Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/yvIR_k8b3NEe3SHqN3k7iWFokrU.roa
File: yvIR_k8b3NEe3SHqN3k7iWFokrU.roa (raw, json)
Hash identifier: yaN5uRgZnDgUj8UaU37oEHLzt3x2aQnsUMhU9l5ijDQ=
Subject key identifier: CA:F2:11:FE:4F:1B:DC:D1:1E:DD:21:EA:37:79:3B:89:61:68:92:B5
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 01880E91189AF70D09B711B3EA7CD4746349
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/yvIR_k8b3NEe3SHqN3k7iWFokrU.roa
Signing time: Fri 12 May 2023 06:06:09 +0000
ROA not before: Fri 12 May 2023 06:06:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40065
IP address blocks: 194.156.132.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0e:91:18:9a:f7:0d:09:b7:11:b3:ea:7c:d4:74:63:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: May 12 06:06:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caf211fe4f1bdcd11edd21ea37793b89616892b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:13:93:d8:88:5f:03:08:bd:a3:65:a6:fe:f0:
6d:8e:63:1c:3b:1b:11:0a:9e:9a:cf:13:7a:a2:b3:
65:2e:bb:d2:ee:3d:48:29:4c:d7:e3:03:55:ff:7f:
42:d4:f6:87:98:6a:26:5e:36:85:84:a9:d8:f0:70:
41:88:3b:b3:a8:fa:44:1b:57:f6:e1:e2:f8:2c:4e:
b5:4a:07:6d:a2:5b:b4:7d:3e:4b:c2:c3:ac:20:59:
43:69:c8:1a:24:97:47:99:fd:95:e4:d5:cf:d2:1f:
00:c5:4a:46:14:21:37:00:8d:e4:34:cc:68:e6:f3:
0b:4b:22:74:19:0a:30:51:91:bd:8a:35:1e:92:7f:
b5:8e:dc:08:7e:cb:27:94:77:e0:59:12:bd:cd:62:
03:e2:90:d0:35:23:33:77:18:e1:0b:9c:d3:b7:53:
32:53:e8:7b:44:b9:e3:64:32:7f:a2:6d:ee:50:56:
c8:d5:c7:d1:72:b6:0c:d0:f4:d5:7e:5d:c8:64:29:
29:75:01:fa:8e:ef:f2:fa:bc:ac:d2:1d:2e:be:85:
a1:dd:8b:d1:39:00:08:98:e2:28:76:34:53:ca:c5:
e8:8e:fb:21:23:02:01:99:85:d4:24:0f:a7:b1:18:
80:39:31:a5:35:24:2d:fc:c9:8b:66:97:e0:c5:30:
b5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F2:11:FE:4F:1B:DC:D1:1E:DD:21:EA:37:79:3B:89:61:68:92:B5
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/yvIR_k8b3NEe3SHqN3k7iWFokrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.132.0/23
Signature Algorithm: sha256WithRSAEncryption
53:8c:b2:a8:d6:e2:4d:a3:97:c6:f8:f4:37:9c:d7:82:ab:50:
13:aa:74:6b:4d:90:b2:63:7d:fd:5a:59:2a:89:1f:5c:85:75:
d7:f7:f7:6b:ea:eb:97:e0:f6:83:29:ed:70:53:45:77:c5:67:
52:92:bb:f0:16:fb:b8:04:45:15:af:9e:fa:dd:eb:ab:91:b3:
37:f2:90:51:f1:ab:0b:f4:d4:94:e9:89:f9:aa:7c:b7:61:f5:
90:ae:a4:77:64:f9:79:1a:04:c4:aa:2f:8b:ae:39:d9:81:ee:
ac:8b:ef:71:23:ed:d7:49:c7:9d:d9:f8:fe:0b:e2:d6:19:cd:
c0:09:f7:12:17:a2:1b:04:54:08:f8:36:1c:e7:7c:a2:33:97:
d8:1e:89:0e:95:f1:a6:ba:8d:b1:c4:b9:4e:5c:e8:c0:a3:34:
6d:e4:e9:a7:5b:44:9b:bc:3f:2c:e4:f4:4b:b4:d5:b5:b4:b1:
26:ab:43:71:58:eb:39:ee:17:df:20:8c:19:e2:cb:1e:fd:40:
7d:dc:18:69:87:81:a7:20:6f:a6:d9:be:34:2d:aa:24:19:1d:
02:bd:87:33:dd:b4:a4:97:f2:93:ec:49:bc:7e:67:4b:75:b9:
40:f7:72:86:de:86:3a:d1:a8:45:4d:3a:29:df:23:74:68:2c:
d4:68:a1:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgOkRia9w0JtxGz6nzUdGNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNTEyMDYwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWYyMTFmZTRmMWJkY2QxMWVkZDIxZWEzNzc5M2I4OTYxNjg5MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxOT2IhfAwi9o2Wm/vBtjmMcOxsR
Cp6azxN6orNlLrvS7j1IKUzX4wNV/39C1PaHmGomXjaFhKnY8HBBiDuzqPpEG1f2
4eL4LE61Sgdtolu0fT5LwsOsIFlDacgaJJdHmf2V5NXP0h8AxUpGFCE3AI3kNMxo
5vMLSyJ0GQowUZG9ijUekn+1jtwIfssnlHfgWRK9zWID4pDQNSMzdxjhC5zTt1My
U+h7RLnjZDJ/om3uUFbI1cfRcrYM0PTVfl3IZCkpdQH6ju/y+rys0h0uvoWh3YvR
OQAImOIodjRTysXojvshIwIBmYXUJA+nsRiAOTGlNSQt/MmLZpfgxTC1GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMryEf5PG9zRHt0h6jd5O4lhaJK1MB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEveXZJUl9rOGIzTkVlM1NIcU4zazdpV0Zva3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpyEMA0G
CSqGSIb3DQEBCwUAA4IBAQBTjLKo1uJNo5fG+PQ3nNeCq1ATqnRrTZCyY339Wlkq
iR9chXXX9/dr6uuX4PaDKe1wU0V3xWdSkrvwFvu4BEUVr5763eurkbM38pBR8asL
9NSU6Yn5qny3YfWQrqR3ZPl5GgTEqi+LrjnZge6si+9xI+3XSced2fj+C+LWGc3A
CfcSF6IbBFQI+DYc53yiM5fYHokOlfGmuo2xxLlOXOjAozRt5OmnW0SbvD8s5PRL
tNW1tLEmq0NxWOs57hffIIwZ4sse/UB93Bhph4GnIG+m2b40LaokGR0CvYcz3bSk
l/KT7Em8fmdLdblA93KG3oY60ahFTTop3yN0aCzUaKH/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org