Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/a0IbUbnixoMHPHjfiJAXeRUiQDM.roa
File: a0IbUbnixoMHPHjfiJAXeRUiQDM.roa (raw, json)
Hash identifier: QfPvURT8hR6mOlb6v1BTIjtokB155wdCw8bAwLHt6vs=
Subject key identifier: 6B:42:1B:51:B9:E2:C6:83:07:3C:78:DF:88:90:17:79:15:22:40:33
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 06BAE4A8
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/a0IbUbnixoMHPHjfiJAXeRUiQDM.roa
Signing time: Wed 18 May 2022 19:27:17 +0000
ROA not before: Wed 18 May 2022 19:27:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 193.22.148.0/22 maxlen: 24
91.204.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112911528 (0x6bae4a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: May 18 19:27:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b421b51b9e2c683073c78df8890177915224033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cf:26:e7:45:72:e7:ea:6a:20:69:47:c0:e8:
b2:2a:68:eb:1f:1f:34:4e:52:c8:53:15:e2:01:c1:
97:3a:fe:31:7f:c7:7a:7b:9c:07:b5:26:d8:f3:df:
47:8a:1b:43:e4:9f:49:0e:63:2b:94:95:02:23:ff:
eb:ca:bd:46:11:58:c0:8f:41:f2:bc:0f:fd:cf:b5:
98:50:a8:b2:3e:fa:cf:c7:51:71:49:61:85:f3:72:
ba:a4:dd:dd:e8:96:90:89:c8:57:07:7d:e1:c4:68:
e5:e9:9b:b0:f1:1a:fd:60:d9:4b:4d:94:4e:e5:c6:
53:bf:b5:62:fd:b4:51:9c:08:1f:2e:51:6f:bb:58:
88:d8:45:2f:c0:05:c6:7a:03:64:eb:5b:6f:c8:5c:
1e:0d:58:d1:a7:b0:a6:bd:b5:fd:e7:50:b8:b4:6f:
c3:e7:93:ce:f9:b2:eb:fe:eb:e2:87:23:87:39:ec:
2f:1f:7a:92:f9:23:51:1d:11:1a:b0:45:5d:c6:48:
cf:65:36:c9:91:0f:4c:e8:18:66:3e:2a:88:dd:8e:
c2:57:f8:d6:43:30:0d:27:60:76:82:7c:22:db:fc:
53:d7:46:30:56:30:22:53:0e:ba:4c:61:f1:2a:9a:
12:89:98:be:c3:60:18:d1:d6:d4:d8:2f:0c:93:14:
33:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:42:1B:51:B9:E2:C6:83:07:3C:78:DF:88:90:17:79:15:22:40:33
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/a0IbUbnixoMHPHjfiJAXeRUiQDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.181.0/24
193.22.148.0/22
Signature Algorithm: sha256WithRSAEncryption
44:28:2d:1c:5f:26:07:c2:4c:75:4e:38:e8:65:4c:e9:1f:a5:
9c:3d:df:08:1c:58:29:10:85:c3:73:31:ad:6f:2e:68:35:a5:
ec:7d:79:b2:8f:c9:71:df:49:46:39:97:2c:66:73:bd:27:92:
6e:87:61:0c:3e:5f:bc:a7:88:a7:f0:ec:21:a1:06:df:30:5a:
0e:59:dd:34:48:56:2f:25:fa:8c:de:4a:cd:f6:db:1d:37:29:
c1:a6:02:6e:35:06:85:8e:5a:91:45:86:66:21:79:0d:53:75:
d7:e5:7e:86:36:cd:5c:22:05:dd:24:2a:92:29:27:7d:ab:b8:
eb:44:79:55:fe:aa:77:53:a5:ec:bc:35:6c:73:bb:cd:74:64:
86:4e:f1:9a:c0:a3:ad:ee:2f:dd:d1:d4:24:c1:8e:9a:f3:ad:
9c:48:00:f1:11:5e:45:3b:79:59:8d:59:ca:c0:1d:91:23:9d:
0e:c1:aa:b0:4e:49:e8:e8:25:d9:8c:8d:99:49:b2:1c:8c:2d:
0d:b1:65:02:a0:db:b9:35:eb:a2:a9:29:5c:26:03:1f:e7:b0:
e6:02:38:a2:c0:ba:fe:d6:bc:6c:4b:0b:e0:60:64:04:9c:3a:
1a:ee:17:2f:9f:99:93:70:f9:91:9f:74:6c:fd:48:fe:80:75:
82:38:f0:12
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBrrkqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MDk4MGZiNmFkZTg1OGYyNjUyZTczNjk5MzEyNmM4NTc1OWYwNmQ5MB4XDTIyMDUx
ODE5MjcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI0MjFiNTFiOWUy
YzY4MzA3M2M3OGRmODg5MDE3NzkxNTIyNDAzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7PJudFcufqaiBpR8Dosipo6x8fNE5SyFMV4gHBlzr+MX/H
enucB7Um2PPfR4obQ+SfSQ5jK5SVAiP/68q9RhFYwI9B8rwP/c+1mFCosj76z8dR
cUlhhfNyuqTd3eiWkInIVwd94cRo5embsPEa/WDZS02UTuXGU7+1Yv20UZwIHy5R
b7tYiNhFL8AFxnoDZOtbb8hcHg1Y0aewpr21/edQuLRvw+eTzvmy6/7r4ocjhzns
Lx96kvkjUR0RGrBFXcZIz2U2yZEPTOgYZj4qiN2Owlf41kMwDSdgdoJ8Itv8U9dG
MFYwIlMOukxh8SqaEomYvsNgGNHW1NgvDJMUM50CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRrQhtRueLGgwc8eN+IkBd5FSJAMzAfBgNVHSMEGDAWgBRQmA+2rehY8mUu
c2mTEmyFdZ8G2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VKZ1B0cTNvV1BKbExuTnBreEpzaFhXZkJ0ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvM2M3YWY2LWY0NjYtNGQ4Ny1iOWYxLWNjYTc5YTY5ODIwYS8x
L2EwSWJVYm5peG9NSFBIamZpSkFYZVJVaVFETS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
M2M3YWY2LWY0NjYtNGQ4Ny1iOWYxLWNjYTc5YTY5ODIwYS8xL1VKZ1B0cTNvV1BK
bExuTnBreEpzaFhXZkJ0ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvMtQMEAsEWlDANBgkqhkiG9w0B
AQsFAAOCAQEARCgtHF8mB8JMdU446GVM6R+lnD3fCBxYKRCFw3MxrW8uaDWl7H15
so/Jcd9JRjmXLGZzvSeSbodhDD5fvKeIp/DsIaEG3zBaDlndNEhWLyX6jN5Kzfbb
HTcpwaYCbjUGhY5akUWGZiF5DVN11+V+hjbNXCIF3SQqkiknfau460R5Vf6qd1Ol
7Lw1bHO7zXRkhk7xmsCjre4v3dHUJMGOmvOtnEgA8RFeRTt5WY1ZysAdkSOdDsGq
sE5J6Ogl2YyNmUmyHIwtDbFlAqDbuTXroqkpXCYDH+ew5gI4osC6/ta8bEsL4GBk
BJw6Gu4XL5+Zk3D5kZ90bP1I/oB1gjjwEg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:47 2023 by rpki-client on console-fra.rpki-client.org