Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/sZEpbzgs2M4MPzM1YOiLc-USLFc.roa
File: sZEpbzgs2M4MPzM1YOiLc-USLFc.roa (raw, json)
Hash identifier: GSCLkUZwmzIuYTe5uGklXWGWBqBHwvzsgNJ65Q+KVkg=
Subject key identifier: B1:91:29:6F:38:2C:D8:CE:0C:3F:33:35:60:E8:8B:73:E5:12:2C:57
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 0189787F774BF5A61095D7E2EB70BD22ED56
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/sZEpbzgs2M4MPzM1YOiLc-USLFc.roa
Signing time: Fri 21 Jul 2023 12:49:26 +0000
ROA not before: Fri 21 Jul 2023 12:49:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.162.78.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:7f:77:4b:f5:a6:10:95:d7:e2:eb:70:bd:22:ed:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Jul 21 12:49:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b191296f382cd8ce0c3f333560e88b73e5122c57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6e:2c:55:23:51:c3:e7:ec:70:84:25:c3:a1:
9b:03:d1:c1:2f:93:1a:e0:9f:8d:8e:eb:2f:bd:6c:
9f:bc:3f:19:2a:35:ce:b1:24:0b:25:fb:16:3c:f1:
b4:71:75:fd:a3:29:ad:86:4f:10:64:26:25:dd:f9:
47:5b:e2:59:a4:85:e1:9e:26:20:e2:85:9f:dc:55:
ec:6c:96:01:d7:6d:2d:cf:27:92:4c:fa:dd:9b:60:
35:50:45:12:97:f4:4e:b6:44:2b:39:b8:7e:c1:99:
d5:ef:79:a4:19:3a:f5:ca:a3:49:68:f6:96:7c:19:
55:af:db:1b:84:f4:7e:b7:19:d1:0a:52:d2:4b:b9:
6e:98:2e:43:f9:11:6b:df:f3:79:1e:11:f9:ac:4e:
9c:ae:e1:04:40:c9:50:53:8f:89:e2:a2:2f:57:5a:
2a:74:05:f3:e8:15:16:79:3a:cb:f5:14:1e:e5:fb:
8f:e8:71:e2:c6:e2:d9:55:02:b3:d2:05:e7:e6:ee:
39:0f:22:6d:68:98:a7:78:8e:72:4e:6d:de:53:c6:
e6:ec:97:22:a7:dd:8d:f4:4f:39:be:d5:6a:85:29:
84:22:40:be:0c:14:66:71:f8:83:01:0b:13:6c:69:
1b:9d:03:80:52:aa:e2:dd:91:f4:5d:f3:c1:e7:11:
67:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:91:29:6F:38:2C:D8:CE:0C:3F:33:35:60:E8:8B:73:E5:12:2C:57
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/sZEpbzgs2M4MPzM1YOiLc-USLFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.162.78.0/24
Signature Algorithm: sha256WithRSAEncryption
74:08:e9:fa:ad:86:ad:82:32:cb:fa:97:f4:eb:07:93:cf:ff:
70:44:bd:2a:5b:7e:0c:99:9f:be:dc:39:7a:94:96:ce:9c:1f:
d7:c7:9c:40:42:aa:d7:f8:c0:5b:45:9a:a5:2d:08:3f:3e:1e:
c5:9c:25:c4:d9:15:89:c6:28:81:ef:91:0e:0e:9b:c9:b1:dd:
03:67:9d:45:f0:74:28:7d:3c:5b:fc:bd:eb:72:56:aa:16:ba:
87:d9:06:35:3a:7e:6b:79:bb:df:3f:22:02:e0:ca:55:53:35:
15:a5:44:e7:13:8f:2b:e9:75:1a:af:33:80:c5:a9:b4:41:e4:
00:ab:4b:61:2c:16:84:48:26:56:5c:c2:83:b1:7d:d8:cb:03:
8e:59:d1:2c:3a:4c:0c:3b:2c:71:23:03:a0:c5:f2:34:11:99:
8f:23:a7:a4:fe:83:4e:89:84:97:65:2e:71:d2:73:46:3c:da:
63:60:d2:76:0d:b2:3c:04:05:cd:17:b1:a3:bd:ed:1b:56:0b:
c8:5f:b8:fc:e3:35:d4:87:de:4d:97:0d:ca:49:c3:4d:54:07:
ff:c8:93:86:9d:fc:c3:a2:c2:0c:c1:e8:c9:28:d0:dd:50:94:
a3:73:e8:36:d4:45:66:8a:db:86:d8:22:0a:57:da:65:00:3b:
70:ff:44:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl4f3dL9aYQldfi63C9Iu1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwNzIxMTI0OTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTkxMjk2ZjM4MmNkOGNlMGMzZjMzMzU2MGU4OGI3M2U1MTIyYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1m4sVSNRw+fscIQlw6GbA9HBL5Ma
4J+NjusvvWyfvD8ZKjXOsSQLJfsWPPG0cXX9oymthk8QZCYl3flHW+JZpIXhniYg
4oWf3FXsbJYB120tzyeSTPrdm2A1UEUSl/ROtkQrObh+wZnV73mkGTr1yqNJaPaW
fBlVr9sbhPR+txnRClLSS7lumC5D+RFr3/N5HhH5rE6cruEEQMlQU4+J4qIvV1oq
dAXz6BUWeTrL9RQe5fuP6HHixuLZVQKz0gXn5u45DyJtaJineI5yTm3eU8bm7Jci
p92N9E85vtVqhSmEIkC+DBRmcfiDAQsTbGkbnQOAUqri3ZH0XfPB5xFncQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGRKW84LNjODD8zNWDoi3PlEixXMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvc1pFcGJ6Z3MyTTRNUHpNMVlPaUxjLVVTTEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaJOMA0G
CSqGSIb3DQEBCwUAA4IBAQB0COn6rYatgjLL+pf06weTz/9wRL0qW34MmZ++3Dl6
lJbOnB/Xx5xAQqrX+MBbRZqlLQg/Ph7FnCXE2RWJxiiB75EODpvJsd0DZ51F8HQo
fTxb/L3rclaqFrqH2QY1On5rebvfPyIC4MpVUzUVpUTnE48r6XUarzOAxam0QeQA
q0thLBaESCZWXMKDsX3YywOOWdEsOkwMOyxxIwOgxfI0EZmPI6ek/oNOiYSXZS5x
0nNGPNpjYNJ2DbI8BAXNF7Gjve0bVgvIX7j84zXUh95Nlw3KScNNVAf/yJOGnfzD
osIMwejJKNDdUJSjc+g21EVmituG2CIKV9plADtw/0T6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:25 2024 by rpki-client on console-ams.rpki-client.org