Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/dRdcAuORcOx5D3DMpzLVlETnZDg.roa
File: dRdcAuORcOx5D3DMpzLVlETnZDg.roa (raw, json)
Hash identifier: NH9QDYr5cL5nMzNWuqaGJ6wWGgwM9E9gFFakCc2yQTE=
Subject key identifier: 75:17:5C:02:E3:91:70:EC:79:0F:70:CC:A7:32:D5:94:44:E7:64:38
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018B06E438CF14D08FE5AB116FDFF480A29B
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/dRdcAuORcOx5D3DMpzLVlETnZDg.roa
Signing time: Fri 06 Oct 2023 21:28:21 +0000
ROA not before: Fri 06 Oct 2023 21:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212027
IP address blocks: 193.53.81.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:06:e4:38:cf:14:d0:8f:e5:ab:11:6f:df:f4:80:a2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Oct 6 21:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75175c02e39170ec790f70cca732d59444e76438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:60:30:3f:76:c8:95:d3:07:b3:d6:f8:64:
71:4b:91:03:3c:60:06:08:2f:a1:ed:77:cf:98:d4:
e6:a2:3f:3b:2d:9f:96:b3:f5:d0:ed:5b:ef:b4:0d:
ed:54:1c:a9:3f:a2:85:c5:32:ad:71:e5:9c:74:9e:
d8:93:e1:f3:48:c0:7a:df:65:c4:75:1a:b9:14:9e:
09:7e:3a:00:35:16:08:3d:f8:31:20:b6:4e:ad:c0:
00:55:03:6e:14:d2:01:7d:79:d9:46:ca:68:ef:05:
35:b1:37:6e:ac:f1:92:ba:bc:39:32:8c:8f:c9:69:
38:a8:48:df:75:ca:4d:9c:5e:a3:9d:f6:c1:05:58:
a5:46:f7:9c:7b:4f:20:b2:08:e3:56:1c:f1:e8:a1:
3a:ae:e3:6c:05:84:0b:69:17:73:e0:c6:29:cf:19:
55:b9:e1:35:1f:17:f5:bf:68:8b:9f:2f:e3:51:86:
02:8e:f3:46:61:66:9c:e2:ac:4d:ee:23:a5:a6:da:
8e:31:44:d3:5a:dc:93:0a:96:0e:82:eb:a5:f9:78:
a4:18:66:4c:ac:05:9b:76:4d:13:22:d5:87:e8:0c:
f6:86:ca:e9:56:0b:ca:f8:14:be:1b:e3:41:35:0b:
ee:36:f2:26:1a:f9:7b:42:42:93:f1:51:b8:58:57:
1b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:17:5C:02:E3:91:70:EC:79:0F:70:CC:A7:32:D5:94:44:E7:64:38
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/dRdcAuORcOx5D3DMpzLVlETnZDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.81.0/24
Signature Algorithm: sha256WithRSAEncryption
62:04:dc:d6:65:b1:f2:ba:c9:27:59:25:44:a8:ce:1d:47:24:
93:88:db:27:76:00:52:45:2e:30:3d:72:f5:e1:7e:c2:c0:e6:
49:ad:85:c1:54:3a:28:04:ff:fc:d1:68:1c:6c:0f:18:74:0f:
df:12:47:b0:e1:92:3a:ff:2c:1f:9c:47:b1:c6:6a:a4:ad:b5:
df:74:02:50:05:42:1a:31:a0:50:74:1f:37:fd:3d:54:54:50:
26:dc:4f:bd:62:8b:45:55:a5:d9:1a:e7:8e:61:43:89:23:ab:
13:fe:24:dd:a8:1e:a9:04:85:b8:99:84:b9:e0:57:31:49:23:
97:05:df:f6:16:73:70:f4:9e:57:92:4a:60:09:94:97:83:48:
17:70:b1:fc:23:72:e4:b7:fc:98:a5:f3:67:ea:f0:e2:e7:ad:
a6:0a:63:87:95:ef:b5:2a:8f:6c:df:a8:a4:d9:a3:a3:5f:a3:
9e:76:d1:12:ec:f1:8b:4c:ed:a8:58:7d:0d:cc:a6:9e:0d:a1:
01:4f:79:26:ea:17:8e:48:5b:7b:33:b0:82:28:0d:78:6d:71:
70:fc:e8:56:7d:cc:ce:67:6e:d9:4d:6d:e4:85:fc:af:e6:33:
c6:69:e5:a8:61:a3:f8:9e:70:f7:19:f6:de:42:e7:3e:26:47:
9f:48:1a:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsG5DjPFNCP5asRb9/0gKKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMxMDA2MjEyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE3NWMwMmUzOTE3MGVjNzkwZjcwY2NhNzMyZDU5NDQ0ZTc2NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk35gMD92yJXTB7PW+GRxS5EDPGAG
CC+h7XfPmNTmoj87LZ+Ws/XQ7VvvtA3tVBypP6KFxTKtceWcdJ7Yk+HzSMB632XE
dRq5FJ4JfjoANRYIPfgxILZOrcAAVQNuFNIBfXnZRspo7wU1sTdurPGSurw5MoyP
yWk4qEjfdcpNnF6jnfbBBVilRvece08gsgjjVhzx6KE6ruNsBYQLaRdz4MYpzxlV
ueE1Hxf1v2iLny/jUYYCjvNGYWac4qxN7iOlptqOMUTTWtyTCpYOguul+XikGGZM
rAWbdk0TItWH6Az2hsrpVgvK+BS+G+NBNQvuNvImGvl7QkKT8VG4WFcb/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUXXALjkXDseQ9wzKcy1ZRE52Q4MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvZFJkY0F1T1JjT3g1RDNETXB6TFZsRVRuWkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTVRMA0G
CSqGSIb3DQEBCwUAA4IBAQBiBNzWZbHyusknWSVEqM4dRySTiNsndgBSRS4wPXL1
4X7CwOZJrYXBVDooBP/80WgcbA8YdA/fEkew4ZI6/ywfnEexxmqkrbXfdAJQBUIa
MaBQdB83/T1UVFAm3E+9YotFVaXZGueOYUOJI6sT/iTdqB6pBIW4mYS54FcxSSOX
Bd/2FnNw9J5XkkpgCZSXg0gXcLH8I3Lkt/yYpfNn6vDi562mCmOHle+1Ko9s36ik
2aOjX6OedtES7PGLTO2oWH0NzKaeDaEBT3km6heOSFt7M7CCKA14bXFw/OhWfczO
Z27ZTW3khfyv5jPGaeWoYaP4nnD3GfbeQuc+JkefSBoY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:42 2025 by rpki-client