Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/LzNfyV_NFkzSWsgNEb8UFOqxOcA.roa
File: LzNfyV_NFkzSWsgNEb8UFOqxOcA.roa (raw, json)
Hash identifier: VeTFCo05k6sBkP9c1EcMwPiJ51YjetMdIV132t95vL0=
Subject key identifier: 2F:33:5F:C9:5F:CD:16:4C:D2:5A:C8:0D:11:BF:14:14:EA:B1:39:C0
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018CC3B7455251BCCA85623ED75E899B907D
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/LzNfyV_NFkzSWsgNEb8UFOqxOcA.roa
Signing time: Mon 01 Jan 2024 06:30:17 +0000
ROA not before: Mon 01 Jan 2024 06:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211560
IP address blocks: 193.53.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:45:52:51:bc:ca:85:62:3e:d7:5e:89:9b:90:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 1 06:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f335fc95fcd164cd25ac80d11bf1414eab139c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:72:c5:36:ba:09:47:43:a1:f8:0d:ab:af:f0:
e1:a4:ac:80:bf:07:48:c9:1d:25:68:b2:af:47:1e:
ce:e7:c4:6a:48:b3:ff:c9:5a:d4:5c:6d:ac:9b:6c:
77:02:23:b9:82:9c:e3:72:57:f5:e1:69:3d:68:1a:
04:e8:8b:87:2d:b7:e0:d7:cd:68:62:c7:3c:08:f5:
74:ae:4c:84:d1:1d:d2:03:43:f8:87:1a:5a:51:e1:
67:44:44:f5:0a:d8:06:48:63:74:1a:93:3f:81:e5:
5a:58:a9:aa:bd:be:17:e4:7e:5e:b3:77:29:ac:7b:
71:fc:c1:5e:59:8e:a3:5e:f8:77:6d:4d:42:42:97:
10:af:55:3b:3b:a4:85:38:ab:17:57:42:db:35:e0:
5e:25:1a:68:bf:18:7a:10:c0:0a:cf:85:62:c6:64:
a8:72:d6:08:ec:c1:4a:b3:07:66:6a:cd:07:25:b1:
5a:06:ad:5a:37:dd:36:e5:96:84:23:09:79:0e:0a:
2d:b0:ce:51:66:68:23:5d:e7:60:64:a6:ac:6f:36:
b2:0e:b1:3d:79:b7:f1:77:4c:31:02:6d:3f:08:75:
b8:24:e7:9b:89:2b:76:2e:58:4f:ce:76:f9:a1:6e:
c3:e4:2b:e2:99:fe:c9:65:d5:55:24:94:b4:8d:6b:
68:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:33:5F:C9:5F:CD:16:4C:D2:5A:C8:0D:11:BF:14:14:EA:B1:39:C0
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/LzNfyV_NFkzSWsgNEb8UFOqxOcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c4:11:a7:bd:65:47:29:16:10:9d:d1:f2:00:70:68:7b:ec:
bc:18:6c:46:ff:13:ef:fe:6c:f6:53:3e:1e:c2:d0:32:cc:1d:
c8:03:2d:fa:4c:aa:77:90:3a:a4:20:1c:7e:1c:c9:8b:7f:10:
ff:cf:18:2d:3a:ea:8c:73:ff:c5:42:c4:04:6c:a4:14:1a:d0:
e9:74:e2:eb:c8:9c:56:3d:03:16:1f:3e:c4:38:4c:88:10:08:
04:75:c2:0e:71:eb:76:3e:e8:90:87:07:76:f7:74:29:d0:4e:
7a:5a:c9:3b:19:fc:5d:c8:b8:f1:0b:70:75:d2:e2:d0:fb:44:
df:df:81:de:c6:a9:19:2b:19:09:23:7c:1b:ec:6b:77:50:c4:
0f:96:e0:a2:8c:72:25:37:62:f8:b1:e9:c2:c0:90:4f:95:75:
cb:82:a7:9c:9d:f8:a0:69:56:0a:55:5f:d6:35:c7:78:16:ce:
b1:18:f4:78:08:b3:9c:03:4f:ae:d6:9a:5d:3a:53:4d:a4:e1:
a2:44:ed:2d:05:7d:62:16:fc:6b:71:37:31:ea:45:5d:3e:26:
c3:cd:24:a8:e5:18:47:55:4f:33:27:87:bb:70:d4:e5:d3:34:
bb:34:96:0b:88:78:df:0a:f6:57:77:3f:50:c5:0e:d0:86:00:
1f:d7:ba:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDt0VSUbzKhWI+116Jm5B9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjQwMTAxMDYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMzNWZjOTVmY2QxNjRjZDI1YWM4MGQxMWJmMTQxNGVhYjEzOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnLFNroJR0Oh+A2rr/DhpKyAvwdI
yR0laLKvRx7O58RqSLP/yVrUXG2sm2x3AiO5gpzjclf14Wk9aBoE6IuHLbfg181o
Ysc8CPV0rkyE0R3SA0P4hxpaUeFnRET1CtgGSGN0GpM/geVaWKmqvb4X5H5es3cp
rHtx/MFeWY6jXvh3bU1CQpcQr1U7O6SFOKsXV0LbNeBeJRpovxh6EMAKz4VixmSo
ctYI7MFKswdmas0HJbFaBq1aN9025ZaEIwl5DgotsM5RZmgjXedgZKasbzayDrE9
ebfxd0wxAm0/CHW4JOebiSt2LlhPznb5oW7D5Cvimf7JZdVVJJS0jWto1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8zX8lfzRZM0lrIDRG/FBTqsTnAMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvTHpOZnlWX05Ga3pTV3NnTkViOFVGT3F4T2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTUoMA0G
CSqGSIb3DQEBCwUAA4IBAQBexBGnvWVHKRYQndHyAHBoe+y8GGxG/xPv/mz2Uz4e
wtAyzB3IAy36TKp3kDqkIBx+HMmLfxD/zxgtOuqMc//FQsQEbKQUGtDpdOLryJxW
PQMWHz7EOEyIEAgEdcIOcet2PuiQhwd293Qp0E56Wsk7GfxdyLjxC3B10uLQ+0Tf
34HexqkZKxkJI3wb7Gt3UMQPluCijHIlN2L4senCwJBPlXXLgqecnfigaVYKVV/W
Ncd4Fs6xGPR4CLOcA0+u1ppdOlNNpOGiRO0tBX1iFvxrcTcx6kVdPibDzSSo5RhH
VU8zJ4e7cNTl0zS7NJYLiHjfCvZXdz9QxQ7QhgAf17p6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:19 2025 by rpki-client