Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/jI4ykyOn7F16MaEYQg0sCfEUZfA.roa
File: jI4ykyOn7F16MaEYQg0sCfEUZfA.roa (raw, json)
Hash identifier: 8M45c8yNff16h7kuMSB7MHExex5XytixqvqRiPg+JAM=
Subject key identifier: 8C:8E:32:93:23:A7:EC:5D:7A:31:A1:18:42:0D:2C:09:F1:14:65:F0
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018616ED36EADBEBABDAE379AAABEF867A0F
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/jI4ykyOn7F16MaEYQg0sCfEUZfA.roa
Signing time: Fri 03 Feb 2023 10:58:10 +0000
ROA not before: Fri 03 Feb 2023 10:58:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 193.111.250.0/24 maxlen: 24
193.111.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:ed:36:ea:db:eb:ab:da:e3:79:aa:ab:ef:86:7a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Feb 3 10:58:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c8e329323a7ec5d7a31a118420d2c09f11465f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f5:7e:c9:2e:86:39:62:76:6e:99:de:9b:a7:
1d:35:31:2c:03:8c:b1:24:0d:27:46:c7:96:6c:eb:
ba:0c:3c:59:a1:ff:c5:9a:19:bd:f7:47:fb:49:b6:
7b:bf:92:3b:54:09:01:60:1d:c4:90:89:ab:d0:32:
63:fb:99:49:49:7a:f3:bf:74:11:cb:f5:15:cd:6c:
2f:e4:75:33:53:41:7f:e8:66:8f:4e:e3:99:b1:6c:
6e:98:d2:5e:36:99:d6:9e:b2:71:34:08:8c:34:5b:
dd:6c:6b:d2:fb:fd:cf:6d:79:75:99:56:e4:00:95:
04:7c:9f:c6:63:94:2b:69:46:c3:5c:c5:05:0e:f0:
7d:66:46:8b:36:dc:4e:94:38:1b:76:aa:ef:a2:07:
50:76:d1:ac:b4:81:7c:20:6b:f6:f7:01:5b:0c:9a:
e9:c9:8f:67:3e:b9:b8:b5:90:64:04:89:0a:1f:5e:
27:f8:f3:8f:14:f8:45:2a:68:2b:77:0e:cb:ba:f5:
0f:ae:11:79:b2:d2:4c:dc:42:19:5a:77:6b:3a:ce:
51:c4:1f:2c:c7:59:f1:a2:3e:ed:4e:7c:7a:e0:80:
62:cc:45:23:eb:1c:cd:bd:8f:d0:87:a8:66:52:be:
f6:83:e4:9e:9d:e0:14:bd:c0:fe:cf:84:86:12:a2:
66:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8E:32:93:23:A7:EC:5D:7A:31:A1:18:42:0D:2C:09:F1:14:65:F0
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/jI4ykyOn7F16MaEYQg0sCfEUZfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.249.0-193.111.250.255
Signature Algorithm: sha256WithRSAEncryption
2e:25:8d:00:e4:d8:32:6d:72:84:b6:4c:02:18:91:44:0e:53:
78:24:dc:9c:a5:ab:b9:3e:53:24:56:a5:31:1c:59:5a:aa:dd:
8e:c1:3a:38:63:ff:ef:80:0c:06:a4:63:9c:50:06:35:38:8e:
06:6f:96:bb:1d:7a:72:a4:c2:e8:91:cf:7e:17:9c:02:cc:5f:
8f:5c:15:48:22:bd:1c:6b:49:92:4d:fc:9e:7e:9e:8d:60:a3:
b6:52:40:dc:cd:3f:f5:e5:df:12:7a:09:8c:16:3a:c2:de:3e:
8a:87:86:d5:2f:71:23:56:3b:59:62:bd:de:dc:29:87:e4:c4:
df:ef:cd:be:96:7f:9b:8e:28:70:7b:4d:3c:3a:a2:f8:b1:cd:
a0:78:f2:30:40:21:35:8f:50:ba:f4:8a:bc:9b:94:77:97:ed:
99:59:69:05:4f:ba:69:a9:2f:4e:e9:c2:21:f4:4a:dd:01:a2:
48:6c:44:fb:fc:49:ec:f2:31:6c:40:ef:f6:29:c2:95:ce:47:
4a:c5:f5:47:ea:7f:fd:13:ee:31:c8:de:65:2b:bd:cf:2b:77:
2a:c5:5f:df:94:6c:4f:1b:89:50:08:b4:e9:13:48:07:29:18:
27:a8:15:a5:b8:38:a5:d5:f4:37:81:6e:77:2c:5b:ec:0f:af:
bb:9b:4c:95
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYYW7Tbq2+ur2uN5qqvvhnoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMjAzMTA1ODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhlMzI5MzIzYTdlYzVkN2EzMWExMTg0MjBkMmMwOWYxMTQ2NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/V+yS6GOWJ2bpnem6cdNTEsA4yx
JA0nRseWbOu6DDxZof/Fmhm990f7SbZ7v5I7VAkBYB3EkImr0DJj+5lJSXrzv3QR
y/UVzWwv5HUzU0F/6GaPTuOZsWxumNJeNpnWnrJxNAiMNFvdbGvS+/3PbXl1mVbk
AJUEfJ/GY5QraUbDXMUFDvB9ZkaLNtxOlDgbdqrvogdQdtGstIF8IGv29wFbDJrp
yY9nPrm4tZBkBIkKH14n+POPFPhFKmgrdw7LuvUPrhF5stJM3EIZWndrOs5RxB8s
x1nxoj7tTnx64IBizEUj6xzNvY/Qh6hmUr72g+SeneAUvcD+z4SGEqJmTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIyOMpMjp+xdejGhGEINLAnxFGXwMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvakk0eWt5T243RjE2TWFFWVFnMHNDZkVVWmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBb/kD
BADBb/owDQYJKoZIhvcNAQELBQADggEBAC4ljQDk2DJtcoS2TAIYkUQOU3gk3Jyl
q7k+UyRWpTEcWVqq3Y7BOjhj/++ADAakY5xQBjU4jgZvlrsdenKkwuiRz34XnALM
X49cFUgivRxrSZJN/J5+no1go7ZSQNzNP/Xl3xJ6CYwWOsLePoqHhtUvcSNWO1li
vd7cKYfkxN/vzb6Wf5uOKHB7TTw6ovixzaB48jBAITWPULr0iryblHeX7ZlZaQVP
ummpL07pwiH0St0BokhsRPv8SezyMWxA7/YpwpXOR0rF9Ufqf/0T7jHI3mUrvc8r
dyrFX9+UbE8biVAItOkTSAcpGCeoFaW4OKXV9DeBbncsW+wPr7ubTJU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:32 2025 by rpki-client