Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/akqKtCw-LKgxldyq3PJc74O6WK8.roa
File: akqKtCw-LKgxldyq3PJc74O6WK8.roa (raw, json)
Hash identifier: 3vqrfL1FzP1MyD/f20u/O8k+WHkqzHZsWuIQ1eOCVGg=
Subject key identifier: 6A:4A:8A:B4:2C:3E:2C:A8:31:95:DC:AA:DC:F2:5C:EF:83:BA:58:AF
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DBE35780382307875D1C6F40F9A1F
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/akqKtCw-LKgxldyq3PJc74O6WK8.roa
Signing time: Sun 01 Jan 2023 20:54:58 +0000
ROA not before: Sun 01 Jan 2023 20:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47726
IP address blocks: 80.76.60.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:be:35:78:03:82:30:78:75:d1:c6:f4:0f:9a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a4a8ab42c3e2ca83195dcaadcf25cef83ba58af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bd:64:e1:eb:d6:3e:21:a6:66:dd:cc:0d:50:
48:03:81:1b:f6:b0:e9:51:b5:c6:1b:e1:6f:3e:0d:
1d:04:2c:08:a8:c4:f7:4f:7e:1b:f8:38:fd:30:50:
dd:b3:37:5c:4d:94:6c:6f:80:c4:f7:33:40:e3:4f:
72:35:aa:8e:60:8d:89:49:f0:f7:1c:3c:52:f5:15:
bb:dd:14:55:a0:a4:9b:20:ab:e6:4c:0c:93:d3:34:
54:5e:36:91:c5:de:4a:ce:69:1d:e8:7b:7e:71:e2:
46:39:14:ef:a1:e5:3f:7b:79:93:9b:96:c0:35:d1:
81:a3:f8:a7:84:5e:e9:bf:01:4f:e3:62:94:e8:d0:
df:04:55:c6:23:69:e5:60:ba:ed:76:e7:43:7b:c5:
12:91:83:58:e6:2b:1c:d3:b2:24:69:19:0f:7d:0f:
f0:db:08:d3:ca:9a:3c:33:21:12:d7:dc:8e:7f:cc:
52:2f:6a:a4:27:c5:8e:3d:97:e6:f6:be:37:7a:da:
ee:c6:61:06:09:08:45:33:0b:8f:9b:5a:1d:ae:01:
06:e4:b6:4b:ba:58:1a:2b:01:81:10:2c:60:71:99:
4a:6c:a6:8f:46:16:97:48:8b:ab:3a:8d:e6:b8:11:
76:bf:be:69:b2:a6:17:91:07:96:e0:82:51:ce:99:
79:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4A:8A:B4:2C:3E:2C:A8:31:95:DC:AA:DC:F2:5C:EF:83:BA:58:AF
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/akqKtCw-LKgxldyq3PJc74O6WK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.60.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:64:f0:9a:12:32:aa:86:17:7a:f6:90:47:8c:56:e9:43:b3:
fd:47:69:3a:ca:d6:da:c7:0d:ff:d3:2f:53:30:6c:83:c9:f1:
a9:ca:9f:ad:3d:1c:aa:2d:ec:bb:09:f0:68:51:f9:76:cf:d6:
8d:04:49:e4:07:27:43:65:19:66:6b:37:de:e9:6d:08:29:de:
8e:9f:87:ae:32:c7:3b:c8:89:4f:da:f1:37:97:e7:17:05:4e:
35:c2:42:6a:1c:b5:f6:f1:01:46:fc:b7:8f:65:12:7d:ce:34:
e9:f8:63:05:fb:03:20:0c:61:10:5c:1b:fd:ea:c4:2d:38:b3:
76:7c:e8:5d:ca:73:c9:93:66:54:f9:09:1c:3b:02:7e:8e:02:
03:b0:8d:ee:e4:63:43:44:c0:2f:18:93:8c:7d:87:62:c9:22:
ee:ea:c8:a1:54:76:0a:72:9d:e4:10:a0:96:d4:0f:b5:f2:62:
71:22:19:c7:99:8e:0a:3b:cf:0e:3f:e9:6e:86:46:80:81:17:
b4:98:8c:3a:bc:bc:60:2f:cb:8e:ed:83:db:6f:2c:90:5e:fc:
23:3b:68:d2:e3:9b:5e:de:e4:ef:56:aa:81:0c:0f:e5:3c:fd:
42:30:7d:80:20:92:b2:0f:93:62:e9:fa:bf:05:bb:96:b7:75:
e2:fa:e2:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHb41eAOCMHh10cb0D5ofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTRhOGFiNDJjM2UyY2E4MzE5NWRjYWFkY2YyNWNlZjgzYmE1OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr1k4evWPiGmZt3MDVBIA4Eb9rDp
UbXGG+FvPg0dBCwIqMT3T34b+Dj9MFDdszdcTZRsb4DE9zNA409yNaqOYI2JSfD3
HDxS9RW73RRVoKSbIKvmTAyT0zRUXjaRxd5Kzmkd6Ht+ceJGORTvoeU/e3mTm5bA
NdGBo/inhF7pvwFP42KU6NDfBFXGI2nlYLrtdudDe8USkYNY5isc07IkaRkPfQ/w
2wjTypo8MyES19yOf8xSL2qkJ8WOPZfm9r43etruxmEGCQhFMwuPm1odrgEG5LZL
ulgaKwGBECxgcZlKbKaPRhaXSIurOo3muBF2v75psqYXkQeW4IJRzpl5SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpKirQsPiyoMZXcqtzyXO+DulivMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvYWtxS3RDdy1MS2d4bGR5cTNQSmM3NE82V0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEw8MA0G
CSqGSIb3DQEBCwUAA4IBAQClZPCaEjKqhhd69pBHjFbpQ7P9R2k6ytbaxw3/0y9T
MGyDyfGpyp+tPRyqLey7CfBoUfl2z9aNBEnkBydDZRlmazfe6W0IKd6On4euMsc7
yIlP2vE3l+cXBU41wkJqHLX28QFG/LePZRJ9zjTp+GMF+wMgDGEQXBv96sQtOLN2
fOhdynPJk2ZU+QkcOwJ+jgIDsI3u5GNDRMAvGJOMfYdiySLu6sihVHYKcp3kEKCW
1A+18mJxIhnHmY4KO88OP+luhkaAgRe0mIw6vLxgL8uO7YPbbyyQXvwjO2jS45te
3uTvVqqBDA/lPP1CMH2AIJKyD5Ni6fq/BbuWt3Xi+uJ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org