Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/Ry5D3EsiYNrwf2Fi541DqXiTvtA.roa
File: Ry5D3EsiYNrwf2Fi541DqXiTvtA.roa (raw, json)
Hash identifier: f+e+h7MVyrHwZr1riwwVackCm58vdhEcxN86by8zRWA=
Subject key identifier: 47:2E:43:DC:4B:22:60:DA:F0:7F:61:62:E7:8D:43:A9:78:93:BE:D0
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DBBD13C6C81DC29945AD6FE38CE4F
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/Ry5D3EsiYNrwf2Fi541DqXiTvtA.roa
Signing time: Sun 01 Jan 2023 20:54:57 +0000
ROA not before: Sun 01 Jan 2023 20:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43581
IP address blocks: 194.169.160.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:bb:d1:3c:6c:81:dc:29:94:5a:d6:fe:38:ce:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=472e43dc4b2260daf07f6162e78d43a97893bed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a9:27:50:81:91:e3:9d:04:3e:64:76:3c:0c:
8b:05:49:46:0c:09:ca:90:9b:b7:11:eb:4f:e7:9e:
b6:14:db:f5:01:f7:e8:48:12:53:81:ca:9d:5e:30:
54:e6:08:17:88:20:34:8d:4f:26:fc:dc:68:f6:89:
e7:8d:3f:32:53:e4:38:f4:52:63:12:b7:38:b0:0b:
e1:a0:4a:af:20:69:d3:d6:c0:f7:a4:7c:61:10:4e:
0b:7e:2f:0d:d9:39:82:cb:2b:e7:dc:8a:66:3d:25:
67:22:1e:2d:08:37:58:e9:a1:c0:9d:ce:51:33:cc:
02:66:95:51:61:4e:b7:49:ec:9d:7a:ed:29:a6:1c:
bb:2e:22:b3:71:c1:ea:3f:d5:1b:91:d4:ed:17:09:
05:d8:3f:6f:db:44:26:09:45:49:72:66:d2:be:49:
26:1c:f5:ef:b7:0f:48:15:76:ea:5e:3a:e1:93:17:
78:65:4e:04:9d:a4:a5:42:8a:c1:14:70:28:2f:c7:
1f:7c:fe:92:99:c1:1c:d1:67:f9:8d:2c:87:f8:68:
2e:e4:8d:79:4f:e9:f3:21:1c:7d:f7:df:3d:e2:36:
f6:71:2e:c7:62:91:ac:1e:08:73:2a:d4:51:d2:7e:
e6:62:c6:8a:b0:b3:ca:7c:37:c5:87:ae:ce:b6:62:
ca:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2E:43:DC:4B:22:60:DA:F0:7F:61:62:E7:8D:43:A9:78:93:BE:D0
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/Ry5D3EsiYNrwf2Fi541DqXiTvtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.160.0/24
Signature Algorithm: sha256WithRSAEncryption
77:c5:c3:66:02:75:1d:3f:22:bb:eb:40:c1:45:c7:ec:e5:66:
62:c9:eb:41:50:04:77:07:d7:8b:6c:20:18:96:d6:aa:d7:29:
0d:36:15:66:ee:da:d0:10:e3:e8:fc:7e:65:14:5e:af:d4:91:
ab:ce:4e:29:af:f7:80:6e:06:59:25:2d:89:9b:90:4f:38:0b:
80:be:d6:e4:6a:2d:f6:96:4a:87:c7:bc:7f:86:79:e6:61:36:
4d:0a:fb:9a:7a:16:c6:77:f0:9d:d6:99:02:3a:87:87:c9:25:
7a:50:35:39:5c:37:75:1f:97:95:c0:9a:2d:20:32:09:e7:09:
c0:93:bb:c4:50:e1:a9:30:22:fb:87:49:c4:29:c1:4f:b5:63:
ec:ac:2a:31:88:9d:94:ed:36:9a:76:da:64:46:80:77:f0:ef:
42:bb:6a:67:ee:4e:2b:19:30:aa:6f:46:28:84:67:24:0d:9f:
43:8f:a4:57:3f:9a:f6:91:d0:23:a3:e1:57:c9:5e:d0:26:43:
87:64:d4:8f:44:94:e1:86:25:11:f3:8f:78:6f:a0:2d:b6:e2:
45:ff:e4:7d:b6:77:6e:8a:ad:92:f5:43:ff:7d:ab:b1:a6:44:
84:6c:56:1c:b4:e0:85:4b:f5:d8:6f:77:ac:a6:eb:8f:6c:e1:
d4:84:51:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHbvRPGyB3CmUWtb+OM5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJlNDNkYzRiMjI2MGRhZjA3ZjYxNjJlNzhkNDNhOTc4OTNiZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6knUIGR450EPmR2PAyLBUlGDAnK
kJu3EetP5562FNv1AffoSBJTgcqdXjBU5ggXiCA0jU8m/Nxo9onnjT8yU+Q49FJj
Erc4sAvhoEqvIGnT1sD3pHxhEE4Lfi8N2TmCyyvn3IpmPSVnIh4tCDdY6aHAnc5R
M8wCZpVRYU63Seydeu0pphy7LiKzccHqP9UbkdTtFwkF2D9v20QmCUVJcmbSvkkm
HPXvtw9IFXbqXjrhkxd4ZU4EnaSlQorBFHAoL8cffP6SmcEc0Wf5jSyH+Ggu5I15
T+nzIRx999894jb2cS7HYpGsHghzKtRR0n7mYsaKsLPKfDfFh67OtmLKYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcuQ9xLImDa8H9hYueNQ6l4k77QMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvUnk1RDNFc2lZTnJ3ZjJGaTU0MURxWGlUdnRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqmgMA0G
CSqGSIb3DQEBCwUAA4IBAQB3xcNmAnUdPyK760DBRcfs5WZiyetBUAR3B9eLbCAY
ltaq1ykNNhVm7trQEOPo/H5lFF6v1JGrzk4pr/eAbgZZJS2Jm5BPOAuAvtbkai32
lkqHx7x/hnnmYTZNCvuaehbGd/Cd1pkCOoeHySV6UDU5XDd1H5eVwJotIDIJ5wnA
k7vEUOGpMCL7h0nEKcFPtWPsrCoxiJ2U7TaadtpkRoB38O9Cu2pn7k4rGTCqb0Yo
hGckDZ9Dj6RXP5r2kdAjo+FXyV7QJkOHZNSPRJThhiUR8494b6AttuJF/+R9tndu
iq2S9UP/fauxpkSEbFYctOCFS/XYb3espuuPbOHUhFH4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:34 2023 by rpki-client on console-fra.rpki-client.org