Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/yHpqx_7kColMHl0SUgxrJNe9NiE.roa
File: yHpqx_7kColMHl0SUgxrJNe9NiE.roa (raw, json)
Hash identifier: s2ViR7yPSrQPwm7wGjgdJRN0RFor3XsEBHkyqF9WnzE=
Subject key identifier: C8:7A:6A:C7:FE:E4:0A:89:4C:1E:5D:12:52:0C:6B:24:D7:BD:36:21
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018F97C3D40F2321A43D04AAD61221A61660
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/yHpqx_7kColMHl0SUgxrJNe9NiE.roa
Signing time: Mon 20 May 2024 20:49:04 +0000
ROA not before: Mon 20 May 2024 20:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 193.53.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:97:c3:d4:0f:23:21:a4:3d:04:aa:d6:12:21:a6:16:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: May 20 20:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c87a6ac7fee40a894c1e5d12520c6b24d7bd3621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:41:d4:b1:f8:af:5e:53:bc:9a:e0:76:c8:94:
66:49:c3:9a:b9:2e:35:7c:aa:15:76:5f:07:88:23:
be:d1:b9:4b:ce:ed:1d:5e:fd:92:22:5d:12:78:d5:
8d:0e:87:09:46:61:8f:dd:1e:49:b7:cc:aa:77:db:
a5:c9:c6:34:c1:ff:ab:c8:a7:a3:03:d6:24:12:be:
87:3e:de:b5:2e:90:24:39:38:72:4a:ec:fc:cd:5a:
3f:9c:22:53:36:1b:dd:94:75:9f:f2:40:b7:95:44:
57:a5:8a:7a:2d:0d:09:d0:9b:be:c1:d5:0a:01:35:
e9:45:5d:dd:2f:fc:ba:26:88:4f:77:e5:20:94:64:
cf:82:6f:60:ec:77:af:c3:35:c4:45:db:ee:b6:52:
9e:76:49:37:3d:ab:b7:e4:e1:c2:a6:20:cc:44:38:
d4:a9:ff:83:6c:fd:3c:47:9e:b8:87:73:ce:65:ae:
0e:24:62:37:de:b0:54:de:ce:d7:b6:96:fe:61:ab:
fc:be:4f:64:fe:a5:6c:ab:72:3e:f4:36:ac:c4:5d:
c0:32:8e:39:f6:88:0e:20:34:92:c9:cf:0d:85:35:
74:54:c7:9a:c3:af:ce:eb:50:a8:6f:98:57:fe:9b:
83:52:0d:ba:bb:ac:e4:e1:74:4d:47:10:16:a4:e5:
5b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7A:6A:C7:FE:E4:0A:89:4C:1E:5D:12:52:0C:6B:24:D7:BD:36:21
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/yHpqx_7kColMHl0SUgxrJNe9NiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.40.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:89:9f:35:00:39:6a:a7:10:10:f7:a7:49:2b:d4:6f:97:26:
89:2c:0f:19:d7:f8:97:cb:ae:84:91:af:45:31:30:4a:d5:bf:
79:35:ce:45:e9:96:3a:dd:ea:e8:94:2a:7f:34:87:d7:c3:2d:
a2:88:2c:bf:46:27:6d:7c:76:ec:c2:b7:0f:01:b2:8a:93:b0:
fb:c9:d6:e9:c0:52:22:18:36:51:fb:c1:29:37:dd:f1:ea:e4:
05:1c:7a:11:e3:39:65:cb:d3:9b:49:5b:8e:f8:56:b9:b0:4a:
0d:4f:bc:32:d9:ed:c6:80:ff:d0:e4:cb:ec:42:06:83:cf:84:
cd:a8:0f:6e:e8:43:31:c5:c4:2f:74:e3:94:d2:8c:8a:99:05:
ae:0f:d1:b5:ef:0e:8e:9d:36:f5:3c:4d:83:1c:ec:5d:59:29:
0c:98:21:99:b7:fd:e6:47:77:90:8b:90:c9:ab:2e:c5:f0:94:
10:64:ec:3d:07:1d:c9:3a:b7:45:4a:07:e5:1b:d7:36:a6:86:
61:83:2d:ee:cb:7b:6b:38:44:ae:1f:58:45:68:65:25:a5:0d:
1a:cc:57:bf:bd:af:65:9d:8b:7d:08:e3:33:1c:86:36:25:62:
dc:34:12:9d:9a:96:f3:f3:3f:6e:83:9f:47:68:76:c1:47:d6:
4b:7e:92:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+Xw9QPIyGkPQSq1hIhphZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjQwNTIwMjA0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdhNmFjN2ZlZTQwYTg5NGMxZTVkMTI1MjBjNmIyNGQ3YmQzNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokHUsfivXlO8muB2yJRmScOauS41
fKoVdl8HiCO+0blLzu0dXv2SIl0SeNWNDocJRmGP3R5Jt8yqd9ulycY0wf+ryKej
A9YkEr6HPt61LpAkOThySuz8zVo/nCJTNhvdlHWf8kC3lURXpYp6LQ0J0Ju+wdUK
ATXpRV3dL/y6JohPd+UglGTPgm9g7HevwzXERdvutlKedkk3Pau35OHCpiDMRDjU
qf+DbP08R564h3POZa4OJGI33rBU3s7Xtpb+Yav8vk9k/qVsq3I+9DasxF3AMo45
9ogOIDSSyc8NhTV0VMeaw6/O61Cob5hX/puDUg26u6zk4XRNRxAWpOVb3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMh6asf+5AqJTB5dElIMayTXvTYhMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEveUhwcXhfN2tDb2xNSGwwU1VneHJKTmU5TmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTUoMA0G
CSqGSIb3DQEBCwUAA4IBAQCOiZ81ADlqpxAQ96dJK9RvlyaJLA8Z1/iXy66Eka9F
MTBK1b95Nc5F6ZY63erolCp/NIfXwy2iiCy/RidtfHbswrcPAbKKk7D7ydbpwFIi
GDZR+8EpN93x6uQFHHoR4zlly9ObSVuO+Fa5sEoNT7wy2e3GgP/Q5MvsQgaDz4TN
qA9u6EMxxcQvdOOU0oyKmQWuD9G17w6OnTb1PE2DHOxdWSkMmCGZt/3mR3eQi5DJ
qy7F8JQQZOw9Bx3JOrdFSgflG9c2poZhgy3uy3trOESuH1hFaGUlpQ0azFe/va9l
nYt9COMzHIY2JWLcNBKdmpbz8z9ug59HaHbBR9ZLfpID
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:09 2025 by rpki-client