Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/E3bi9ye4wsvW0doue4bO7n6OGNE.roa
File: E3bi9ye4wsvW0doue4bO7n6OGNE.roa (raw, json)
Hash identifier: puxfz2gbay8r9MZcIILUy+N1+FK9joukDa2skmr04WU=
Subject key identifier: 13:76:E2:F7:27:B8:C2:CB:D6:D1:DA:2E:7B:86:CE:EE:7E:8E:18:D1
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DBCD8AB62CA8832B1D71636F2A398
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/E3bi9ye4wsvW0doue4bO7n6OGNE.roa
Signing time: Sun 01 Jan 2023 20:54:57 +0000
ROA not before: Sun 01 Jan 2023 20:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 193.38.54.0/24 maxlen: 24
193.38.55.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:bc:d8:ab:62:ca:88:32:b1:d7:16:36:f2:a3:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1376e2f727b8c2cbd6d1da2e7b86ceee7e8e18d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e0:38:f2:2a:20:70:5f:59:9d:77:f1:1c:c9:
24:34:be:77:d0:04:52:2a:24:5e:8c:24:19:5e:1a:
94:40:ca:44:fb:01:ab:c5:34:e6:10:3e:fc:80:9e:
65:a4:b2:a2:96:ad:ec:8e:34:fd:3d:3b:aa:75:ce:
58:34:db:f3:47:33:42:e8:ca:d6:93:e6:32:87:89:
5a:18:97:d1:10:c7:22:ef:fe:04:51:37:5b:4f:f1:
c7:a6:f7:cf:35:06:b1:fa:4d:1f:3a:ad:0e:41:7b:
73:92:49:27:2e:72:f2:a6:d4:4c:50:42:01:46:fc:
ab:be:55:43:e5:da:c1:66:4d:84:c3:ad:ab:80:e0:
fa:a5:29:64:d2:51:1f:18:ad:14:9d:83:38:4a:2a:
ad:a4:e9:46:0e:ed:89:69:85:97:e7:95:fc:1a:c2:
db:ab:b1:67:d9:7c:15:b4:1f:6c:05:a3:8c:2e:b8:
14:ee:a6:1c:d3:c9:64:4b:d3:11:2b:d0:7f:02:d5:
51:5f:54:cf:8e:e0:d9:7f:5a:71:06:9e:2f:d7:a4:
d1:f4:bc:ce:64:b0:bb:3c:ac:31:6c:99:92:f7:a5:
48:9a:6f:68:ee:ed:7d:1a:65:2e:8d:00:9d:ec:89:
0d:99:45:82:c1:83:21:17:f6:2b:d5:1e:65:8b:d2:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:76:E2:F7:27:B8:C2:CB:D6:D1:DA:2E:7B:86:CE:EE:7E:8E:18:D1
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/E3bi9ye4wsvW0doue4bO7n6OGNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.54.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:34:b0:b4:b5:11:80:20:b5:cb:38:af:d2:bd:64:ee:6f:c4:
ac:70:41:47:94:94:db:d6:67:2e:e1:69:6a:c1:44:0a:f6:9e:
3f:50:ae:4b:91:3b:29:80:ba:fc:eb:46:66:35:72:9d:fb:da:
6a:59:75:c1:9b:ed:ec:1b:b6:4e:ec:63:34:70:ec:4e:5a:12:
af:e1:ff:c4:e0:1e:ad:b2:7b:d0:0d:96:01:88:cc:36:57:bc:
3e:34:e4:ad:58:17:99:d1:1d:6b:f1:c7:12:f0:04:cd:66:ec:
2c:2d:20:f6:69:7a:4d:bd:75:eb:7c:98:ed:23:b0:32:77:98:
da:a0:10:90:17:d3:b1:93:a2:53:35:14:e8:02:7a:60:57:2d:
35:50:ab:24:44:9f:f2:b4:f5:65:6f:db:5f:dd:93:85:66:1f:
ca:6a:32:1f:27:f7:9c:69:e0:28:c9:24:58:75:f3:f3:1e:ad:
d0:23:e1:29:c2:7c:d0:ff:36:19:d4:ba:01:21:3b:37:71:c0:
51:88:71:0d:55:77:c3:96:96:31:d5:77:1c:6e:8e:20:12:49:
17:8e:50:c3:ad:95:fb:eb:58:5a:27:5e:fd:87:7e:aa:ef:8b:
6d:7a:81:56:a7:0f:a6:72:a0:3f:ca:02:21:d1:47:5d:b2:63:
f5:6d:bd:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHbzYq2LKiDKx1xY28qOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc2ZTJmNzI3YjhjMmNiZDZkMWRhMmU3Yjg2Y2VlZTdlOGUxOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+A48iogcF9ZnXfxHMkkNL530ARS
KiRejCQZXhqUQMpE+wGrxTTmED78gJ5lpLKilq3sjjT9PTuqdc5YNNvzRzNC6MrW
k+Yyh4laGJfREMci7/4EUTdbT/HHpvfPNQax+k0fOq0OQXtzkkknLnLyptRMUEIB
RvyrvlVD5drBZk2Ew62rgOD6pSlk0lEfGK0UnYM4SiqtpOlGDu2JaYWX55X8GsLb
q7Fn2XwVtB9sBaOMLrgU7qYc08lkS9MRK9B/AtVRX1TPjuDZf1pxBp4v16TR9LzO
ZLC7PKwxbJmS96VImm9o7u19GmUujQCd7IkNmUWCwYMhF/Yr1R5li9LYFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBN24vcnuMLL1tHaLnuGzu5+jhjRMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvRTNiaTl5ZTR3c3ZXMGRvdWU0Yk83bjZPR05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSY2MA0G
CSqGSIb3DQEBCwUAA4IBAQCxNLC0tRGAILXLOK/SvWTub8SscEFHlJTb1mcu4Wlq
wUQK9p4/UK5LkTspgLr860ZmNXKd+9pqWXXBm+3sG7ZO7GM0cOxOWhKv4f/E4B6t
snvQDZYBiMw2V7w+NOStWBeZ0R1r8ccS8ATNZuwsLSD2aXpNvXXrfJjtI7Ayd5ja
oBCQF9Oxk6JTNRToAnpgVy01UKskRJ/ytPVlb9tf3ZOFZh/KajIfJ/ecaeAoySRY
dfPzHq3QI+EpwnzQ/zYZ1LoBITs3ccBRiHENVXfDlpYx1Xccbo4gEkkXjlDDrZX7
61haJ179h36q74tteoFWpw+mcqA/ygIh0UddsmP1bb3Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org