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBygN6Ex3axlsYFlIvb/Z2sKUJAO
WiYYLJkLNPzXTlAooJdLVMFJ7gpGi0pqI3aBvX0Xj2+TRsUtMGbKpz7mmGZT8wJD
2OpYpxSOuGLK53JDAE5tKk3OFQiz6xZqis8PrYWP2fklF6IEcPHgvu1cZ26gLNav
iKrYvKHp7gNqEKZnm1cNgDisXyd0GUcMv7WV1gTqj7ff6UNTH/pf5QDOTNCGvD63
8RaWEHGhCFrdxtSfd1OfZPO2cRo98HYxfby0qXolZIuOSK+FEO3swAVxLMiup89x
E91WqNjdEie25ZtAaEDb6iMd0r2d+Ka5lj1N3oldhPvDtr4fR2j9D2XgOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEw+zDDRw90YgYg4eO/PCStJa3H2MB8GA1UdIwQY
MBaAFDhAHliJC/Iw3K5dAwURn/LCuNQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYt
OGI5Y2RkYjczNDA4LzEvVEQ3TU1OSEQzUmlCaURoNDc4OEpLMGxyY2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYtOGI5Y2RkYjczNDA4
LzEvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJFhMA0G
CSqGSIb3DQEBCwUAA4IBAQChpA9LqlbYiR6l0tfA2w3s8MFFnr/G4UYBWkdNdHlr
XzM3CTZwQUaBEhl/8R44SxxYZ/sZc5HpdhmfuQizJmjVSEbYDU8P/AJswokDUTpa
WT3bg09/nNNKOMk/oGgEqRttVfrgJqqujyCmwZ5RgmyfqrVATtFuhv61HaANXB2s
aM/YjpRYV0Y17v0w7LLS2IhVsSOiYrBIuHS34DC3Z7vmxNom2z22bVjn6XYgt5vM
cO3E/LWo9ZpB3HrTsq/t4hAk3DQ8sbwptF+kzFOojaPLrKJMxocbfRTToKZdPYwP
SodH5tPfZU6Ip4q2CN8QJQVSzCBkZSJai0knBTA/km27
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:26 2024 by rpki-client on console-fra.rpki-client.org