Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SzeIzbzSMgAlR2R1yJVtOFqcdto.roa
File: SzeIzbzSMgAlR2R1yJVtOFqcdto.roa (raw, json)
Hash identifier: A6GOvCCZlsQBcdCDpWaFCQ+QaS5kTdPyBUbR+0diuCU=
Subject key identifier: 4B:37:88:CD:BC:D2:32:00:25:47:64:75:C8:95:6D:38:5A:9C:76:DA
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 018CC3488F79068B248ED4DF9DF2A1E27388
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SzeIzbzSMgAlR2R1yJVtOFqcdto.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57944
IP address blocks: 194.5.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8f:79:06:8b:24:8e:d4:df:9d:f2:a1:e2:73:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b3788cdbcd2320025476475c8956d385a9c76da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ec:96:f5:02:f5:b8:8b:1d:06:54:0e:59:f9:
2e:be:50:48:b2:c6:d7:2d:38:f6:0b:00:75:25:a1:
3c:7e:7a:73:8b:6e:69:61:fc:b5:5a:19:68:21:3e:
7f:4b:16:51:d6:71:16:50:2c:09:50:ab:a0:21:96:
5b:08:b8:91:29:bb:61:ca:89:2f:0b:aa:b4:05:b7:
d9:8c:a5:38:0b:12:55:10:06:de:02:32:f5:a9:90:
e2:6c:a9:22:6f:d9:9a:2d:ca:e9:c9:e7:9f:3e:2a:
4d:7e:26:47:77:8b:ff:d6:eb:fc:02:19:6a:58:ff:
8a:f8:07:65:30:ea:7c:c7:31:ed:70:68:45:1b:ff:
1b:c1:13:f0:34:7f:b7:97:e7:f9:03:d4:92:c7:44:
28:02:d0:ea:72:57:7c:b8:83:55:75:ea:86:00:4b:
c5:a9:c7:17:96:c4:12:26:0f:70:0e:98:d6:04:3b:
03:77:ee:45:7b:05:4f:4d:8e:cc:ce:64:d1:f7:55:
56:b2:1e:bd:ba:4f:fb:70:13:22:d1:28:51:be:ca:
09:d6:b2:89:ba:f3:00:ef:dd:eb:5a:63:2b:de:6e:
e3:3f:b8:5d:ed:18:2b:3f:58:7c:62:2c:66:c7:47:
a9:5d:84:da:32:33:c5:ef:6f:83:33:df:0b:85:1f:
e0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:37:88:CD:BC:D2:32:00:25:47:64:75:C8:95:6D:38:5A:9C:76:DA
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SzeIzbzSMgAlR2R1yJVtOFqcdto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.96.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:cd:c2:d4:b9:38:f8:07:55:21:d3:13:99:9b:76:db:10:d2:
33:ef:fe:04:8f:64:65:2a:9d:2b:ab:e7:ba:92:4c:49:dc:52:
0f:0f:78:76:c9:55:54:1a:51:9d:6d:80:94:39:1e:48:da:d9:
17:5b:30:59:9e:8e:5f:22:57:f0:e3:41:b1:6f:52:aa:f0:38:
be:29:f3:15:ea:03:d5:16:17:d7:26:53:b1:d2:43:99:e8:e6:
21:19:5d:d5:95:3f:5d:cb:57:ea:44:29:58:c2:dd:96:49:55:
11:09:5b:e1:04:fb:96:db:cb:12:bc:f1:0c:0c:2d:0e:fa:7c:
ed:35:4f:dc:fe:af:aa:95:e1:02:9d:42:90:2a:90:83:5f:36:
7f:6d:ba:42:7d:42:89:63:52:94:a4:9a:1a:14:89:ee:c5:69:
b2:40:9d:7f:b7:cd:f3:9e:1b:c9:f7:0f:c9:af:2b:65:79:3c:
2d:7a:35:9f:44:07:6d:b3:d2:09:ca:67:6b:74:39:0d:c3:13:
ff:c2:b1:7f:64:c7:b7:ed:32:b7:bd:fe:b5:d5:72:bb:fb:c3:
58:fc:c1:1a:76:de:98:b0:61:2c:14:14:de:84:64:65:99:6a:
e6:cd:f5:57:04:d1:d3:9a:ad:99:29:73:09:9a:bd:3e:94:5e:
07:de:ef:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSI95BoskjtTfnfKh4nOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM3ODhjZGJjZDIzMjAwMjU0NzY0NzVjODk1NmQzODVhOWM3NmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeyW9QL1uIsdBlQOWfkuvlBIssbX
LTj2CwB1JaE8fnpzi25pYfy1WhloIT5/SxZR1nEWUCwJUKugIZZbCLiRKbthyokv
C6q0BbfZjKU4CxJVEAbeAjL1qZDibKkib9maLcrpyeefPipNfiZHd4v/1uv8Ahlq
WP+K+AdlMOp8xzHtcGhFG/8bwRPwNH+3l+f5A9SSx0QoAtDqcld8uINVdeqGAEvF
qccXlsQSJg9wDpjWBDsDd+5FewVPTY7MzmTR91VWsh69uk/7cBMi0ShRvsoJ1rKJ
uvMA793rWmMr3m7jP7hd7RgrP1h8Yixmx0epXYTaMjPF72+DM98LhR/gnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEs3iM280jIAJUdkdciVbThanHbaMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvU3plSXpielNNZ0FsUjJSMXlKVnRPRnFjZHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgVgMA0G
CSqGSIb3DQEBCwUAA4IBAQDEzcLUuTj4B1Uh0xOZm3bbENIz7/4Ej2RlKp0rq+e6
kkxJ3FIPD3h2yVVUGlGdbYCUOR5I2tkXWzBZno5fIlfw40Gxb1Kq8Di+KfMV6gPV
FhfXJlOx0kOZ6OYhGV3VlT9dy1fqRClYwt2WSVURCVvhBPuW28sSvPEMDC0O+nzt
NU/c/q+qleECnUKQKpCDXzZ/bbpCfUKJY1KUpJoaFInuxWmyQJ1/t83znhvJ9w/J
rytleTwtejWfRAdts9IJymdrdDkNwxP/wrF/ZMe37TK3vf611XK7+8NY/MEadt6Y
sGEsFBTehGRlmWrmzfVXBNHTmq2ZKXMJmr0+lF4H3u8R
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:10:13 2024 by rpki-client on console-ams.rpki-client.org