Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/X_dvZDJWkt0M6BN4dZ1hYFcJJeM.roa
File: X_dvZDJWkt0M6BN4dZ1hYFcJJeM.roa (raw, json)
Hash identifier: 3+7feJQexGvT0fIoMsdW1KikpJKO9/SGXorNSjTH9KE=
Subject key identifier: 5F:F7:6F:64:32:56:92:DD:0C:E8:13:78:75:9D:61:60:57:09:25:E3
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018E5BEE9070E94AF3F50653FFD89A6EEA54
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/X_dvZDJWkt0M6BN4dZ1hYFcJJeM.roa
Signing time: Wed 20 Mar 2024 12:55:44 +0000
ROA not before: Wed 20 Mar 2024 12:55:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 193.53.81.0/24 maxlen: 24
193.53.82.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:ee:90:70:e9:4a:f3:f5:06:53:ff:d8:9a:6e:ea:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Mar 20 12:55:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ff76f64325692dd0ce81378759d6160570925e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:18:98:91:0e:2f:09:3c:41:1b:f0:5d:99:eb:
91:29:0c:09:34:5d:f1:8a:06:1d:31:12:7c:14:70:
e9:fe:4a:25:87:35:c5:e5:ff:94:28:c4:b7:71:c9:
4d:63:9a:d0:f0:ef:1d:a3:2a:19:62:bf:d8:20:70:
bd:43:3d:f9:04:2a:6d:3b:4f:c1:09:8d:84:c2:8d:
1b:4b:a1:1c:d9:89:e6:c9:81:7b:7a:a6:cc:74:c4:
6c:09:ae:c9:c5:f1:8d:60:67:9c:ef:5c:ca:b8:a8:
76:7d:62:17:c7:e3:27:cc:da:bf:a6:7d:13:34:de:
71:bd:8e:e3:ad:68:e3:19:9e:a8:86:e1:8b:49:c1:
fa:4b:93:6a:5a:05:87:29:d8:10:4a:7c:fd:ba:d4:
8b:52:e2:fd:7f:82:df:24:72:93:4a:65:98:5d:91:
43:d8:58:fd:ea:5e:9a:f6:3b:59:65:78:0b:0c:a1:
b9:2f:72:67:bf:9b:99:38:b9:cb:98:c8:c6:52:f7:
44:4a:d2:2a:79:1e:5d:a2:91:8c:55:f7:10:12:b0:
2c:37:3b:02:1f:bf:a4:c9:c7:49:6b:8d:68:07:9a:
73:96:d0:8e:c2:23:f8:e2:47:36:6e:ed:b7:72:78:
70:21:05:6f:25:24:88:f7:1a:17:ef:e0:99:fe:c2:
81:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F7:6F:64:32:56:92:DD:0C:E8:13:78:75:9D:61:60:57:09:25:E3
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/X_dvZDJWkt0M6BN4dZ1hYFcJJeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.81.0-193.53.82.255
Signature Algorithm: sha256WithRSAEncryption
72:ee:20:ca:2d:24:34:f4:4d:71:e0:7d:46:75:ae:8c:a3:f4:
93:f2:da:b7:12:1a:76:3f:87:ac:4e:41:c4:17:04:bb:04:7a:
3f:0f:86:05:56:19:1e:4f:08:a7:23:f8:ae:f3:4c:dd:e1:cd:
49:1f:1b:56:58:68:cc:c2:00:1d:b6:28:9f:f7:e9:54:37:54:
41:5c:a9:0e:81:b0:c9:db:b3:3f:01:9e:ee:b0:60:9d:47:ab:
a2:f9:8c:0a:5e:76:45:c7:38:88:0c:fa:13:1f:0c:1a:5e:f1:
23:67:c8:fb:71:d0:e6:f2:4f:2e:5b:c8:62:74:12:3b:39:3c:
3c:39:f4:7f:90:b7:24:b7:7e:0b:ad:f4:c2:a1:77:4a:80:0d:
30:ca:f8:2a:3f:c2:6e:ed:3f:0b:b2:89:7c:c1:eb:7c:b3:2d:
07:18:f5:9c:99:2e:a4:72:5c:69:13:6b:57:4a:a8:5a:e3:e9:
89:58:df:62:e7:59:7a:cb:a0:14:cb:d5:f9:f6:45:e6:63:a1:
48:fa:8e:1b:61:46:2b:6d:d8:27:b1:ce:8c:ff:43:51:0b:8b:
cf:ec:71:43:e1:f1:46:e7:f4:5e:22:25:33:24:7e:0e:ed:6c:
55:56:13:93:48:64:32:9d:d3:01:cb:de:4f:95:f7:00:b0:f3:
38:db:f9:32
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5b7pBw6Urz9QZT/9iabupUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjQwMzIwMTI1NTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY3NmY2NDMyNTY5MmRkMGNlODEzNzg3NTlkNjE2MDU3MDkyNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxiYkQ4vCTxBG/BdmeuRKQwJNF3x
igYdMRJ8FHDp/kolhzXF5f+UKMS3cclNY5rQ8O8doyoZYr/YIHC9Qz35BCptO0/B
CY2Ewo0bS6Ec2YnmyYF7eqbMdMRsCa7JxfGNYGec71zKuKh2fWIXx+MnzNq/pn0T
NN5xvY7jrWjjGZ6ohuGLScH6S5NqWgWHKdgQSnz9utSLUuL9f4LfJHKTSmWYXZFD
2Fj96l6a9jtZZXgLDKG5L3Jnv5uZOLnLmMjGUvdEStIqeR5dopGMVfcQErAsNzsC
H7+kycdJa41oB5pzltCOwiP44kc2bu23cnhwIQVvJSSI9xoX7+CZ/sKBLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF/3b2QyVpLdDOgTeHWdYWBXCSXjMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvWF9kdlpESldrdDBNNkJONGRaMWhZRmNKSmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBNVED
BADBNVIwDQYJKoZIhvcNAQELBQADggEBAHLuIMotJDT0TXHgfUZ1royj9JPy2rcS
GnY/h6xOQcQXBLsEej8PhgVWGR5PCKcj+K7zTN3hzUkfG1ZYaMzCAB22KJ/36VQ3
VEFcqQ6BsMnbsz8Bnu6wYJ1Hq6L5jApedkXHOIgM+hMfDBpe8SNnyPtx0ObyTy5b
yGJ0Ejs5PDw59H+QtyS3fgut9MKhd0qADTDK+Co/wm7tPwuyiXzB63yzLQcY9ZyZ
LqRyXGkTa1dKqFrj6YlY32LnWXrLoBTL1fn2ReZjoUj6jhthRitt2Cexzoz/Q1EL
i8/scUPh8Ubn9F4iJTMkfg7tbFVWE5NIZDKd0wHL3k+V9wCw8zjb+TI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:15 2025 by rpki-client