Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/0yKSi6P6y_y5BSudxqJ5NSXp6tw.roa
File: 0yKSi6P6y_y5BSudxqJ5NSXp6tw.roa (raw, json)
Hash identifier: IXRzK/3+V4xN+E0haZU55jn+qrDWxaCijjPy9qesUi8=
Subject key identifier: D3:22:92:8B:A3:FA:CB:FC:B9:05:2B:9D:C6:A2:79:35:25:E9:EA:DC
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018AFE7B74195341A4034F0E6C93EA88DCA7
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/0yKSi6P6y_y5BSudxqJ5NSXp6tw.roa
Signing time: Thu 05 Oct 2023 06:16:58 +0000
ROA not before: Thu 05 Oct 2023 06:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200019
IP address blocks: 194.156.150.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:7b:74:19:53:41:a4:03:4f:0e:6c:93:ea:88:dc:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Oct 5 06:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d322928ba3facbfcb9052b9dc6a2793525e9eadc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:8d:7c:32:41:94:c7:8c:ca:b9:68:dc:4c:
2f:68:37:d4:e5:53:e7:e6:06:32:da:83:90:b4:1f:
72:1a:7e:ef:fc:0f:0a:52:54:12:2c:15:82:b1:0e:
06:2f:a3:b4:fa:10:ab:bc:ba:81:12:15:de:d2:4e:
4e:b4:05:98:63:12:2e:08:43:53:85:d2:a9:c8:56:
e7:42:88:40:75:f3:58:1a:46:93:d7:26:ba:16:23:
9a:93:c9:58:05:a4:55:cc:eb:84:fe:1b:ce:16:17:
ad:b3:14:43:28:57:d0:bc:43:1f:79:0f:77:d6:f8:
28:e5:3a:ab:aa:f7:31:a8:c3:ee:1c:89:45:57:3c:
55:b3:d2:43:09:39:88:cb:f6:4e:2c:a3:da:02:4d:
6d:8d:6e:68:ec:3c:c3:cf:cc:49:e5:6b:d1:f3:eb:
1b:c9:6e:8b:1d:8f:88:0f:ed:df:cf:a3:97:41:ab:
45:41:23:bf:92:68:51:e0:8d:d9:88:f9:74:9f:e7:
5b:d0:84:1e:bf:54:fc:f0:8b:cf:63:7f:bc:b8:42:
a2:b0:b4:51:d5:ec:93:7f:e4:58:4c:d2:82:5a:d7:
45:72:30:ef:7d:b0:8a:13:e6:68:a4:66:3e:50:21:
a0:38:0b:97:c9:bf:fe:8a:b7:7b:08:ff:41:70:c3:
c8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:22:92:8B:A3:FA:CB:FC:B9:05:2B:9D:C6:A2:79:35:25:E9:EA:DC
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/0yKSi6P6y_y5BSudxqJ5NSXp6tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.150.0/24
Signature Algorithm: sha256WithRSAEncryption
25:66:e8:65:d1:45:08:9d:a6:fb:9d:fa:a5:9e:4b:4f:89:77:
6f:de:ab:4e:79:af:89:f7:74:68:46:55:38:0c:1d:e2:73:03:
d9:9f:10:e0:84:6f:76:b3:19:07:e0:63:77:0d:ce:4a:39:af:
d1:90:5e:75:58:77:5e:e1:46:b1:71:33:da:0e:39:4f:e0:3c:
b9:f2:53:bb:77:67:93:41:42:21:f7:32:b0:23:60:15:ee:d4:
46:76:c7:d4:60:a7:92:31:4d:6e:78:78:8a:7a:db:3b:98:4f:
04:ad:9d:79:99:c1:b5:89:d4:06:92:53:77:dd:80:2b:44:9e:
8b:6d:70:06:7f:ae:b0:7b:dc:11:c6:cb:b4:98:72:1b:66:7d:
64:cd:07:e8:37:16:77:39:08:a1:c3:26:08:0c:bf:40:60:33:
c4:31:3d:29:a9:9e:e0:d3:a8:0c:e9:f7:84:58:8f:79:6e:f6:
a6:a4:9b:56:22:0b:b8:5b:b1:ae:a6:1a:1d:21:04:bc:b8:2b:
51:0d:3c:19:f6:89:ae:0a:e8:3f:6e:71:00:27:5e:dd:49:81:
d3:ba:7b:50:8f:6e:e1:0a:42:1f:bc:8a:f4:9a:d2:77:d4:02:
1d:d9:7c:fd:24:c3:d0:0e:b7:47:6d:d9:39:4b:7f:5e:03:c4:
79:f8:8a:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr+e3QZU0GkA08ObJPqiNynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMxMDA1MDYxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzIyOTI4YmEzZmFjYmZjYjkwNTJiOWRjNmEyNzkzNTI1ZTllYWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNCNfDJBlMeMyrlo3EwvaDfU5VPn
5gYy2oOQtB9yGn7v/A8KUlQSLBWCsQ4GL6O0+hCrvLqBEhXe0k5OtAWYYxIuCENT
hdKpyFbnQohAdfNYGkaT1ya6FiOak8lYBaRVzOuE/hvOFhetsxRDKFfQvEMfeQ93
1vgo5TqrqvcxqMPuHIlFVzxVs9JDCTmIy/ZOLKPaAk1tjW5o7DzDz8xJ5WvR8+sb
yW6LHY+ID+3fz6OXQatFQSO/kmhR4I3ZiPl0n+db0IQev1T88IvPY3+8uEKisLRR
1eyTf+RYTNKCWtdFcjDvfbCKE+ZopGY+UCGgOAuXyb/+ird7CP9BcMPI4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMikouj+sv8uQUrncaieTUl6ercMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvMHlLU2k2UDZ5X3k1QlN1ZHhxSjVOU1hwNnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpyWMA0G
CSqGSIb3DQEBCwUAA4IBAQAlZuhl0UUInab7nfqlnktPiXdv3qtOea+J93RoRlU4
DB3icwPZnxDghG92sxkH4GN3Dc5KOa/RkF51WHde4UaxcTPaDjlP4Dy58lO7d2eT
QUIh9zKwI2AV7tRGdsfUYKeSMU1ueHiKets7mE8ErZ15mcG1idQGklN33YArRJ6L
bXAGf66we9wRxsu0mHIbZn1kzQfoNxZ3OQihwyYIDL9AYDPEMT0pqZ7g06gM6feE
WI95bvampJtWIgu4W7GuphodIQS8uCtRDTwZ9omuCug/bnEAJ17dSYHTuntQj27h
CkIfvIr0mtJ31AId2Xz9JMPQDrdHbdk5S39eA8R5+Ir/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org