Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/w-o-H2rmM9I2QjJ2rVXObfay7Bo.roa
File: w-o-H2rmM9I2QjJ2rVXObfay7Bo.roa (raw, json)
Hash identifier: MXw5oTIUyc8YCZX75vT742PxOw7T2QIssVeQeF3Er84=
Subject key identifier: C3:EA:3E:1F:6A:E6:33:D2:36:42:32:76:AD:55:CE:6D:F6:B2:EC:1A
Certificate issuer: /CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Certificate serial: 018A7584805A699AD4BF1C6D3AFDA2C6784C
Authority key identifier: 0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/w-o-H2rmM9I2QjJ2rVXObfay7Bo.roa
Signing time: Fri 08 Sep 2023 15:58:52 +0000
ROA not before: Fri 08 Sep 2023 15:58:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210669
IP address blocks: 193.107.81.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:75:84:80:5a:69:9a:d4:bf:1c:6d:3a:fd:a2:c6:78:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Validity
Not Before: Sep 8 15:58:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3ea3e1f6ae633d236423276ad55ce6df6b2ec1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f3:87:7e:00:f5:be:ce:b5:98:da:95:9b:e6:
a1:55:df:bd:f6:16:f4:7c:99:fe:31:8a:42:da:05:
d1:37:5c:c9:c3:c1:8e:2a:70:b5:8d:54:f1:55:85:
5c:31:2d:f7:b7:d4:fa:9e:68:e2:4b:15:16:55:78:
d6:c0:78:47:0a:b1:08:45:9a:30:79:bf:ec:4c:ed:
de:8d:43:68:15:4c:b8:4d:95:75:54:ad:f1:ed:db:
49:6c:04:2f:76:9d:c9:a7:1c:d7:b4:06:2f:35:92:
e1:bd:26:23:52:9b:ed:e1:16:ab:bc:9c:6f:9b:12:
74:e1:85:0a:80:16:f1:1f:a6:f5:f7:d9:54:db:a3:
69:43:a7:fd:6e:ec:b0:cf:b3:56:01:46:f0:93:12:
8f:28:d3:00:e1:ed:c7:2a:10:f3:79:cb:c5:9b:4e:
62:ca:2b:79:03:2a:68:c9:ef:e7:9d:3c:0b:99:e7:
16:9d:94:8a:12:15:8e:ff:ca:2a:f0:3f:3a:89:2e:
dd:55:b1:df:aa:19:f0:68:1e:7e:d3:e7:1d:bc:07:
44:45:49:28:71:9d:93:d5:7b:6b:53:cd:92:b4:92:
d1:eb:25:4e:fc:32:4f:58:e5:91:f5:dc:7e:ad:b7:
f4:fe:fd:1a:26:79:20:b9:4d:e8:f5:0a:13:0f:dc:
6d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:EA:3E:1F:6A:E6:33:D2:36:42:32:76:AD:55:CE:6D:F6:B2:EC:1A
X509v3 Authority Key Identifier:
keyid:0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/w-o-H2rmM9I2QjJ2rVXObfay7Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/DigqFcGl0VS72ocrNXYHqR-VCqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.81.0/24
Signature Algorithm: sha256WithRSAEncryption
30:f2:a8:28:f5:2b:6a:aa:bf:9e:20:49:42:48:65:b1:90:6c:
e2:e3:6f:e8:c3:a2:69:d4:eb:18:04:36:d7:c2:b9:46:c7:4b:
ea:5e:0e:6f:04:2c:63:78:52:c3:45:a0:f7:b2:07:cc:ae:37:
8f:18:25:a0:f6:23:45:4f:74:62:ef:df:2c:08:ba:6b:6d:06:
d6:25:1c:8f:6b:7c:4c:9a:1b:f4:75:1e:40:76:ee:15:6a:9c:
a7:4b:62:4b:cd:86:67:da:fd:d6:98:c7:7b:b4:79:f5:5a:be:
51:b9:01:5c:0e:fe:2a:07:9f:46:43:2f:b5:91:7e:42:34:1c:
0d:87:25:fa:45:53:78:19:7d:74:24:16:25:a4:15:19:e7:ff:
4f:9e:4c:d9:72:c8:8a:f5:65:61:96:28:03:f0:ae:05:08:a6:
c9:62:c8:23:c8:bc:76:b6:b7:5b:8f:0f:a0:81:09:75:ee:ae:
eb:28:70:1b:66:a2:80:91:be:f9:97:ca:f8:e2:53:33:06:c3:
c5:58:30:68:9b:b4:e1:b3:05:9c:a3:64:65:f5:59:a1:fa:59:
49:34:b7:b3:30:7d:20:9c:b0:61:e8:66:d8:7a:fb:80:7c:65:
77:fc:44:15:09:83:16:93:0e:51:cc:67:c8:9c:b8:af:58:1b:
bd:7a:80:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYp1hIBaaZrUvxxtOv2ixnhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjgyYTE1YzFhNWQxNTRiYmRhODcyYjM1NzYwN2E5MWY5
NTBhYTUwHhcNMjMwOTA4MTU1ODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2VhM2UxZjZhZTYzM2QyMzY0MjMyNzZhZDU1Y2U2ZGY2YjJlYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfOHfgD1vs61mNqVm+ahVd+99hb0
fJn+MYpC2gXRN1zJw8GOKnC1jVTxVYVcMS33t9T6nmjiSxUWVXjWwHhHCrEIRZow
eb/sTO3ejUNoFUy4TZV1VK3x7dtJbAQvdp3JpxzXtAYvNZLhvSYjUpvt4RarvJxv
mxJ04YUKgBbxH6b199lU26NpQ6f9buywz7NWAUbwkxKPKNMA4e3HKhDzecvFm05i
yit5Aypoye/nnTwLmecWnZSKEhWO/8oq8D86iS7dVbHfqhnwaB5+0+cdvAdERUko
cZ2T1XtrU82StJLR6yVO/DJPWOWR9dx+rbf0/v0aJnkguU3o9QoTD9xtcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMPqPh9q5jPSNkIydq1Vzm32suwaMB8GA1UdIwQY
MBaAFA4oKhXBpdFUu9qHKzV2B6kflQqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYt
Nzg3NDFhYzkzYjMwLzEvdy1vLUgycm1NOUkyUWpKMnJWWE9iZmF5N0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYtNzg3NDFhYzkzYjMw
LzEvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWtRMA0G
CSqGSIb3DQEBCwUAA4IBAQAw8qgo9Stqqr+eIElCSGWxkGzi42/ow6Jp1OsYBDbX
wrlGx0vqXg5vBCxjeFLDRaD3sgfMrjePGCWg9iNFT3Ri798sCLprbQbWJRyPa3xM
mhv0dR5Adu4VapynS2JLzYZn2v3WmMd7tHn1Wr5RuQFcDv4qB59GQy+1kX5CNBwN
hyX6RVN4GX10JBYlpBUZ5/9PnkzZcsiK9WVhligD8K4FCKbJYsgjyLx2trdbjw+g
gQl17q7rKHAbZqKAkb75l8r44lMzBsPFWDBom7ThswWco2Rl9Vmh+llJNLezMH0g
nLBh6GbYevuAfGV3/EQVCYMWkw5RzGfInLivWBu9eoCi
-----END CERTIFICATE-----
Generated at Wed Sep 20 12:06:02 2023 by rpki-client on console-fra.rpki-client.org