Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/8q0dYBD39okaO8L0ucXOED6xDUE.roa
File: 8q0dYBD39okaO8L0ucXOED6xDUE.roa (raw, json)
Hash identifier: 7NZ5M9XMilUB+d3r4CEfmPrYoDxWHPajnRYOw9P7A8Y=
Subject key identifier: F2:AD:1D:60:10:F7:F6:89:1A:3B:C2:F4:B9:C5:CE:10:3E:B1:0D:41
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 0187F099D285EDF13EAB9CA1A4C91F8E05E7
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/8q0dYBD39okaO8L0ucXOED6xDUE.roa
Signing time: Sat 06 May 2023 10:27:05 +0000
ROA not before: Sat 06 May 2023 10:27:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.53.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:99:d2:85:ed:f1:3e:ab:9c:a1:a4:c9:1f:8e:05:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: May 6 10:27:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2ad1d6010f7f6891a3bc2f4b9c5ce103eb10d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:19:fb:7b:fc:c7:57:e9:d1:08:18:fa:f5:9a:
ad:a0:76:1c:3f:d0:d2:a1:df:ac:23:96:cb:b2:d1:
d7:65:b2:de:5d:bd:ce:c7:a3:38:3a:c0:dd:78:90:
14:6c:a7:c9:4d:88:0a:25:f5:4f:f4:32:ba:c0:6d:
0e:af:4c:f1:db:5b:f5:43:00:96:55:ac:7f:e2:35:
a4:61:4f:c2:2e:4c:aa:db:c9:bb:f5:b0:59:b2:95:
2a:6a:e2:4e:05:52:fb:62:f5:92:32:4f:88:b9:02:
6f:a4:1c:b3:59:43:9c:ef:0a:28:da:ae:95:18:df:
03:60:d6:29:5d:bb:6c:36:fc:0f:a2:4e:2d:c7:76:
f1:5b:65:3b:97:5d:98:83:38:b4:58:35:78:c8:8d:
ad:77:b3:bf:52:bb:68:7d:90:02:59:e4:3e:a8:cd:
a3:d6:4a:9c:70:d9:b0:6f:a6:f4:3c:32:56:2f:3e:
77:76:7f:a9:c0:f8:bc:c4:c4:95:08:d6:ec:24:a1:
8a:3f:3e:a2:08:b6:7b:e5:7f:8e:da:14:76:7b:0a:
d3:76:b9:bc:3e:d9:c0:17:70:72:5a:87:d3:69:d6:
1c:d6:ac:ab:a6:af:6c:90:9c:a0:7e:ba:6c:ab:74:
fd:0b:eb:0b:c7:c1:eb:42:99:23:7b:36:2a:e8:10:
0b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AD:1D:60:10:F7:F6:89:1A:3B:C2:F4:B9:C5:CE:10:3E:B1:0D:41
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/8q0dYBD39okaO8L0ucXOED6xDUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.35.0/24
Signature Algorithm: sha256WithRSAEncryption
32:b1:09:8f:65:e6:74:d6:d2:9e:8f:56:4a:4a:ea:bf:c6:48:
b6:a4:2e:2e:b7:64:e6:13:4d:63:14:47:63:21:0d:6d:21:8a:
11:b8:3b:0e:cb:fa:ba:9d:2c:ea:df:2f:56:33:0f:ce:16:ab:
14:7c:99:af:54:b6:ac:e1:66:d8:fd:f9:3d:32:83:0a:bb:26:
ad:ba:97:65:61:dc:f0:11:ad:ad:87:f1:55:ac:f6:39:d0:1e:
f8:c5:11:9e:f6:60:b2:c2:6b:85:1e:f0:5d:f6:de:71:7d:02:
4f:a7:11:1b:78:b1:a6:fc:f8:21:c4:c6:e0:d1:81:7b:c8:b9:
84:47:24:b8:64:68:37:f9:68:82:50:b7:ef:5a:b1:3b:76:7f:
93:68:7f:de:06:af:35:e2:1f:b1:1b:a6:ad:6f:25:8b:df:6f:
2f:e8:ab:7a:09:86:db:82:ae:c9:f1:c6:50:17:77:97:69:2f:
3f:b2:2f:f3:78:e1:dd:59:b0:92:a1:2e:60:c2:14:57:76:5d:
7e:52:a4:fd:11:40:39:4e:a3:c6:61:91:4a:32:ea:cd:02:0a:
0c:8c:60:fb:0a:f9:75:d0:ba:37:35:d4:fb:cc:a1:df:19:f3:
f7:56:b1:63:e8:33:53:aa:c1:a1:d4:1d:14:39:d8:7d:40:69:
52:09:f6:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfwmdKF7fE+q5yhpMkfjgXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwNTA2MTAyNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFkMWQ2MDEwZjdmNjg5MWEzYmMyZjRiOWM1Y2UxMDNlYjEwZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihn7e/zHV+nRCBj69ZqtoHYcP9DS
od+sI5bLstHXZbLeXb3Ox6M4OsDdeJAUbKfJTYgKJfVP9DK6wG0Or0zx21v1QwCW
Vax/4jWkYU/CLkyq28m79bBZspUqauJOBVL7YvWSMk+IuQJvpByzWUOc7woo2q6V
GN8DYNYpXbtsNvwPok4tx3bxW2U7l12Ygzi0WDV4yI2td7O/UrtofZACWeQ+qM2j
1kqccNmwb6b0PDJWLz53dn+pwPi8xMSVCNbsJKGKPz6iCLZ75X+O2hR2ewrTdrm8
PtnAF3ByWofTadYc1qyrpq9skJygfrpsq3T9C+sLx8HrQpkjezYq6BALhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKtHWAQ9/aJGjvC9LnFzhA+sQ1BMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvOHEwZFlCRDM5b2thTzhMMHVjWE9FRDZ4RFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTUjMA0G
CSqGSIb3DQEBCwUAA4IBAQAysQmPZeZ01tKej1ZKSuq/xki2pC4ut2TmE01jFEdj
IQ1tIYoRuDsOy/q6nSzq3y9WMw/OFqsUfJmvVLas4WbY/fk9MoMKuyatupdlYdzw
Ea2th/FVrPY50B74xRGe9mCywmuFHvBd9t5xfQJPpxEbeLGm/PghxMbg0YF7yLmE
RyS4ZGg3+WiCULfvWrE7dn+TaH/eBq814h+xG6atbyWL328v6Kt6CYbbgq7J8cZQ
F3eXaS8/si/zeOHdWbCSoS5gwhRXdl1+UqT9EUA5TqPGYZFKMurNAgoMjGD7Cvl1
0Lo3NdT7zKHfGfP3VrFj6DNTqsGh1B0UOdh9QGlSCfZ8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:27 2025 by rpki-client