Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/YDxa5SR4XEd9K6awQ2EJliSDWsg.roa
File: YDxa5SR4XEd9K6awQ2EJliSDWsg.roa (raw, json)
Hash identifier: Qu6/+1DL08TPkqfTkMyKcq03w6iHoydF3rZwvbAkNO4=
Subject key identifier: 60:3C:5A:E5:24:78:5C:47:7D:2B:A6:B0:43:61:09:96:24:83:5A:C8
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 05075C41
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/YDxa5SR4XEd9K6awQ2EJliSDWsg.roa
Signing time: Tue 10 May 2022 12:10:23 +0000
ROA not before: Tue 10 May 2022 12:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134526
IP address blocks: 194.156.150.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84368449 (0x5075c41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: May 10 12:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=603c5ae524785c477d2ba6b04361099624835ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:02:ca:60:bf:06:55:0b:2d:ba:4c:34:f1:8d:
47:32:5d:41:27:88:a3:54:13:fb:e2:e5:50:e5:71:
5d:09:af:ca:73:16:07:d5:c4:8f:e4:bd:a3:c5:41:
b1:13:ed:aa:a1:57:b0:9e:a2:37:f2:d7:20:7e:8b:
4d:52:46:3f:b7:57:49:40:13:e3:59:2a:e7:19:28:
86:0b:37:81:e2:f0:5a:5a:a3:66:f5:ca:f8:43:ae:
eb:0d:1b:cc:98:b4:ff:39:ad:38:49:47:bf:6b:a6:
23:95:b8:6e:4b:f9:e0:51:e2:1b:81:17:5e:4e:67:
43:25:be:ae:24:b6:04:ec:a1:db:b6:a3:b5:82:3e:
be:12:3d:d2:3a:c0:0d:2f:37:1a:26:20:cd:5d:33:
c3:a9:fe:82:74:1d:97:89:42:9c:b1:86:19:e8:7b:
58:08:ed:83:5d:0a:27:19:18:81:0a:8f:b7:e4:8b:
27:ae:ff:e6:5e:7b:da:d7:1b:b6:f3:48:33:48:27:
0c:b6:e0:70:70:62:dc:72:a3:ce:95:27:8a:8d:ab:
9a:bf:bb:6c:21:53:4a:30:c8:d2:d3:78:e5:da:4b:
8e:d2:4d:f2:08:8f:1f:3b:bc:4a:8e:d9:96:34:e6:
04:0e:56:f8:f4:55:51:7c:04:88:70:7c:2b:c2:91:
69:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3C:5A:E5:24:78:5C:47:7D:2B:A6:B0:43:61:09:96:24:83:5A:C8
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/YDxa5SR4XEd9K6awQ2EJliSDWsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.150.0/24
Signature Algorithm: sha256WithRSAEncryption
56:29:51:9b:a5:eb:b3:61:7f:52:db:a7:c5:08:c3:ea:9f:e4:
c1:15:e4:8b:bd:82:46:e0:b0:ce:df:ee:8f:57:77:64:d2:a5:
1f:1a:93:48:0e:f7:bf:96:55:46:04:04:c7:cb:ce:95:2a:3d:
ca:1b:07:68:85:08:e1:4c:4c:29:d6:2e:a8:ad:ee:e9:66:80:
8c:be:3b:55:ec:84:8d:bd:6b:85:e7:87:b7:22:af:14:be:d9:
0d:c4:42:48:4c:f0:67:c6:35:e2:06:ab:d4:60:ce:4c:72:a1:
71:03:49:f3:a3:75:0d:fc:52:9c:e1:1f:32:ca:9b:66:c6:9a:
12:77:11:56:f2:cc:84:3f:de:ac:f2:30:b5:7e:1c:19:03:f7:
5d:3e:f8:5b:08:89:2c:1d:c7:cd:b6:41:46:01:b0:38:38:07:
51:be:90:cd:8b:47:19:33:50:27:b5:a5:08:fe:6b:2b:f1:66:
66:f4:be:d0:2c:61:ed:3b:09:49:a9:26:33:05:16:22:9f:59:
a7:42:af:2a:3a:78:b1:1a:63:2e:94:3e:e3:80:d4:06:af:35:
84:05:53:cc:5b:20:17:37:3f:24:ea:f2:5d:ca:d0:72:9c:30:
a5:bc:f9:59:2d:17:63:df:11:19:1d:ee:ba:cc:2a:03:b4:f9:
bb:a8:f8:40
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQdcQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ3MzgzODljYjNiOTk4ZWM0ZmE2ZDQyNzJmOGRkNzk5ZmJjNGE5MB4XDTIyMDUx
MDEyMTAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjAzYzVhZTUyNDc4
NWM0NzdkMmJhNmIwNDM2MTA5OTYyNDgzNWFjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMCymC/BlULLbpMNPGNRzJdQSeIo1QT++LlUOVxXQmvynMW
B9XEj+S9o8VBsRPtqqFXsJ6iN/LXIH6LTVJGP7dXSUAT41kq5xkohgs3geLwWlqj
ZvXK+EOu6w0bzJi0/zmtOElHv2umI5W4bkv54FHiG4EXXk5nQyW+riS2BOyh27aj
tYI+vhI90jrADS83GiYgzV0zw6n+gnQdl4lCnLGGGeh7WAjtg10KJxkYgQqPt+SL
J67/5l572tcbtvNIM0gnDLbgcHBi3HKjzpUnio2rmr+7bCFTSjDI0tN45dpLjtJN
8giPHzu8So7ZljTmBA5W+PRVUXwEiHB8K8KRaWsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRgPFrlJHhcR30rprBDYQmWJINayDAfBgNVHSMEGDAWgBQfRzg4nLO5mOxP
ptQnL43XmfvEqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8x
L1lEeGE1U1I0WEVkOUs2YXdRMkVKbGlTRFdzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8xL0gwYzRPSnl6dVpq
c1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKcljANBgkqhkiG9w0BAQsFAAOC
AQEAVilRm6Xrs2F/UtunxQjD6p/kwRXki72CRuCwzt/uj1d3ZNKlHxqTSA73v5ZV
RgQEx8vOlSo9yhsHaIUI4UxMKdYuqK3u6WaAjL47VeyEjb1rheeHtyKvFL7ZDcRC
SEzwZ8Y14gar1GDOTHKhcQNJ86N1DfxSnOEfMsqbZsaaEncRVvLMhD/erPIwtX4c
GQP3XT74WwiJLB3HzbZBRgGwODgHUb6QzYtHGTNQJ7WlCP5rK/FmZvS+0Cxh7TsJ
SakmMwUWIp9Zp0KvKjp4sRpjLpQ+44DUBq81hAVTzFsgFzc/JOryXcrQcpwwpbz5
WS0XY98RGR3uuswqA7T5u6j4QA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org