Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/qoX1luMk95omm0MtoCiuN-CtlaY.roa
File: qoX1luMk95omm0MtoCiuN-CtlaY.roa (raw, json)
Hash identifier: lt9dzm06ErsgiBgRp9uABucKdzCwhi7Ovwfp0z1R5XI=
Subject key identifier: AA:85:F5:96:E3:24:F7:9A:26:9B:43:2D:A0:28:AE:37:E0:AD:95:A6
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 0188B47E8F3BED57310C2C01CEAB0DEAD09F
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/qoX1luMk95omm0MtoCiuN-CtlaY.roa
Signing time: Tue 13 Jun 2023 11:22:53 +0000
ROA not before: Tue 13 Jun 2023 11:22:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.162.78.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b4:7e:8f:3b:ed:57:31:0c:2c:01:ce:ab:0d:ea:d0:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Jun 13 11:22:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa85f596e324f79a269b432da028ae37e0ad95a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a1:86:13:51:a5:9c:19:45:05:3c:52:86:af:
d8:b5:fb:8e:23:29:f5:a5:58:ed:dc:32:b6:ee:13:
23:60:8c:ae:29:9e:b7:b8:e8:6b:f9:40:5a:07:8f:
2f:df:f9:72:cd:b8:fe:8d:54:4c:68:33:77:2d:f5:
d2:3d:02:57:7e:89:56:7e:a0:b9:1a:19:eb:eb:d0:
50:2c:2e:60:d7:02:1d:b5:73:14:a8:97:5a:b5:8b:
32:42:0b:9b:bf:c0:80:3d:31:11:af:a4:89:d2:f3:
95:bf:1b:9e:ae:27:e9:80:f9:57:73:8d:51:a0:b9:
52:a2:88:e9:02:07:dc:b6:46:84:2a:10:c1:8d:83:
55:c1:6e:6f:11:5e:8f:ee:7d:70:11:23:1b:d6:fc:
19:2b:c5:07:67:c9:8c:24:e5:23:e9:88:5a:22:26:
8c:fb:da:ed:88:6e:9f:a3:14:20:8b:ca:9b:00:f6:
57:c3:64:2e:12:83:ca:e3:ae:4c:7e:b5:87:9b:a9:
65:f5:a1:b5:98:0e:98:8b:27:6b:a6:ed:70:75:d3:
7a:19:63:18:9c:ec:a3:d2:db:6b:2d:df:33:f1:44:
f8:07:4c:96:05:62:a3:35:a9:e3:03:27:2b:63:5a:
55:05:f8:55:43:4c:6a:d9:77:8b:37:e8:23:66:5e:
41:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:85:F5:96:E3:24:F7:9A:26:9B:43:2D:A0:28:AE:37:E0:AD:95:A6
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/qoX1luMk95omm0MtoCiuN-CtlaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.162.78.0/24
Signature Algorithm: sha256WithRSAEncryption
12:ce:86:53:17:6f:d8:30:10:a5:b7:72:1e:05:8f:b7:77:32:
3b:20:ae:f5:bc:25:90:ce:3a:e8:59:26:f8:10:f8:79:6e:fa:
bf:50:f9:66:9c:d3:c4:ec:38:9d:19:a1:a9:1d:93:ef:2f:dd:
21:49:53:59:04:4c:7d:a8:04:7d:e2:ba:f0:95:e6:25:92:b6:
8e:f0:2c:c7:9f:03:a0:93:79:04:b4:92:95:2a:fb:f8:2b:d5:
1e:78:a8:3f:0b:69:7c:6d:d9:5f:2e:27:c9:f9:98:18:e6:cd:
a2:b8:2c:3b:d0:94:ad:57:5e:ca:1b:b5:93:fc:4c:6e:8a:a1:
71:d2:45:15:6c:c6:51:64:fb:68:dc:2a:37:f7:f8:5f:13:91:
cb:bd:7f:fa:8f:bf:22:04:1f:ff:a1:8b:ab:97:ad:32:75:b6:
ec:de:7e:2d:93:d7:98:76:d2:a0:4a:32:f2:7e:5b:b2:3f:0c:
0b:27:e0:18:91:eb:30:e9:3a:14:2c:be:2d:a3:fb:a3:ef:dc:
0e:eb:38:e9:28:06:cc:d5:1f:eb:46:a6:d2:fa:e1:20:9f:07:
13:73:4d:b0:7a:35:20:02:51:d1:ec:4f:cd:99:fe:e8:bf:6e:
22:d9:4c:1a:9f:8b:d8:fe:67:0b:7d:b7:64:d7:75:2d:c0:4f:
63:d8:d4:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi0fo877VcxDCwBzqsN6tCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwNjEzMTEyMjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTg1ZjU5NmUzMjRmNzlhMjY5YjQzMmRhMDI4YWUzN2UwYWQ5NWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6GGE1GlnBlFBTxShq/YtfuOIyn1
pVjt3DK27hMjYIyuKZ63uOhr+UBaB48v3/lyzbj+jVRMaDN3LfXSPQJXfolWfqC5
Ghnr69BQLC5g1wIdtXMUqJdatYsyQgubv8CAPTERr6SJ0vOVvxuerifpgPlXc41R
oLlSoojpAgfctkaEKhDBjYNVwW5vEV6P7n1wESMb1vwZK8UHZ8mMJOUj6YhaIiaM
+9rtiG6foxQgi8qbAPZXw2QuEoPK465MfrWHm6ll9aG1mA6Yiydrpu1wddN6GWMY
nOyj0ttrLd8z8UT4B0yWBWKjNanjAycrY1pVBfhVQ0xq2XeLN+gjZl5BFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqF9ZbjJPeaJptDLaAorjfgrZWmMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvcW9YMWx1TWs5NW9tbTBNdG9DaXVOLUN0bGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaJOMA0G
CSqGSIb3DQEBCwUAA4IBAQASzoZTF2/YMBClt3IeBY+3dzI7IK71vCWQzjroWSb4
EPh5bvq/UPlmnNPE7DidGaGpHZPvL90hSVNZBEx9qAR94rrwleYlkraO8CzHnwOg
k3kEtJKVKvv4K9UeeKg/C2l8bdlfLifJ+ZgY5s2iuCw70JStV17KG7WT/ExuiqFx
0kUVbMZRZPto3Co39/hfE5HLvX/6j78iBB//oYurl60ydbbs3n4tk9eYdtKgSjLy
fluyPwwLJ+AYkesw6ToULL4to/uj79wO6zjpKAbM1R/rRqbS+uEgnwcTc02wejUg
AlHR7E/Nmf7ov24i2Uwan4vY/mcLfbdk13UtwE9j2NQJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org