Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/cULNMENYI0rUQ9wKeJlhtaMa-uI.roa
File: cULNMENYI0rUQ9wKeJlhtaMa-uI.roa (raw, json)
Hash identifier: 9+iSoH5G7bLiY0KJ1DqjmIWZ1L3USRlTgYbJRUPtk+Q=
Subject key identifier: 71:42:CD:30:43:58:23:4A:D4:43:DC:0A:78:99:61:B5:A3:1A:FA:E2
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 03A40761
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/cULNMENYI0rUQ9wKeJlhtaMa-uI.roa
Signing time: Sat 01 Jan 2022 14:07:07 +0000
ROA not before: Sat 01 Jan 2022 14:07:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203936
IP address blocks: 193.160.209.0/24 maxlen: 24
193.160.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61081441 (0x3a40761)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 14:07:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7142cd304358234ad443dc0a789961b5a31afae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ed:61:4b:42:44:b4:7d:39:92:b7:4b:dd:47:
24:cb:a8:64:21:8b:93:0c:ef:d6:59:19:f6:fc:dc:
26:14:1d:ab:21:ed:ad:fd:38:61:98:2d:b2:de:ec:
1a:9b:94:09:45:3d:dc:f4:4a:f7:d3:76:f6:be:7a:
98:1e:87:78:34:b1:e5:c1:c7:de:52:44:d4:ce:e9:
69:72:5b:36:c6:2c:6e:a0:a9:fb:7c:93:9f:b0:44:
25:ce:21:26:16:77:3e:32:ba:b0:35:a0:87:c4:95:
1d:27:aa:da:72:30:54:bb:af:ee:71:1f:86:b1:dc:
70:b4:95:ce:e9:1a:6f:9a:d0:a4:a0:be:98:17:09:
81:36:4e:85:3b:d7:b0:99:bd:63:65:60:bf:86:f8:
0e:b4:4b:52:0b:64:41:47:f1:8c:05:40:65:92:7e:
99:d6:31:2e:44:6a:73:cd:e8:f8:67:b9:1c:77:1e:
93:6c:36:2f:6b:c0:34:04:69:ba:e1:19:98:db:05:
2b:41:cc:3f:46:b3:af:7c:1d:06:f2:58:8f:e3:27:
7a:50:4d:f4:c0:69:96:54:05:54:cd:0b:0e:8e:86:
93:49:43:72:65:e1:77:c1:a5:e7:0f:43:01:7a:a1:
f0:89:fb:fd:81:1e:a0:b9:0a:c0:37:34:91:57:e1:
ac:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:42:CD:30:43:58:23:4A:D4:43:DC:0A:78:99:61:B5:A3:1A:FA:E2
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/cULNMENYI0rUQ9wKeJlhtaMa-uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.208.0/23
Signature Algorithm: sha256WithRSAEncryption
11:35:3c:81:0c:17:4f:4b:be:1c:e3:39:7e:76:5b:a5:47:3a:
24:e4:5c:ca:6f:b2:8e:6b:9f:d3:27:c3:fe:64:a3:7c:63:8b:
cf:6a:82:3f:10:16:36:18:87:1e:d8:dc:d6:46:8d:d2:0f:c6:
1c:8e:0e:01:df:2f:1b:e4:4c:15:1c:de:2a:5c:7f:13:41:fe:
0b:17:2d:59:5f:36:60:36:97:a8:6c:e8:c8:a2:07:14:9f:bb:
2a:dc:5b:01:b0:b6:98:e1:70:4d:f2:17:a2:d0:61:36:90:28:
74:3c:28:65:f2:2a:80:dc:c1:35:78:19:c0:0d:95:ad:a8:58:
3e:a6:df:64:cc:08:59:12:6f:49:e3:0c:60:06:a7:e1:10:61:
00:4b:05:4d:01:a9:e0:55:f5:1f:a7:d1:e1:bb:6b:59:55:6e:
2e:0f:67:b2:f8:75:29:28:83:af:30:0a:b2:cd:63:a9:69:d1:
c2:cc:ff:9e:3c:e2:08:8e:d9:6c:30:d1:d7:8c:bb:8a:64:59:
4a:8b:bf:d9:a4:2e:52:ce:3e:73:1c:e9:13:2b:2e:dc:4c:6b:
cf:35:f4:8b:19:cb:b0:9a:c8:1d:d4:6e:11:bf:7d:c6:23:6c:
07:0d:45:2d:51:35:d9:e1:2c:5c:4f:93:76:6d:e7:98:51:fe:
49:c9:69:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6QHYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDEw
MTE0MDcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE0MmNkMzA0MzU4
MjM0YWQ0NDNkYzBhNzg5OTYxYjVhMzFhZmFlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3tYUtCRLR9OZK3S91HJMuoZCGLkwzv1lkZ9vzcJhQdqyHt
rf04YZgtst7sGpuUCUU93PRK99N29r56mB6HeDSx5cHH3lJE1M7paXJbNsYsbqCp
+3yTn7BEJc4hJhZ3PjK6sDWgh8SVHSeq2nIwVLuv7nEfhrHccLSVzukab5rQpKC+
mBcJgTZOhTvXsJm9Y2Vgv4b4DrRLUgtkQUfxjAVAZZJ+mdYxLkRqc83o+Ge5HHce
k2w2L2vANARpuuEZmNsFK0HMP0azr3wdBvJYj+MnelBN9MBpllQFVM0LDo6Gk0lD
cmXhd8Gl5w9DAXqh8In7/YEeoLkKwDc0kVfhrAcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxQs0wQ1gjStRD3Ap4mWG1oxr64jAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
L2NVTE5NRU5ZSTByVVE5d0tlSmxodGFNYS11SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcGg0DANBgkqhkiG9w0BAQsFAAOC
AQEAETU8gQwXT0u+HOM5fnZbpUc6JORcym+yjmuf0yfD/mSjfGOLz2qCPxAWNhiH
Htjc1kaN0g/GHI4OAd8vG+RMFRzeKlx/E0H+CxctWV82YDaXqGzoyKIHFJ+7Ktxb
AbC2mOFwTfIXotBhNpAodDwoZfIqgNzBNXgZwA2VrahYPqbfZMwIWRJvSeMMYAan
4RBhAEsFTQGp4FX1H6fR4btrWVVuLg9nsvh1KSiDrzAKss1jqWnRwsz/njziCI7Z
bDDR14y7imRZSou/2aQuUs4+cxzpEysu3ExrzzX0ixnLsJrIHdRuEb99xiNsBw1F
LVE12eEsXE+Tdm3nmFH+SclpRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org