Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/WPFYlAS4qgNPcyNk_udnalLOnX8.roa
File: WPFYlAS4qgNPcyNk_udnalLOnX8.roa (raw, json)
Hash identifier: IY4BBWSePsMjq3ptQpl7gIEUN3XzRL1jR/n53DujDYs=
Subject key identifier: 58:F1:58:94:04:B8:AA:03:4F:73:23:64:FE:E7:67:6A:52:CE:9D:7F
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 0187E17793C8260CB464083ED8F2F6C68D5E
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/WPFYlAS4qgNPcyNk_udnalLOnX8.roa
Signing time: Wed 03 May 2023 11:55:22 +0000
ROA not before: Wed 03 May 2023 11:55:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.53.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:77:93:c8:26:0c:b4:64:08:3e:d8:f2:f6:c6:8d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: May 3 11:55:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58f1589404b8aa034f732364fee7676a52ce9d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e8:f1:02:86:70:61:8d:21:ec:e5:19:f0:b5:
ef:88:13:9a:d0:22:cb:e8:e8:0f:9e:b6:25:75:6e:
d6:5e:8a:cd:9a:f5:5e:c3:dc:b3:27:55:13:f9:8c:
93:15:05:17:d9:c6:01:7e:8c:2d:da:f4:f5:b4:da:
e1:b8:39:4b:24:f4:73:d6:f3:b9:93:b9:40:52:95:
4c:77:ee:80:a3:64:5c:d5:af:4b:e9:ac:91:9c:9d:
f2:4c:28:8c:34:27:20:ed:a1:de:98:b5:a6:e2:6f:
c7:a3:5b:c8:d2:1c:7e:91:f3:33:d4:5e:e5:da:be:
46:ca:ed:4b:3d:ff:96:b0:74:52:0e:3a:26:e8:36:
26:d7:4a:85:c7:47:4e:fe:0a:5b:5b:16:65:c5:d5:
21:b6:e7:6b:f5:ce:47:36:3c:2b:23:d5:78:49:12:
84:9c:4a:94:6f:e7:90:c4:7b:7c:dd:c6:a9:4e:4d:
74:0d:72:e1:b0:a7:97:33:24:cd:8c:30:77:0f:97:
e6:60:52:14:a3:96:b2:26:8f:7b:2e:85:66:9c:ee:
87:1b:a5:ff:d4:45:ca:22:f8:c7:10:a7:3e:bc:e3:
c5:ba:0d:9b:27:81:01:76:b1:75:a0:dd:d4:2a:83:
3f:59:5a:f9:f3:38:4a:74:d2:8d:e0:54:b8:42:76:
cf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F1:58:94:04:B8:AA:03:4F:73:23:64:FE:E7:67:6A:52:CE:9D:7F
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/WPFYlAS4qgNPcyNk_udnalLOnX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.35.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:66:ed:ed:d0:6f:3e:2c:70:94:75:a1:bf:c3:d9:6a:5c:b8:
96:60:1c:6c:97:bf:8a:7e:e4:11:3e:3b:dd:c3:eb:ed:a6:77:
ec:52:c7:d0:10:11:01:7a:f7:e0:ab:09:08:10:e3:cc:09:ab:
65:82:10:69:7d:be:2d:da:ed:ca:97:0b:08:f6:a9:17:a0:b0:
dc:0e:07:13:b4:7a:04:ac:98:ae:d2:2d:22:ae:10:14:fa:3b:
93:1e:ea:85:0d:a3:6b:fd:66:82:fc:72:aa:b3:ad:57:92:f6:
a5:bc:24:86:b7:ca:6d:38:52:30:56:95:30:8d:ad:05:01:d9:
73:0d:f0:07:6d:04:73:6c:61:71:48:32:34:a2:db:fd:a1:c2:
12:83:ed:c3:02:5b:74:ee:a1:ec:9c:b3:60:65:2d:8f:05:59:
7a:a8:e0:48:6d:db:ab:d6:4d:ef:7f:0b:30:09:59:a4:5b:c9:
94:55:5c:53:8d:43:cd:f4:71:be:62:e4:16:d0:4a:00:89:1e:
7a:7a:3d:04:04:04:9d:b7:30:eb:d9:8d:ad:e7:90:5a:cb:a8:
bf:20:ee:80:11:3b:29:f9:51:38:23:cd:08:0e:84:63:06:ff:
2c:06:5d:bb:44:70:11:e3:66:23:4f:33:9c:2d:cb:f4:94:6b:
8c:9c:ae:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfhd5PIJgy0ZAg+2PL2xo1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwNTAzMTE1NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGYxNTg5NDA0YjhhYTAzNGY3MzIzNjRmZWU3Njc2YTUyY2U5ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkejxAoZwYY0h7OUZ8LXviBOa0CLL
6OgPnrYldW7WXorNmvVew9yzJ1UT+YyTFQUX2cYBfowt2vT1tNrhuDlLJPRz1vO5
k7lAUpVMd+6Ao2Rc1a9L6ayRnJ3yTCiMNCcg7aHemLWm4m/Ho1vI0hx+kfMz1F7l
2r5Gyu1LPf+WsHRSDjom6DYm10qFx0dO/gpbWxZlxdUhtudr9c5HNjwrI9V4SRKE
nEqUb+eQxHt83capTk10DXLhsKeXMyTNjDB3D5fmYFIUo5ayJo97LoVmnO6HG6X/
1EXKIvjHEKc+vOPFug2bJ4EBdrF1oN3UKoM/WVr58zhKdNKN4FS4QnbPeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFjxWJQEuKoDT3MjZP7nZ2pSzp1/MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvV1BGWWxBUzRxZ05QY3lOa191ZG5hbExPblg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTUjMA0G
CSqGSIb3DQEBCwUAA4IBAQBsZu3t0G8+LHCUdaG/w9lqXLiWYBxsl7+KfuQRPjvd
w+vtpnfsUsfQEBEBevfgqwkIEOPMCatlghBpfb4t2u3KlwsI9qkXoLDcDgcTtHoE
rJiu0i0irhAU+juTHuqFDaNr/WaC/HKqs61XkvalvCSGt8ptOFIwVpUwja0FAdlz
DfAHbQRzbGFxSDI0otv9ocISg+3DAlt07qHsnLNgZS2PBVl6qOBIbdur1k3vfwsw
CVmkW8mUVVxTjUPN9HG+YuQW0EoAiR56ej0EBASdtzDr2Y2t55Bay6i/IO6AETsp
+VE4I80IDoRjBv8sBl27RHAR42YjTzOcLcv0lGuMnK6i
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:43 2025 by rpki-client