Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/OdEEgRsk3UaiP4LaFzrU3g8M_XM.roa
File: OdEEgRsk3UaiP4LaFzrU3g8M_XM.roa (raw, json)
Hash identifier: hBAKna3XxlLKsMsxQe8i0EYUntyl+m0ytU7IY+vlJWw=
Subject key identifier: 39:D1:04:81:1B:24:DD:46:A2:3F:82:DA:17:3A:D4:DE:0F:0C:FD:73
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 039AA848
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/OdEEgRsk3UaiP4LaFzrU3g8M_XM.roa
Signing time: Sat 01 Jan 2022 14:07:01 +0000
ROA not before: Sat 01 Jan 2022 14:07:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34718
IP address blocks: 193.148.52.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60467272 (0x39aa848)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 14:07:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39d104811b24dd46a23f82da173ad4de0f0cfd73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:12:97:a7:f7:9c:18:67:92:ae:4e:c7:3f:1d:
42:f6:75:0a:f4:5a:d6:a0:2e:5b:93:b4:1f:c8:f3:
99:3f:79:16:09:90:93:33:d6:1b:3f:ac:dc:4d:bc:
8f:62:4a:52:71:cc:11:d6:3f:c6:47:0d:21:0a:e3:
94:e0:5a:36:25:c9:8a:93:8e:88:3b:bf:ba:12:57:
f4:30:65:97:69:c5:a6:c9:75:db:b9:31:36:91:e5:
97:8a:d9:10:0a:d6:95:31:00:2b:9a:fc:35:75:44:
39:86:75:46:5b:f9:e4:aa:b7:bf:75:25:7e:ab:c6:
32:d3:a6:1f:e4:f3:38:51:95:cc:8f:ef:e7:82:23:
fb:ca:2e:47:84:d4:f5:81:92:dc:0d:63:e5:3b:69:
b6:a0:a5:71:ea:c2:7f:e0:ac:0f:73:2c:bd:50:08:
72:68:a5:63:ac:da:03:96:a8:9d:b7:06:78:4d:8d:
1f:9c:15:f9:cb:36:9e:63:8b:b0:3b:93:d5:46:d5:
54:41:78:bf:c0:9d:f5:af:49:6f:08:30:dd:28:04:
85:63:f6:a8:e6:4c:e1:33:93:d2:08:07:37:75:a5:
bc:a3:e3:b7:94:e8:7e:68:2a:13:48:d8:01:a7:7b:
39:99:5e:a9:c8:f7:7b:e8:a2:9f:bc:4e:6d:31:23:
34:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D1:04:81:1B:24:DD:46:A2:3F:82:DA:17:3A:D4:DE:0F:0C:FD:73
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/OdEEgRsk3UaiP4LaFzrU3g8M_XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.52.0/22
Signature Algorithm: sha256WithRSAEncryption
51:2f:ab:b2:a1:c1:61:0e:64:1b:38:d0:d1:ba:54:9e:c1:c5:
2f:6b:a5:e9:3e:fb:75:56:19:63:a5:51:72:22:a3:00:c3:9d:
15:1d:f1:cd:6b:f7:c6:c8:58:ca:55:da:49:84:51:d5:d0:1d:
49:37:9a:bd:2e:c3:12:8b:73:67:d2:cc:51:00:c6:1a:45:73:
20:fe:c3:7b:2b:d4:09:44:e3:b5:ae:4c:7e:83:fd:d8:14:59:
9d:a5:27:ef:5e:5c:a4:6b:17:91:5c:63:1d:0a:88:64:2d:66:
07:87:ad:9c:a0:89:9c:f9:35:79:97:55:be:07:55:60:c6:d0:
19:c0:d8:93:2c:d4:41:1d:2d:2d:e2:45:49:f0:db:7a:69:24:
24:ed:93:d8:e1:94:92:e1:3e:52:63:cc:77:47:64:7d:0b:a7:
19:13:df:fc:dc:8c:fb:64:7c:3d:72:51:a5:61:1d:c4:31:b0:
87:ea:b2:7d:14:f6:1b:d3:51:cd:0d:91:00:7c:3f:83:5d:92:
b7:32:6a:34:40:11:5c:85:03:6f:00:a1:72:92:84:6a:28:5a:
5c:b5:c5:02:0a:08:34:eb:ea:3a:ea:cd:3e:d4:72:44:cb:5f:
19:3e:24:16:78:5e:53:c6:8a:57:89:55:fa:d0:f8:ec:94:79:
6f:aa:81:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5qoSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDEw
MTE0MDcwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzlkMTA0ODExYjI0
ZGQ0NmEyM2Y4MmRhMTczYWQ0ZGUwZjBjZmQ3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIoSl6f3nBhnkq5Oxz8dQvZ1CvRa1qAuW5O0H8jzmT95FgmQ
kzPWGz+s3E28j2JKUnHMEdY/xkcNIQrjlOBaNiXJipOOiDu/uhJX9DBll2nFpsl1
27kxNpHll4rZEArWlTEAK5r8NXVEOYZ1Rlv55Kq3v3UlfqvGMtOmH+TzOFGVzI/v
54Ij+8ouR4TU9YGS3A1j5TtptqClcerCf+CsD3MsvVAIcmilY6zaA5aonbcGeE2N
H5wV+cs2nmOLsDuT1UbVVEF4v8Cd9a9Jbwgw3SgEhWP2qOZM4TOT0ggHN3WlvKPj
t5TofmgqE0jYAad7OZleqcj3e+iin7xObTEjNAECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ50QSBGyTdRqI/gtoXOtTeDwz9czAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
L09kRUVnUnNrM1VhaVA0TGFGenJVM2c4TV9YTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsGUNDANBgkqhkiG9w0BAQsFAAOC
AQEAUS+rsqHBYQ5kGzjQ0bpUnsHFL2ul6T77dVYZY6VRciKjAMOdFR3xzWv3xshY
ylXaSYRR1dAdSTeavS7DEotzZ9LMUQDGGkVzIP7DeyvUCUTjta5MfoP92BRZnaUn
715cpGsXkVxjHQqIZC1mB4etnKCJnPk1eZdVvgdVYMbQGcDYkyzUQR0tLeJFSfDb
emkkJO2T2OGUkuE+UmPMd0dkfQunGRPf/NyM+2R8PXJRpWEdxDGwh+qyfRT2G9NR
zQ2RAHw/g12StzJqNEARXIUDbwChcpKEaihaXLXFAgoINOvqOurNPtRyRMtfGT4k
FnheU8aKV4lV+tD47JR5b6qB5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org