Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/HA9EtUA_rXN3rb5z0a5r1ldn9yI.roa
File: HA9EtUA_rXN3rb5z0a5r1ldn9yI.roa (raw, json)
Hash identifier: 4ULAAjcFReGCPqcUeNEqzBkbnCxlhSB+NRzxTxXU4mE=
Subject key identifier: 1C:0F:44:B5:40:3F:AD:73:77:AD:BE:73:D1:AE:6B:D6:57:67:F7:22
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 03CA3057
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/HA9EtUA_rXN3rb5z0a5r1ldn9yI.roa
Signing time: Sat 01 Jan 2022 02:56:34 +0000
ROA not before: Sat 01 Jan 2022 02:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40065
IP address blocks: 194.156.132.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63582295 (0x3ca3057)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 1 02:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c0f44b5403fad7377adbe73d1ae6bd65767f722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b7:10:ee:6a:ed:92:80:4a:bf:5e:f0:8c:7b:
36:cb:af:e9:28:37:f6:bb:1b:30:fa:34:85:fa:2b:
93:0d:87:6f:79:be:24:0f:7f:93:9e:87:3b:f5:71:
c4:d4:65:54:0a:0f:80:4c:1d:ae:b7:69:2d:a0:8e:
b0:7c:04:64:f7:11:8c:4d:7d:e8:03:ef:8a:96:5a:
dc:59:49:5a:51:a4:6f:61:c6:30:84:74:be:41:ef:
3b:77:44:eb:31:08:82:02:62:b8:40:01:69:2f:26:
d9:c6:d6:6f:01:5b:24:3a:7b:d4:64:54:a8:a3:38:
b8:c5:15:8f:56:11:b5:b2:22:c5:93:4e:77:2d:33:
fd:e7:47:ea:05:ee:88:c2:11:4c:41:69:c9:90:9d:
d1:05:b6:b4:07:ce:74:7d:54:55:84:e5:ff:83:76:
80:f9:2e:63:10:61:dc:02:ea:2d:3b:b6:60:4a:45:
3f:c4:72:b9:66:f4:eb:e4:df:15:3f:9c:e8:fc:5d:
6c:7d:74:92:02:05:97:4d:40:fa:04:76:64:3f:fe:
e0:a9:26:81:4e:ee:89:ab:07:71:ee:32:cf:29:28:
ee:cc:71:2b:bd:f6:7f:ce:27:db:9c:6a:ff:a8:28:
49:80:c1:58:d6:32:fb:f9:c4:f9:42:8e:74:cc:ab:
2c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:0F:44:B5:40:3F:AD:73:77:AD:BE:73:D1:AE:6B:D6:57:67:F7:22
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/HA9EtUA_rXN3rb5z0a5r1ldn9yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.132.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:1f:64:55:34:d7:17:64:5e:14:6e:27:88:98:a7:dc:65:34:
5c:25:9e:cc:10:e9:5c:94:d1:dd:0c:d0:67:27:1e:2e:89:60:
fc:d7:bb:93:16:cb:c5:fe:ac:83:63:6a:58:5b:ad:f6:8b:46:
f4:3f:ab:fb:b6:4e:2e:a3:56:13:58:b6:7d:1c:d7:73:ca:6f:
aa:62:1a:45:16:1c:92:72:9c:4f:d7:ea:05:4e:28:9d:07:7e:
68:ba:f5:23:3a:76:63:2d:87:14:7b:5d:73:6d:73:fa:b6:2c:
a5:a7:e2:af:04:d8:16:51:de:cc:c7:59:b4:c4:38:7d:d2:c5:
f8:a9:44:21:34:ff:f4:2f:2b:e3:1f:01:d7:1c:55:9a:2b:67:
32:a9:61:6e:84:8c:8a:50:23:da:74:6f:50:26:78:47:4b:ed:
33:77:b9:fb:ec:18:cf:ab:c3:4c:65:a0:c5:7c:8e:6f:48:63:
88:37:95:f3:b1:96:84:b9:6a:dd:65:bb:a0:9b:7e:d0:bc:5f:
f2:de:36:6b:18:80:6d:eb:6f:7f:08:62:58:34:f2:6f:55:1d:
18:f4:ec:da:2f:ea:01:5c:c9:70:32:38:73:12:cd:64:ca:e2:
00:32:62:c5:86:19:31:4b:b0:73:27:ee:e3:da:c4:44:c4:39:
99:3c:c1:14
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8owVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ3MzgzODljYjNiOTk4ZWM0ZmE2ZDQyNzJmOGRkNzk5ZmJjNGE5MB4XDTIyMDEw
MTAyNTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMwZjQ0YjU0MDNm
YWQ3Mzc3YWRiZTczZDFhZTZiZDY1NzY3ZjcyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPO3EO5q7ZKASr9e8Ix7Nsuv6Sg39rsbMPo0hforkw2Hb3m+
JA9/k56HO/VxxNRlVAoPgEwdrrdpLaCOsHwEZPcRjE196APvipZa3FlJWlGkb2HG
MIR0vkHvO3dE6zEIggJiuEABaS8m2cbWbwFbJDp71GRUqKM4uMUVj1YRtbIixZNO
dy0z/edH6gXuiMIRTEFpyZCd0QW2tAfOdH1UVYTl/4N2gPkuYxBh3ALqLTu2YEpF
P8RyuWb06+TfFT+c6PxdbH10kgIFl01A+gR2ZD/+4KkmgU7uiasHce4yzyko7sxx
K732f84n25xq/6goSYDBWNYy+/nE+UKOdMyrLPUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQcD0S1QD+tc3etvnPRrmvWV2f3IjAfBgNVHSMEGDAWgBQfRzg4nLO5mOxP
ptQnL43XmfvEqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8x
L0hBOUV0VUFfclhOM3JiNXowYTVyMWxkbjl5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8xL0gwYzRPSnl6dVpq
c1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcKchDANBgkqhkiG9w0BAQsFAAOC
AQEAHx9kVTTXF2ReFG4niJin3GU0XCWezBDpXJTR3QzQZyceLolg/Ne7kxbLxf6s
g2NqWFut9otG9D+r+7ZOLqNWE1i2fRzXc8pvqmIaRRYcknKcT9fqBU4onQd+aLr1
Izp2Yy2HFHtdc21z+rYspafirwTYFlHezMdZtMQ4fdLF+KlEITT/9C8r4x8B1xxV
mitnMqlhboSMilAj2nRvUCZ4R0vtM3e5++wYz6vDTGWgxXyOb0hjiDeV87GWhLlq
3WW7oJt+0Lxf8t42axiAbetvfwhiWDTyb1UdGPTs2i/qAVzJcDI4cxLNZMriADJi
xYYZMUuwcyfu49rERMQ5mTzBFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org