Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/uR6lZ_U1rw98NznJLVpnsZEbZUg.roa
File: uR6lZ_U1rw98NznJLVpnsZEbZUg.roa (raw, json)
Hash identifier: bEuwOS7JyLWuxbm5KoOmmrjjbSApkTstcLIPsgxbQls=
Subject key identifier: B9:1E:A5:67:F5:35:AF:0F:7C:37:39:C9:2D:5A:67:B1:91:1B:65:48
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 1AA1F473
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/uR6lZ_U1rw98NznJLVpnsZEbZUg.roa
Signing time: Sat 25 Jun 2022 15:20:10 +0000
ROA not before: Sat 25 Jun 2022 15:20:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42073
IP address blocks: 194.102.202.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 446821491 (0x1aa1f473)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jun 25 15:20:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b91ea567f535af0f7c3739c92d5a67b1911b6548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5e:df:6d:43:c6:71:65:ae:d9:17:3a:06:de:
8f:42:92:14:7e:a1:04:78:b9:b9:e1:97:6e:8e:1d:
78:94:1d:5e:8f:86:76:43:a8:81:f4:b6:02:de:c8:
bb:04:cd:28:14:69:d9:0d:e3:c1:5f:c5:ff:1f:56:
00:0a:60:df:ee:b3:4c:28:0a:c1:af:1e:f7:3e:d5:
89:fb:11:b3:70:97:eb:9f:e5:24:99:6a:a6:e8:a8:
3b:69:20:9b:f1:d3:40:59:8e:9f:c3:2e:8b:5f:5f:
40:25:3c:e0:7d:5a:42:9f:12:02:00:fa:d5:26:c6:
2a:43:35:0d:bc:00:19:67:b7:2c:a7:45:ce:15:cf:
2c:da:e4:bd:cb:24:0c:82:7d:71:81:39:03:94:2e:
cb:9c:ff:ab:06:c0:7f:85:1b:8c:4f:61:a8:a4:8f:
c7:66:49:05:30:c5:f4:ed:59:2c:61:b7:a9:db:8b:
1f:b0:f8:e6:9f:35:a6:3e:2f:9e:5d:b4:86:e5:b6:
9c:8b:6c:9e:5b:00:2d:07:2f:bd:e4:8e:ac:8f:9a:
9e:88:64:98:ee:63:0a:78:76:f2:29:33:35:36:1d:
35:c9:65:b2:5f:01:35:dd:cf:ad:81:f9:42:16:e5:
c1:97:28:ad:03:8f:11:e8:1c:cb:b6:18:d4:05:b3:
0e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1E:A5:67:F5:35:AF:0F:7C:37:39:C9:2D:5A:67:B1:91:1B:65:48
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/uR6lZ_U1rw98NznJLVpnsZEbZUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.202.0/24
Signature Algorithm: sha256WithRSAEncryption
53:3a:91:50:34:a5:56:e0:54:a9:73:ab:23:55:82:f2:fb:a4:
1f:07:13:a7:d3:3b:34:bc:18:0c:b4:fb:7a:b8:d5:00:f5:fb:
83:c4:4b:9f:8f:f1:28:19:33:a3:87:01:c7:03:3c:ff:5c:47:
eb:fc:d3:51:7c:88:ab:cd:a2:b7:f8:89:39:0e:d2:05:28:cd:
97:5c:db:57:fe:1e:95:52:e9:bb:24:09:c9:d0:d4:ee:f6:b8:
8f:f2:a7:8c:10:c2:87:e5:96:d5:c8:a2:5e:c2:85:6e:17:da:
35:f0:7d:dc:f1:bb:4d:29:28:7d:7e:46:bc:80:01:20:39:20:
70:ae:28:f7:2d:0e:08:b5:a9:8a:0e:64:a6:1e:c5:bb:ac:c4:
f7:63:b7:47:3a:c2:0b:22:6d:f9:e1:b0:b4:00:de:a1:5b:d1:
b8:bf:90:3b:aa:ec:49:97:31:95:08:78:b9:1a:0f:af:19:99:
86:e8:df:09:f0:07:7f:9b:6d:5d:06:7c:ca:7e:57:6b:84:77:
51:91:2e:c9:a9:9c:ba:91:b4:70:60:fe:27:2a:d2:67:ef:5f:
3c:fc:30:76:06:2d:86:be:e7:2d:f6:ee:30:e1:58:3f:76:6d:
48:0e:4d:29:15:f5:3f:c5:03:f5:2f:86:72:6f:5f:c4:d6:65:
b2:2e:01:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGqH0czANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTQ1OWFhNDYwMmJmZmEyZDI2NTBiYTY2ODE4NDU4Yzg5ZmM0NTgyMB4XDTIyMDYy
NTE1MjAxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjkxZWE1NjdmNTM1
YWYwZjdjMzczOWM5MmQ1YTY3YjE5MTFiNjU0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIhe321DxnFlrtkXOgbej0KSFH6hBHi5ueGXbo4deJQdXo+G
dkOogfS2At7IuwTNKBRp2Q3jwV/F/x9WAApg3+6zTCgKwa8e9z7VifsRs3CX65/l
JJlqpuioO2kgm/HTQFmOn8Mui19fQCU84H1aQp8SAgD61SbGKkM1DbwAGWe3LKdF
zhXPLNrkvcskDIJ9cYE5A5Quy5z/qwbAf4UbjE9hqKSPx2ZJBTDF9O1ZLGG3qduL
H7D45p81pj4vnl20huW2nItsnlsALQcvveSOrI+anohkmO5jCnh28ikzNTYdNcll
sl8BNd3PrYH5QhblwZcorQOPEegcy7YY1AWzDu8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS5HqVn9TWvD3w3OcktWmexkRtlSDAfBgNVHSMEGDAWgBSeRZqkYCv/otJl
C6ZoGEWMifxFgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25rV2FwR0FyXzZMU1pRdW1hQmhGakluOFJZSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvOWNjMzMzLTY4ZDUtNDY5Mi05YzViLTI4YTg0MWRhMGJmZC8x
L3VSNmxaX1Uxcnc5OE56bkpMVnBuc1pFYlpVZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
OWNjMzMzLTY4ZDUtNDY5Mi05YzViLTI4YTg0MWRhMGJmZC8xL25rV2FwR0FyXzZM
U1pRdW1hQmhGakluOFJZSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJmyjANBgkqhkiG9w0BAQsFAAOC
AQEAUzqRUDSlVuBUqXOrI1WC8vukHwcTp9M7NLwYDLT7erjVAPX7g8RLn4/xKBkz
o4cBxwM8/1xH6/zTUXyIq82it/iJOQ7SBSjNl1zbV/4elVLpuyQJydDU7va4j/Kn
jBDCh+WW1ciiXsKFbhfaNfB93PG7TSkofX5GvIABIDkgcK4o9y0OCLWpig5kph7F
u6zE92O3RzrCCyJt+eGwtADeoVvRuL+QO6rsSZcxlQh4uRoPrxmZhujfCfAHf5tt
XQZ8yn5Xa4R3UZEuyamcupG0cGD+JyrSZ+9fPPwwdgYthr7nLfbuMOFYP3ZtSA5N
KRX1P8UD9S+Gcm9fxNZlsi4Bkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:47 2024 by rpki-client on console-ams.rpki-client.org