Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/9h6UiWBO8jRdGxY0IAbxqoSToKc.roa
File: 9h6UiWBO8jRdGxY0IAbxqoSToKc.roa (raw, json)
Hash identifier: vnZODs/PoZCKZfy8hNbuNMwljOnRo7FHDwd01aW12gs=
Subject key identifier: F6:1E:94:89:60:4E:F2:34:5D:1B:16:34:20:06:F1:AA:84:93:A0:A7
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042A7C43C6E179EE3D06D462DA816BB
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/9h6UiWBO8jRdGxY0IAbxqoSToKc.roa
Signing time: Mon 02 Jan 2023 02:14:54 +0000
ROA not before: Mon 02 Jan 2023 02:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3399
IP address blocks: 193.53.82.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:a7:c4:3c:6e:17:9e:e3:d0:6d:46:2d:a8:16:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f61e9489604ef2345d1b16342006f1aa8493a0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c6:26:fc:53:c1:d1:fb:3b:23:be:56:29:0a:
f7:18:4d:1c:c2:8c:62:6a:49:53:11:ab:f7:82:d1:
56:87:d7:52:2a:91:84:e2:04:69:35:3a:b0:ee:1a:
ae:65:97:b1:f8:23:3f:25:f7:c7:7e:45:6a:58:e4:
ef:bd:89:aa:2d:fa:0d:97:9f:e6:b4:cf:ea:99:2d:
06:a9:61:af:2c:7d:e4:40:06:61:d9:e2:47:d7:f8:
ac:87:1e:d5:18:92:0c:14:d9:12:04:bc:f6:88:5c:
03:0a:42:5f:f2:3d:16:6a:1c:82:ef:00:a1:05:47:
f4:e9:b4:c6:12:01:5a:f4:8b:c3:0f:4f:18:c3:94:
b7:cd:df:a1:26:b8:5c:95:2c:b7:4d:91:cc:9d:f6:
c2:d6:a3:11:ae:83:43:c6:21:25:c8:79:56:9b:03:
65:90:9d:b9:26:44:dd:64:e9:dd:9f:8c:04:50:be:
e9:df:e4:f5:73:bc:5a:49:9e:84:1e:9d:80:a5:8d:
e6:f0:b2:20:23:71:6d:cf:75:d4:58:16:0e:e2:27:
3a:15:93:8a:39:57:90:e3:d7:17:2b:59:fa:36:3e:
83:1c:39:f0:0d:a1:ce:0a:e0:ad:06:1b:b1:b0:e7:
60:2f:31:e0:2e:9a:b3:dd:27:a1:b5:57:64:0a:c0:
8b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1E:94:89:60:4E:F2:34:5D:1B:16:34:20:06:F1:AA:84:93:A0:A7
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/9h6UiWBO8jRdGxY0IAbxqoSToKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.82.0/24
Signature Algorithm: sha256WithRSAEncryption
50:1c:db:86:23:44:79:85:4e:e7:6d:bf:62:1c:e1:c5:86:dd:
0d:df:64:21:cb:b7:42:da:d5:e2:fa:7f:d2:45:9b:e4:c4:18:
40:81:57:45:d2:53:01:21:0f:ea:e2:d5:80:6c:5e:bd:8c:ad:
01:bb:6e:d6:cc:2b:ae:aa:1d:35:30:97:31:39:bd:ce:47:67:
41:1c:c2:30:42:ee:c3:cb:e5:01:46:ee:cc:e2:f8:43:92:3e:
7c:8a:12:22:3f:d8:cc:01:25:a6:86:99:41:b5:93:2b:cc:2e:
71:0d:a4:9c:41:f1:fd:0c:d1:97:1f:c0:b4:38:5a:d0:fb:2e:
a2:58:6f:4a:96:62:a1:52:36:e0:b0:61:87:99:e0:de:08:df:
70:05:a6:38:98:46:8c:0d:a4:cf:fe:ee:c2:3e:cc:bd:71:d1:
d8:93:77:50:aa:ab:60:8c:6f:e6:f0:9c:cc:1e:fa:01:9a:b3:
6f:62:11:d9:f3:9d:b1:c3:78:ce:d5:b0:2c:a1:2d:b5:73:b7:
2a:0f:5c:5f:61:ab:08:e3:0c:84:24:4f:ed:cd:e6:40:cb:ce:
29:a0:47:16:9c:fb:0a:ba:de:c0:98:f9:49:0c:1f:25:0e:93:
f4:aa:df:bf:ba:bb:31:2f:85:db:c0:98:07:9e:63:1d:44:90:
bf:85:bd:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQqfEPG4XnuPQbUYtqBa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjFlOTQ4OTYwNGVmMjM0NWQxYjE2MzQyMDA2ZjFhYTg0OTNhMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cYm/FPB0fs7I75WKQr3GE0cwoxi
aklTEav3gtFWh9dSKpGE4gRpNTqw7hquZZex+CM/JffHfkVqWOTvvYmqLfoNl5/m
tM/qmS0GqWGvLH3kQAZh2eJH1/ishx7VGJIMFNkSBLz2iFwDCkJf8j0WahyC7wCh
BUf06bTGEgFa9IvDD08Yw5S3zd+hJrhclSy3TZHMnfbC1qMRroNDxiElyHlWmwNl
kJ25JkTdZOndn4wEUL7p3+T1c7xaSZ6EHp2ApY3m8LIgI3Ftz3XUWBYO4ic6FZOK
OVeQ49cXK1n6Nj6DHDnwDaHOCuCtBhuxsOdgLzHgLpqz3SehtVdkCsCLEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPYelIlgTvI0XRsWNCAG8aqEk6CnMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvOWg2VWlXQk84alJkR3hZMElBYnhxb1NUb0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTVSMA0G
CSqGSIb3DQEBCwUAA4IBAQBQHNuGI0R5hU7nbb9iHOHFht0N32Qhy7dC2tXi+n/S
RZvkxBhAgVdF0lMBIQ/q4tWAbF69jK0Bu27WzCuuqh01MJcxOb3OR2dBHMIwQu7D
y+UBRu7M4vhDkj58ihIiP9jMASWmhplBtZMrzC5xDaScQfH9DNGXH8C0OFrQ+y6i
WG9KlmKhUjbgsGGHmeDeCN9wBaY4mEaMDaTP/u7CPsy9cdHYk3dQqqtgjG/m8JzM
HvoBmrNvYhHZ852xw3jO1bAsoS21c7cqD1xfYasI4wyEJE/tzeZAy84poEcWnPsK
ut7AmPlJDB8lDpP0qt+/ursxL4XbwJgHnmMdRJC/hb1l
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:33 2025 by rpki-client