Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/V-ntyoPWatSlE3n0tXMR2QmwsJQ.roa
File: V-ntyoPWatSlE3n0tXMR2QmwsJQ.roa (raw, json)
Hash identifier: gj/nyiQC74ElNbTkBuwtGL2pAq2KbJauATNAhneoQ2s=
Subject key identifier: 57:E9:ED:CA:83:D6:6A:D4:A5:13:79:F4:B5:73:11:D9:09:B0:B0:94
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DB968E0612C227708F85F9CA43FD3
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/V-ntyoPWatSlE3n0tXMR2QmwsJQ.roa
Signing time: Sun 01 Jan 2023 20:54:57 +0000
ROA not before: Sun 01 Jan 2023 20:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34718
IP address blocks: 193.148.52.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b9:68:e0:61:2c:22:77:08:f8:5f:9c:a4:3f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57e9edca83d66ad4a51379f4b57311d909b0b094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:93:ce:f5:58:4d:e7:c6:0e:9a:5b:62:ee:1f:
1a:a0:bd:6c:8e:90:18:b1:09:e7:f3:29:a8:c5:33:
ab:95:34:45:dc:0d:17:39:bf:b0:09:4c:db:14:56:
86:3f:10:4d:02:b6:c3:1a:f5:fc:0f:54:67:e4:64:
c5:2c:1e:7a:8e:5b:96:7d:d3:23:9b:03:bb:cb:8c:
bd:41:72:f5:67:f4:4c:1a:49:09:04:ba:26:32:5f:
75:e1:b3:bd:bf:8f:a1:ed:cf:15:48:58:27:39:b4:
d0:04:60:a8:15:cb:48:69:55:c2:03:c7:0a:76:d2:
a5:ea:25:4d:7a:c2:70:f0:ae:c3:73:89:cf:fd:e8:
bb:4e:f9:cf:74:93:af:18:40:41:3e:7a:ca:28:6e:
f4:15:69:d7:ca:b5:24:c2:18:25:4f:b1:c0:e9:45:
51:fd:6e:01:fa:e5:13:0f:1d:db:47:f6:76:98:57:
6f:95:2a:6b:d0:ae:de:34:69:0b:0d:80:ed:a2:a2:
4d:86:3c:89:94:20:b4:bb:ca:78:18:88:f4:55:b0:
e6:3e:67:20:0d:fb:d4:76:a2:3c:f5:09:35:d5:59:
dc:cf:4d:6e:f0:a5:3b:d5:fa:31:f0:79:9b:18:a8:
3d:22:61:a7:3b:a0:54:d8:97:99:ed:bc:77:37:0f:
e9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E9:ED:CA:83:D6:6A:D4:A5:13:79:F4:B5:73:11:D9:09:B0:B0:94
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/V-ntyoPWatSlE3n0tXMR2QmwsJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:8a:62:9c:ff:7c:35:b6:8e:4c:ba:c8:35:1b:09:d1:99:42:
5e:69:74:c4:ae:d7:b4:f9:ed:04:e4:6b:1f:f9:fb:8c:12:1f:
dd:9b:5a:db:eb:75:f5:54:6c:d6:74:55:92:18:12:a4:c7:dc:
2b:8f:3d:2a:6a:b7:1b:0e:ed:8d:9b:de:b7:80:90:2a:c7:fd:
6a:49:62:84:1b:fd:ff:e2:90:ac:15:e5:8e:52:d0:85:a0:70:
bf:aa:31:81:06:da:48:83:36:34:26:70:f9:0f:c0:c9:c7:a5:
6a:cb:2b:77:12:e6:a3:57:17:17:05:b2:fb:21:69:8d:27:83:
83:66:07:ed:09:68:0e:e8:6f:40:d7:38:df:4b:3b:86:1e:8f:
b7:84:bc:5f:da:28:2d:e4:66:be:3d:f1:e5:ff:6d:ce:4c:14:
8d:95:11:58:74:35:ef:e9:db:21:71:0e:83:fd:d4:e6:e1:2d:
a7:b5:92:0e:88:0a:11:42:52:2e:d3:d6:d5:43:b7:d8:d1:bf:
04:00:3d:5b:62:65:a6:fd:6a:e4:67:cd:b5:8a:79:d8:c4:7d:
02:46:16:ca:fc:54:e6:0b:2c:e3:92:e8:c5:c1:12:76:21:58:
fd:f8:6f:df:48:d7:8f:40:29:0e:17:16:48:be:18:34:2c:f8:
40:a8:77:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHblo4GEsIncI+F+cpD/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2U5ZWRjYTgzZDY2YWQ0YTUxMzc5ZjRiNTczMTFkOTA5YjBiMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspPO9VhN58YOmlti7h8aoL1sjpAY
sQnn8ymoxTOrlTRF3A0XOb+wCUzbFFaGPxBNArbDGvX8D1Rn5GTFLB56jluWfdMj
mwO7y4y9QXL1Z/RMGkkJBLomMl914bO9v4+h7c8VSFgnObTQBGCoFctIaVXCA8cK
dtKl6iVNesJw8K7Dc4nP/ei7TvnPdJOvGEBBPnrKKG70FWnXyrUkwhglT7HA6UVR
/W4B+uUTDx3bR/Z2mFdvlSpr0K7eNGkLDYDtoqJNhjyJlCC0u8p4GIj0VbDmPmcg
DfvUdqI89Qk11Vncz01u8KU71fox8HmbGKg9ImGnO6BU2JeZ7bx3Nw/pjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFfp7cqD1mrUpRN59LVzEdkJsLCUMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvVi1udHlvUFdhdFNsRTNuMHRYTVIyUW13c0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwZQ0MA0G
CSqGSIb3DQEBCwUAA4IBAQA/imKc/3w1to5Musg1GwnRmUJeaXTErte0+e0E5Gsf
+fuMEh/dm1rb63X1VGzWdFWSGBKkx9wrjz0qarcbDu2Nm963gJAqx/1qSWKEG/3/
4pCsFeWOUtCFoHC/qjGBBtpIgzY0JnD5D8DJx6Vqyyt3EuajVxcXBbL7IWmNJ4OD
ZgftCWgO6G9A1zjfSzuGHo+3hLxf2igt5Ga+PfHl/23OTBSNlRFYdDXv6dshcQ6D
/dTm4S2ntZIOiAoRQlIu09bVQ7fY0b8EAD1bYmWm/WrkZ821innYxH0CRhbK/FTm
CyzjkujFwRJ2IVj9+G/fSNePQCkOFxZIvhg0LPhAqHfj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org